tr.xleads.digital Open in urlscan Pro
195.62.75.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tr.xleads.digital/hit/TDGX/04Z/gz/13RYL8hfllUyEiGlbRLkcx1OGHsSFSoGxDLJ27F7iMezLGe9AF2xgYRiH8n853o4s_C1K9S8zvdLrTPB...
Submission: On July 08 via api (July 8th 2022, 6:47:49 am UTC) from IE — Scanned from FR

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 195.62.75.209, located in France and belongs to NP6, FR. The main domain is tr.xleads.digital.
TLS certificate: Issued by R3 on June 30th 2022. Valid for: 3 months.

This is the only time tr.xleads.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	195.62.75.209 195.62.75.209	204371 (NP6) (NP6)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
14	87.98.141.21 87.98.141.21	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
18	4

2 195.62.75.209 (France)

ASN204371 (NP6, FR)
PTR: mail.static.s209.75.bp06.net

tr.xleads.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 87.98.141.21 (France)

ASN16276 (OVH, FR)
PTR: ip21.ip-87-98-141.eu

www.btob.direct	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	btob.direct www.btob.direct	269 KB
2	xleads.digital tr.xleads.digital	13 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
18	4

	Domain	Requested by
14	www.btob.direct	tr.xleads.digital
2	tr.xleads.digital	tr.xleads.digital
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	tr.xleads.digital
18	4

This site contains no links.

Subject Issuer	Validity	Valid
tr.xleads.digital R3	`2022-06-30` - `2022-09-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
btob.direct R3	`2022-05-19` - `2022-08-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tr.xleads.digital/hit/TDGX/04Z/gz/13RYL8hfllUyEiGlbRLkcx1OGHsSFSoGxDLJ27F7iMezLGe9AF2xgYRiH8n853o4s_C1K9S8zvdLrTPBLWutOezkPJbkbuSlUcPBJ8xAbZ6sc3dke3zRORPaNkg6K8Q9xpG95rSRsn-kHUNW20zpA2fY0Mmgztc51bkmfis6PPxG-QaWgwiVt2Auiwq0NyR328SX9ddIBxVNRO46dkkPn5aY64OTfhAqxy7TklNrb2ak79zsNDwNFxvQwrG0Zsxj6oE198b0HpOftRtiFBY1125Ils7SDpqginBwdRvw1pqP0A3R-dneANB_spsiCdZIffTxoNEhRSaB5m5ZAGIB4jPuIapcFAyP8CYc5RAF73fHeDuqcFGL6WbOKn2TqhG_OflJ4Xdjmr8bWLt7IbES5dySdP03
Frame ID: 14CFEEB7EC43BC939AEC03D13D1C8112
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Edenred Ticket Restaurant

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

314 kB
Transfer

329 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 13RYL8hfllUyEiGlbRLkcx1OGHsSFSoGxDLJ27F7iMezLGe9AF2xgYRiH8n853o4s_C1K9S8zvdLrTPBLWutOezkPJbkbuSlUcPBJ8xAbZ6sc3dke3zRORPaNkg6K8Q9xpG95rSRsn-kHUNW20zpA2fY0Mmgztc51bkmfis6PPxG-QaWgwiVt2Auiwq0NyR328SX9... Show response
tr.xleads.digital/hit/TDGX/04Z/gz/ 30 KB
13 KB 368ms
194ms Document
text/html 195.62.75.209
NP6

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/13RYL8hfllUyEiGlbRLkcx1OGHsSFSoGxDLJ27F7iMezLGe9AF2xgYRiH8n853o4s_C1K9S8zvdLrTPBLWutOezkPJbkbuSlUcPBJ8xAbZ6sc3dke3zRORPaNkg6K8Q9xpG95rSRsn-kHUNW20zpA2fY0Mmgztc51bkmfis6PPxG-QaWgwiVt2Auiwq0NyR328SX9ddIBxVNRO46dkkPn5aY64OTfhAqxy7TklNrb2ak79zsNDwNFxvQwrG0Zsxj6oE198b0HpOftRtiFBY1125Ils7SDpqginBwdRvw1pqP0A3R-dneANB_spsiCdZIffTxoNEhRSaB5m5ZAGIB4jPuIapcFAyP8CYc5RAF73fHeDuqcFGL6WbOKn2TqhG_OflJ4Xdjmr8bWLt7IbES5dySdP03
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.62.75.209 , France, ASN204371 (NP6, FR),
Reverse DNS: mail.static.s209.75.bp06.net
Software: /
Resource Hash: ed4563ca293a8704e9da4195359da51fa32241d85e3f5e21c336e19356613f21

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Jul 2022 06:47:44 GMT
Expires: -1
Pragma: no-cache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex, nofollow
X-Time: 140

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 92ms
33ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&display=swap

Requested by

Host: tr.xleads.digital
URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/13RYL8hfllUyEiGlbRLkcx1OGHsSFSoGxDLJ27F7iMezLGe9AF2xgYRiH8n853o4s_C1K9S8zvdLrTPBLWutOezkPJbkbuSlUcPBJ8xAbZ6sc3dke3zRORPaNkg6K8Q9xpG95rSRsn-kHUNW20zpA2fY0Mmgztc51bkmfis6PPxG-QaWgwiVt2Auiwq0NyR328SX9ddIBxVNRO46dkkPn5aY64OTfhAqxy7TklNrb2ak79zsNDwNFxvQwrG0Zsxj6oE198b0HpOftRtiFBY1125Ils7SDpqginBwdRvw1pqP0A3R-dneANB_spsiCdZIffTxoNEhRSaB5m5ZAGIB4jPuIapcFAyP8CYc5RAF73fHeDuqcFGL6WbOKn2TqhG_OflJ4Xdjmr8bWLt7IbES5dySdP03

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f396cfe807b8415db44473bff7c8cdcfe1ea7b518780fd27448010cb742901eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 06:29:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Jul 2022 06:47:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Jul 2022 06:47:44 GMT

GET
H2 200 top.png
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 1 KB
1 KB 95ms
48ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/top.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

0a644f182a4778798cf7ae989a750c46d0aa515dbb8da2d05db9a22926974960

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "44b-5e049015286d1"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 1099
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H2 200 logofac.png
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 3 KB
3 KB 76ms
48ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/logofac.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

6d0da5ae396e90ba8f4ba74bc43169682eb87bc0370b622c8fc767c722b4eef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "c75-5e04901513e47"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 3189
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H2 200 cta0.png
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 5 KB
5 KB 75ms
47ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/cta0.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

e9f5ece531366ce370f130d0528ca9ead7a6afaf60db8eda1682b08455a447b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "14cc-5e049014eb4fb"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 5324
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H2 200 main.gif
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 117 KB
117 KB 73ms
46ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/main.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

1ce5987ac41292d84da13a49ba3a654c4497f6b57d5d71001d2b1b7e53782b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "1d469-5e049014bd06e"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 119913
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H2 200 cta1.png
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 3 KB
3 KB 73ms
46ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/cta1.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

970325d8ce984077493f559810be21691f6490959fbd9b74fd657c3a25475ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "b3b-5e049014f9350"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 2875
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H2 200 cta2.png
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 3 KB
3 KB 74ms
47ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/cta2.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

0a026770287153f33891aa0c49d27ac2d116cd8a648760400c2c18c937146beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "b22-5e049014fe1a7"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 2850
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H2 200 curb.png
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 2 KB
2 KB 68ms
67ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/curb.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

e5b049f4d449d2378cf0e3cd97bc3a6688d4af1bf501e333eb504c52b9df6c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "7cc-5e0490150340b"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 1996
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H2 200 argu1.png
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 2 KB
3 KB 67ms
67ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/argu1.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

33b800f1e602beff49b3948551f7ff167620a952d88610bdc97dba12901658c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "9db-5e049014c2415"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 2523
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H2 200 argu2.png
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 2 KB
3 KB 69ms
68ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/argu2.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

9d8488cbdeef20695e941a8bc984aec4344a00b8887777664b69d3f8fbc6b904

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "91f-5e049014c64e9"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 2335
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H2 200 argu3.png
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 2 KB
3 KB 71ms
70ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/argu3.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

4b61410795f879df90c199ac92ef1035e315854aadc4bb8b47797671eb99700d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "99a-5e049014cdb11"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 2458
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H2 200 argu4.png
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 2 KB
3 KB 71ms
70ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/argu4.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

14c21c378b8140e8960359cb881719575ff66c3c49bf7e745b8fb0a7e14a235a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "927-5e049014db610"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 2343
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H2 200 right.png
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 110 KB
110 KB 70ms
70ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/right.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

68175347b96b9a5c433c7cf9989a9643a2533a900c0dc67d1247a9a72c609e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "1b7c8-5e04901524170"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 112584
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H2 200 bottom.png
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 2 KB
2 KB 69ms
68ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/bottom.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

aeb8224b247f0357bf92fe5a28e805bbb4ffdd3272591155139e66ddb0b8f709

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "679-5e049014e650a"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 1657
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H2 200 elu.png
www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/ 10 KB
10 KB 69ms
69ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5022_Edenred_TR_2_0522_solo/images/elu.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

3c56a2245fce640436aced208b0d04d0497d23f8d196b30edb77c4b021bb6ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:47:44 GMT
server: Apache
accept-language: bytes
etag: "27f1-5e0490150a6b5"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 10225
expires: Fri, 15 Jul 2022 06:47:44 GMT

GET
H/1.1 200
OK cSbnS8MxKLv9IHQHhS2ApDxBReoZmzLSjQOcGgfr-qw2lp8uZYwO26Y4u8XbuJzi6QHVGODA8SVZSMwjbxyYI0i1J6u-u0MhwX5SyA7PE3uexNfywcZV2fQ4CULilTnuxt3pSxADKdFsT0b086tQTGFcQmoELcvaPOA6GJa5DOhBgzeTKz1Vl1cj580G5IgdIFYXS...
tr.xleads.digital/hit/TDGX/04Z/gz/ 43 B
244 B 34ms
33ms Image
image/gif 195.62.75.209
NP6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/cSbnS8MxKLv9IHQHhS2ApDxBReoZmzLSjQOcGgfr-qw2lp8uZYwO26Y4u8XbuJzi6QHVGODA8SVZSMwjbxyYI0i1J6u-u0MhwX5SyA7PE3uexNfywcZV2fQ4CULilTnuxt3pSxADKdFsT0b086tQTGFcQmoELcvaPOA6GJa5DOhBgzeTKz1Vl1cj580G5IgdIFYXSvB2dVEWpi9czCTkNrYICJ07kcfxWNcYKDhsyGq0Ur7nD4zmlQBuufe9N_HtuYgSiEi-cjzI7wHyJ7VktJ9Vl8QXFBxpTOuKXT95AU87O6ktC7r-u72B_2Bz6fA6O-cG0m3lhcTw0vEkP-ZOhjMFAujqNYW0iw2XQprphJHFSAs2xHPRgf07tHnPT9Vg9Wg
Requested by: Host: tr.xleads.digital
URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/13RYL8hfllUyEiGlbRLkcx1OGHsSFSoGxDLJ27F7iMezLGe9AF2xgYRiH8n853o4s_C1K9S8zvdLrTPBLWutOezkPJbkbuSlUcPBJ8xAbZ6sc3dke3zRORPaNkg6K8Q9xpG95rSRsn-kHUNW20zpA2fY0Mmgztc51bkmfis6PPxG-QaWgwiVt2Auiwq0NyR328SX9ddIBxVNRO46dkkPn5aY64OTfhAqxy7TklNrb2ak79zsNDwNFxvQwrG0Zsxj6oE198b0HpOftRtiFBY1125Ils7SDpqginBwdRvw1pqP0A3R-dneANB_spsiCdZIffTxoNEhRSaB5m5ZAGIB4jPuIapcFAyP8CYc5RAF73fHeDuqcFGL6WbOKn2TqhG_OflJ4Xdjmr8bWLt7IbES5dySdP03
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.62.75.209 , France, ASN204371 (NP6, FR),
Reverse DNS: mail.static.s209.75.bp06.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/hit/TDGX/04Z/gz/13RYL8hfllUyEiGlbRLkcx1OGHsSFSoGxDLJ27F7iMezLGe9AF2xgYRiH8n853o4s_C1K9S8zvdLrTPBLWutOezkPJbkbuSlUcPBJ8xAbZ6sc3dke3zRORPaNkg6K8Q9xpG95rSRsn-kHUNW20zpA2fY0Mmgztc51bkmfis6PPxG-QaWgwiVt2Auiwq0NyR328SX9ddIBxVNRO46dkkPn5aY64OTfhAqxy7TklNrb2ak79zsNDwNFxvQwrG0Zsxj6oE198b0HpOftRtiFBY1125Ils7SDpqginBwdRvw1pqP0A3R-dneANB_spsiCdZIffTxoNEhRSaB5m5ZAGIB4jPuIapcFAyP8CYc5RAF73fHeDuqcFGL6WbOKn2TqhG_OflJ4Xdjmr8bWLt7IbES5dySdP03
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 06:47:43 GMT
Content-Type: image/gif
Cache-Control: no-cache
X-Robots-Tag: noindex, nofollow
X-Time: 0
Content-Length: 43
Expires: -1

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
31 KB 82ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tr.xleads.digital
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 17:07:05 GMT
x-content-type-options: nosniff
age: 222039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:07:05 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
tr.xleads.digital
www.btob.direct
195.62.75.209
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
87.98.141.21
0a026770287153f33891aa0c49d27ac2d116cd8a648760400c2c18c937146beb
0a644f182a4778798cf7ae989a750c46d0aa515dbb8da2d05db9a22926974960
14c21c378b8140e8960359cb881719575ff66c3c49bf7e745b8fb0a7e14a235a
1ce5987ac41292d84da13a49ba3a654c4497f6b57d5d71001d2b1b7e53782b08
33b800f1e602beff49b3948551f7ff167620a952d88610bdc97dba12901658c7
3c56a2245fce640436aced208b0d04d0497d23f8d196b30edb77c4b021bb6ab0
4b61410795f879df90c199ac92ef1035e315854aadc4bb8b47797671eb99700d
68175347b96b9a5c433c7cf9989a9643a2533a900c0dc67d1247a9a72c609e22
6d0da5ae396e90ba8f4ba74bc43169682eb87bc0370b622c8fc767c722b4eef5
970325d8ce984077493f559810be21691f6490959fbd9b74fd657c3a25475ff9
9d8488cbdeef20695e941a8bc984aec4344a00b8887777664b69d3f8fbc6b904
aeb8224b247f0357bf92fe5a28e805bbb4ffdd3272591155139e66ddb0b8f709
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
e5b049f4d449d2378cf0e3cd97bc3a6688d4af1bf501e333eb504c52b9df6c00
e9f5ece531366ce370f130d0528ca9ead7a6afaf60db8eda1682b08455a447b6
ed4563ca293a8704e9da4195359da51fa32241d85e3f5e21c336e19356613f21
f396cfe807b8415db44473bff7c8cdcfe1ea7b518780fd27448010cb742901eb

tr.xleads.digital Open in urlscan Pro 195.62.75.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

314 kBTransfer

329 kBSize

0 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Indicators

tr.xleads.digital Open in urlscan Pro
195.62.75.209 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

314 kB
Transfer

329 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions