tr.xleads.digital Open in urlscan Pro
195.62.75.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tr.xleads.digital/hit/TDGX/04Z/gz/wZNaqViMTe9gBsblFdzeYUu8ywXTJ13AA66bXccW0ZpZ-n7okNv_b4XG75jH_-udkb3SOZtPKQCK3BG6...
Submission: On June 28 via api (June 28th 2022, 7:46:03 am UTC) from IE — Scanned from FR

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 195.62.75.209, located in France and belongs to NP6, FR. The main domain is tr.xleads.digital.
TLS certificate: Issued by R3 on May 1st 2022. Valid for: 3 months.

This is the only time tr.xleads.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	195.62.75.209 195.62.75.209	204371 (NP6) (NP6)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
12	87.98.141.21 87.98.141.21	16276 (OVH) (OVH)
15	3

2 195.62.75.209 (France)

ASN204371 (NP6, FR)
PTR: mail.static.s209.75.bp06.net

tr.xleads.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 87.98.141.21 (France)

ASN16276 (OVH, FR)
PTR: ip21.ip-87-98-141.eu

www.btob.direct	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	btob.direct www.btob.direct	123 KB
2	xleads.digital tr.xleads.digital	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
15	3

	Domain	Requested by
12	www.btob.direct	tr.xleads.digital
2	tr.xleads.digital	tr.xleads.digital
1	fonts.googleapis.com	tr.xleads.digital
15	3

This site contains no links.

Subject Issuer	Validity	Valid
tr.xleads.digital R3	`2022-05-01` - `2022-07-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
btob.direct R3	`2022-05-19` - `2022-08-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tr.xleads.digital/hit/TDGX/04Z/gz/wZNaqViMTe9gBsblFdzeYUu8ywXTJ13AA66bXccW0ZpZ-n7okNv_b4XG75jH_-udkb3SOZtPKQCK3BG6zWv-iZ8x6OcoLaWbFZ2dyT_NSsq8xG8Yi7Zs9gj6bbY0dXG3yeS8_YhK7wdLvDKZF_Y6TOsynI5A3yea7m9myDMGMh0x1VSL-smq0ectL0aWi_xEDS8Ft8eDecj5O9WHldTdpkAA6TKqOiJei1tuoBw3-597wfp5yOb53cmldC4zpb3B6HY4ssrwGGWYpyTknQpAybk-pK7n6vurethYgtbmvTfP4b7pmluCVQynKiyFLXhk_LDTfgpz_csLH24yvH-VYULY8MkOU3E7vyEWjvCrlOiYakFN78p9s1Ll1R1EGjgyMQ9cgNIoVxVMLSEuKkRf0MyAT1XPnQ
Frame ID: 2461311C34AFF048812E8E5E3B5078DF
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

140 kB
Transfer

157 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request wZNaqViMTe9gBsblFdzeYUu8ywXTJ13AA66bXccW0ZpZ-n7okNv_b4XG75jH_-udkb3SOZtPKQCK3BG6zWv-iZ8x6OcoLaWbFZ2dyT_NSsq8xG8Yi7Zs9gj6bbY0dXG3yeS8_YhK7wdLvDKZF_Y6TOsynI5A3yea7m9myDMGMh0x1VSL-smq0ectL0aWi_xEDS8Ft... Show response
tr.xleads.digital/hit/TDGX/04Z/gz/ 30 KB
15 KB 1775ms
1461ms Document
text/html 195.62.75.209
NP6

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/wZNaqViMTe9gBsblFdzeYUu8ywXTJ13AA66bXccW0ZpZ-n7okNv_b4XG75jH_-udkb3SOZtPKQCK3BG6zWv-iZ8x6OcoLaWbFZ2dyT_NSsq8xG8Yi7Zs9gj6bbY0dXG3yeS8_YhK7wdLvDKZF_Y6TOsynI5A3yea7m9myDMGMh0x1VSL-smq0ectL0aWi_xEDS8Ft8eDecj5O9WHldTdpkAA6TKqOiJei1tuoBw3-597wfp5yOb53cmldC4zpb3B6HY4ssrwGGWYpyTknQpAybk-pK7n6vurethYgtbmvTfP4b7pmluCVQynKiyFLXhk_LDTfgpz_csLH24yvH-VYULY8MkOU3E7vyEWjvCrlOiYakFN78p9s1Ll1R1EGjgyMQ9cgNIoVxVMLSEuKkRf0MyAT1XPnQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.62.75.209 , France, ASN204371 (NP6, FR),
Reverse DNS: mail.static.s209.75.bp06.net
Software: /
Resource Hash: d0264a53ef7b74d92e6e974bd45e376cf6d40a70332e97f4fad462c2c1e74e3b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 07:45:57 GMT
Expires: -1
Pragma: no-cache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex, nofollow
X-Time: 1394

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 92ms
34ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tr.xleads.digital
URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/wZNaqViMTe9gBsblFdzeYUu8ywXTJ13AA66bXccW0ZpZ-n7okNv_b4XG75jH_-udkb3SOZtPKQCK3BG6zWv-iZ8x6OcoLaWbFZ2dyT_NSsq8xG8Yi7Zs9gj6bbY0dXG3yeS8_YhK7wdLvDKZF_Y6TOsynI5A3yea7m9myDMGMh0x1VSL-smq0ectL0aWi_xEDS8Ft8eDecj5O9WHldTdpkAA6TKqOiJei1tuoBw3-597wfp5yOb53cmldC4zpb3B6HY4ssrwGGWYpyTknQpAybk-pK7n6vurethYgtbmvTfP4b7pmluCVQynKiyFLXhk_LDTfgpz_csLH24yvH-VYULY8MkOU3E7vyEWjvCrlOiYakFN78p9s1Ll1R1EGjgyMQ9cgNIoVxVMLSEuKkRf0MyAT1XPnQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40d997bf12b5a48716c6c95778c94545b8cf877f4f8de6ed50642b0d04cf1930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 07:45:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Jun 2022 07:45:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jun 2022 07:45:58 GMT

GET
H2 200 logofac.gif
www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/ 3 KB
3 KB 71ms
31ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/logofac.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

be9e90458e947bc13c7c095a582ed308b63ba44cfadf232fb03f0244675cdc6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:45:58 GMT
server: Apache
accept-language: bytes
etag: "b08-5bcf76e0623b2"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 2824
expires: Tue, 05 Jul 2022 07:45:58 GMT

GET
H2 200 main.gif
www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/ 87 KB
87 KB 65ms
42ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/main.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

2e6cb30e1a7c7b38548764c03dad105f15c21e6ca95430c92e7dcaee240d9c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:45:58 GMT
server: Apache
accept-language: bytes
etag: "15b86-5bcf76e060472"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 88966
expires: Tue, 05 Jul 2022 07:45:58 GMT

GET
H2 200 check.gif
www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/ 1 KB
2 KB 55ms
32ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/check.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

66641431bbfb229b5b9b5a893d413678abaede304be4d03509da86637ef7ec70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:45:58 GMT
server: Apache
accept-language: bytes
etag: "57d-5bcf76e061412"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 1405
expires: Tue, 05 Jul 2022 07:45:58 GMT

GET
H2 200 cta2.gif
www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/ 3 KB
3 KB 54ms
31ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/cta2.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

5e6b9352cde2fc1ac6f3aaa935ddc46a12770c15423c687cf370f1ac50eb478a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:45:58 GMT
server: Apache
accept-language: bytes
etag: "ad5-5bcf76e05b651"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 2773
expires: Tue, 05 Jul 2022 07:45:58 GMT

GET
H2 200 title.gif
www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/ 5 KB
6 KB 53ms
30ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/title.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

feb6ff46af66a9a97a233b2a57261e5755be1755e3ecff2e5951add454f1bfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:45:58 GMT
server: Apache
accept-language: bytes
etag: "1597-5bcf76e0642f2"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 5527
expires: Tue, 05 Jul 2022 07:45:58 GMT

GET
H2 200 sample.gif
www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/ 8 KB
8 KB 95ms
72ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/sample.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

464cf4f4330e21758b72548cf5913a037e5a99bdddf4cb0828e460c75e75eb70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:45:58 GMT
server: Apache
accept-language: bytes
etag: "1fba-5bcf76e05a6b1"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 8122
expires: Tue, 05 Jul 2022 07:45:58 GMT

GET
H2 200 argu1.gif
www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/ 2 KB
2 KB 62ms
62ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/argu1.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

12f0aa91995ffddc9e150b16f61976ea131df16f92b73d24e6e917b652ed3a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:45:58 GMT
server: Apache
accept-language: bytes
etag: "606-5bcf76e05e532"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 1542
expires: Tue, 05 Jul 2022 07:45:58 GMT

GET
H2 200 argu2.gif
www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/ 2 KB
2 KB 63ms
62ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/argu2.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

b9974465a5f99b091ffe675a167943e848c4ebd7e281298647e4beda3093edd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:45:58 GMT
server: Apache
accept-language: bytes
etag: "635-5bcf76e05c5f1"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 1589
expires: Tue, 05 Jul 2022 07:45:58 GMT

GET
H2 200 argu3.gif
www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/ 1 KB
2 KB 65ms
65ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/argu3.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

f47fa33287da0a68d123c4086690142724d50e921b80628c51b80d59562bd2e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:45:58 GMT
server: Apache
accept-language: bytes
etag: "5e4-5bcf76e059711"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 1508
expires: Tue, 05 Jul 2022 07:45:58 GMT

GET
H2 200 argu4.gif
www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/ 2 KB
2 KB 64ms
64ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/argu4.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

8632fec7750e84d3c23c3aa22711b9110ee2f83040537fd1ac248afa1f316211

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:45:58 GMT
server: Apache
accept-language: bytes
etag: "647-5bcf76e060472"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 1607
expires: Tue, 05 Jul 2022 07:45:58 GMT

GET
H2 200 cta3.gif
www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/ 3 KB
4 KB 66ms
66ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/cta3.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

1876e13ef4fafde8f385ae7a4e2852479bb5dc4051ce77d54fbdeed09e8369b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:45:58 GMT
server: Apache
accept-language: bytes
etag: "d62-5bcf76e063352"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 3426
expires: Tue, 05 Jul 2022 07:45:58 GMT

GET
H2 200 bien.gif
www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/ 4 KB
4 KB 66ms
65ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2021/4696_Chequedom_0121_solo/images/bien.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

472ad0a906545fb09a98bcf92b9d7b2819053b4343dba1a0e4d3967c1b125e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:45:58 GMT
server: Apache
accept-language: bytes
etag: "f85-5bcf76e058771"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 3973
expires: Tue, 05 Jul 2022 07:45:58 GMT

GET
H/1.1 200
OK xIPTDrxjUuK5HdqlD5-_ChL8eiI0RE8pLw0nfpDrsExCM1QUZTQryETdCJIoszY_wXPA1dmzauuKhIpuVNKAKy8vxwTp6SPb7PYzpZ1uulwa35CCfz4hzyTnK49PbZl1TM_100xkcQTtwr8_-2qxfqs7ZwdlY-nO7MJE9IHpnjCcmz4BkXaW1RM_kE0JVRye9v_DV...
tr.xleads.digital/hit/TDGX/04Z/gz/ 43 B
244 B 31ms
31ms Image
image/gif 195.62.75.209
NP6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/xIPTDrxjUuK5HdqlD5-_ChL8eiI0RE8pLw0nfpDrsExCM1QUZTQryETdCJIoszY_wXPA1dmzauuKhIpuVNKAKy8vxwTp6SPb7PYzpZ1uulwa35CCfz4hzyTnK49PbZl1TM_100xkcQTtwr8_-2qxfqs7ZwdlY-nO7MJE9IHpnjCcmz4BkXaW1RM_kE0JVRye9v_DVr1AkuaydkSZA6TMwGpME6ub6S2JNlqOBPbAqM8K0b8zF29ozGn588QM8pBwr__f91NUqZef9rdldX9ZTgHLVytbkLff3f6NhIkipRnUy8Et8ujtOdpp2wTMQinZvLSdiERoVCHKVLK8pIAP3BFLJ3vPhp4oLUG25qBI8LWYfJrb00Ieiy5xi4SPEZ2UB5GobanY
Requested by: Host: tr.xleads.digital
URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/wZNaqViMTe9gBsblFdzeYUu8ywXTJ13AA66bXccW0ZpZ-n7okNv_b4XG75jH_-udkb3SOZtPKQCK3BG6zWv-iZ8x6OcoLaWbFZ2dyT_NSsq8xG8Yi7Zs9gj6bbY0dXG3yeS8_YhK7wdLvDKZF_Y6TOsynI5A3yea7m9myDMGMh0x1VSL-smq0ectL0aWi_xEDS8Ft8eDecj5O9WHldTdpkAA6TKqOiJei1tuoBw3-597wfp5yOb53cmldC4zpb3B6HY4ssrwGGWYpyTknQpAybk-pK7n6vurethYgtbmvTfP4b7pmluCVQynKiyFLXhk_LDTfgpz_csLH24yvH-VYULY8MkOU3E7vyEWjvCrlOiYakFN78p9s1Ll1R1EGjgyMQ9cgNIoVxVMLSEuKkRf0MyAT1XPnQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.62.75.209 , France, ASN204371 (NP6, FR),
Reverse DNS: mail.static.s209.75.bp06.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/hit/TDGX/04Z/gz/wZNaqViMTe9gBsblFdzeYUu8ywXTJ13AA66bXccW0ZpZ-n7okNv_b4XG75jH_-udkb3SOZtPKQCK3BG6zWv-iZ8x6OcoLaWbFZ2dyT_NSsq8xG8Yi7Zs9gj6bbY0dXG3yeS8_YhK7wdLvDKZF_Y6TOsynI5A3yea7m9myDMGMh0x1VSL-smq0ectL0aWi_xEDS8Ft8eDecj5O9WHldTdpkAA6TKqOiJei1tuoBw3-597wfp5yOb53cmldC4zpb3B6HY4ssrwGGWYpyTknQpAybk-pK7n6vurethYgtbmvTfP4b7pmluCVQynKiyFLXhk_LDTfgpz_csLH24yvH-VYULY8MkOU3E7vyEWjvCrlOiYakFN78p9s1Ll1R1EGjgyMQ9cgNIoVxVMLSEuKkRf0MyAT1XPnQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jun 2022 07:45:57 GMT
Content-Type: image/gif
Cache-Control: no-cache
X-Robots-Tag: noindex, nofollow
X-Time: 0
Content-Length: 43
Expires: -1

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
tr.xleads.digital
www.btob.direct
195.62.75.209
2a00:1450:4001:828::200a
87.98.141.21
12f0aa91995ffddc9e150b16f61976ea131df16f92b73d24e6e917b652ed3a84
1876e13ef4fafde8f385ae7a4e2852479bb5dc4051ce77d54fbdeed09e8369b3
2e6cb30e1a7c7b38548764c03dad105f15c21e6ca95430c92e7dcaee240d9c92
40d997bf12b5a48716c6c95778c94545b8cf877f4f8de6ed50642b0d04cf1930
464cf4f4330e21758b72548cf5913a037e5a99bdddf4cb0828e460c75e75eb70
472ad0a906545fb09a98bcf92b9d7b2819053b4343dba1a0e4d3967c1b125e44
5e6b9352cde2fc1ac6f3aaa935ddc46a12770c15423c687cf370f1ac50eb478a
66641431bbfb229b5b9b5a893d413678abaede304be4d03509da86637ef7ec70
8632fec7750e84d3c23c3aa22711b9110ee2f83040537fd1ac248afa1f316211
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9974465a5f99b091ffe675a167943e848c4ebd7e281298647e4beda3093edd6
be9e90458e947bc13c7c095a582ed308b63ba44cfadf232fb03f0244675cdc6c
d0264a53ef7b74d92e6e974bd45e376cf6d40a70332e97f4fad462c2c1e74e3b
f47fa33287da0a68d123c4086690142724d50e921b80628c51b80d59562bd2e1
feb6ff46af66a9a97a233b2a57261e5755be1755e3ecff2e5951add454f1bfe5

tr.xleads.digital Open in urlscan Pro 195.62.75.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

140 kBTransfer

157 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Indicators

tr.xleads.digital Open in urlscan Pro
195.62.75.209 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

140 kB
Transfer

157 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions