xt.net1leads.co - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 163.172.191.218, located in France and belongs to Online SAS, FR. The main domain is xt.net1leads.co.
TLS certificate: Issued by R3 on May 3rd 2021. Valid for: 3 months.

This is the only time xt.net1leads.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	163.172.191.218 163.172.191.218	12876 (Online SAS) (Online SAS)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
5	3

2 163.172.191.218 (France)

ASN12876 (Online SAS, FR)
PTR: 218-191-172-163.instances.scw.cloud

xt.net1leads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	gstatic.com fonts.gstatic.com	24 KB
2	net1leads.co xt.net1leads.co	51 KB
1	googleapis.com fonts.googleapis.com	500 B
5	3

	Domain	Requested by
2	fonts.gstatic.com	fonts.googleapis.com
2	xt.net1leads.co	xt.net1leads.co
1	fonts.googleapis.com	xt.net1leads.co
5	3

This site contains no links.

Subject Issuer	Validity	Valid
xt.net1leads.co R3	`2021-05-03` - `2021-08-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xt.net1leads.co/?qs=24r2x2y2r2e4s2y233e4340364z294y274o4o4o4t5i5j5g5h463%2094e494e4y5r274m4h4t26406z2k4i5k4t2k454j544k4s2j5t5&lin=13147
Frame ID: 3289C4F7AEA80F685ECAFED00F996515
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

5
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

75 kB
Transfer

76 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request / Show response
xt.net1leads.co/ 695 B
731 B 227ms
163ms Document
text/html 163.172.191.218
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://xt.net1leads.co/?qs=24r2x2y2r2e4s2y233e4340364z294y274o4o4o4t5i5j5g5h463%2094e494e4y5r274m4h4t26406z2k4i5k4t2k454j544k4s2j5t5&lin=13147
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.191.218 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 218-191-172-163.instances.scw.cloud
Software: nginx /
Resource Hash: b9e397d49406d6de3da873474076e91087f3844f585d43a316683e921ef07148

Request headers

Host: xt.net1leads.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Thu, 06 May 2021 12:18:31 GMT
Content-Type: text/html; charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Content-Encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 1 KB
500 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:300,700

Requested by

Host: xt.net1leads.co
URL: https://xt.net1leads.co/?qs=24r2x2y2r2e4s2y233e4340364z294y274o4o4o4t5i5j5g5h463%2094e494e4y5r274m4h4t26406z2k4i5k4t2k454j544k4s2j5t5&lin=13147

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7cc78e7aa44047775e82136db47367128d1d072f3091e23081cdf06aff779946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xt.net1leads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 May 2021 12:16:35 GMT
server: ESF
date: Thu, 06 May 2021 12:18:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 May 2021 12:18:31 GMT

GET
H/1.1 200
OK bg404.jpg
xt.net1leads.co/assets/disparosco/assets/images/ 50 KB
50 KB 167ms
167ms Image
image/jpeg 163.172.191.218
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xt.net1leads.co/assets/disparosco/assets/images/bg404.jpg
Requested by: Host: xt.net1leads.co
URL: https://xt.net1leads.co/?qs=24r2x2y2r2e4s2y233e4340364z294y274o4o4o4t5i5j5g5h463%2094e494e4y5r274m4h4t26406z2k4i5k4t2k454j544k4s2j5t5&lin=13147
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.191.218 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 218-191-172-163.instances.scw.cloud
Software: nginx /
Resource Hash: 479d1a283e4a387539856f59f8dbc02bc278b7beec7a07dbb6bea261ed644cb9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: xt.net1leads.co
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://xt.net1leads.co/?qs=24r2x2y2r2e4s2y233e4340364z294y274o4o4o4t5i5j5g5h463%2094e494e4y5r274m4h4t26406z2k4i5k4t2k454j544k4s2j5t5&lin=13147
Connection: keep-alive
Referer: https://xt.net1leads.co/?qs=24r2x2y2r2e4s2y233e4340364z294y274o4o4o4t5i5j5g5h463%2094e494e4y5r274m4h4t26406z2k4i5k4t2k454j544k4s2j5t5&lin=13147
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 12:18:31 GMT
Last-Modified: Mon, 16 Oct 2017 10:09:16 GMT
Server: nginx
ETag: "59e4854c-c7c2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51138

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v9/ 11 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v9/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:300,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://xt.net1leads.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:55:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:52 GMT
server: sffe
age: 213776
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11720
x-xss-protection: 0
expires: Wed, 04 May 2022 00:55:35 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v9/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v9/NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:300,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28aebd8c19a07c1e0069b7bda013aa6d65debb6804189b80845a29f3a51f6b07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://xt.net1leads.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 21:40:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:37 GMT
server: sffe
age: 139092
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12488
x-xss-protection: 0
expires: Wed, 04 May 2022 21:40:19 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
xt.net1leads.co
163.172.191.218
2a00:1450:4001:802::2003
2a00:1450:4001:813::200a
0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d
28aebd8c19a07c1e0069b7bda013aa6d65debb6804189b80845a29f3a51f6b07
479d1a283e4a387539856f59f8dbc02bc278b7beec7a07dbb6bea261ed644cb9
7cc78e7aa44047775e82136db47367128d1d072f3091e23081cdf06aff779946
b9e397d49406d6de3da873474076e91087f3844f585d43a316683e921ef07148

xt.net1leads.co Open in urlscan Pro 163.172.191.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

75 kBTransfer

76 kBSize

0 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Indicators

xt.net1leads.co Open in urlscan Pro
163.172.191.218 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

75 kB
Transfer

76 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions