tr.xleads.digital Open in urlscan Pro
195.62.75.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tr.xleads.digital/hit/TDGX/04Z/gz/UhQDUzf3tIa9JCOGRT9Ak5DwXwBNyqk8jSI2tj4m1_KZMBowtE-516483tXCyDZLAjk5uILgXBWvilDR...
Submission: On July 04 via api (July 4th 2022, 8:25:19 am UTC) from IE — Scanned from FR

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 195.62.75.209, located in France and belongs to NP6, FR. The main domain is tr.xleads.digital.
TLS certificate: Issued by R3 on June 30th 2022. Valid for: 3 months.

This is the only time tr.xleads.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	195.62.75.209 195.62.75.209	204371 (NP6) (NP6)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
6	87.98.141.21 87.98.141.21	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
11	4

2 195.62.75.209 (France)

ASN204371 (NP6, FR)
PTR: mail.static.s209.75.bp06.net

tr.xleads.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 87.98.141.21 (France)

ASN16276 (OVH, FR)
PTR: ip21.ip-87-98-141.eu

www.btob.direct	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	btob.direct www.btob.direct	32 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	xleads.digital tr.xleads.digital	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1011 B
11	4

	Domain	Requested by
6	www.btob.direct	tr.xleads.digital
2	fonts.gstatic.com	fonts.googleapis.com
2	tr.xleads.digital	tr.xleads.digital
1	fonts.googleapis.com	tr.xleads.digital
11	4

This site contains no links.

Subject Issuer	Validity	Valid
tr.xleads.digital R3	`2022-06-30` - `2022-09-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
btob.direct R3	`2022-05-19` - `2022-08-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tr.xleads.digital/hit/TDGX/04Z/gz/UhQDUzf3tIa9JCOGRT9Ak5DwXwBNyqk8jSI2tj4m1_KZMBowtE-516483tXCyDZLAjk5uILgXBWvilDRV70HH58A2x9WPhF0Yn3Ai3Ob-xuJKbIRcqFw6Azfvva_3b8vsJZPnwBAInVlzY5Uaak6UjgwLsMf_bGzcyr-8bTQx-sK-zk2bRIh0BsOuHACTveJxsONAhx1xZNJieGWKdIgeC1pPfn8if-3JYmbHgfnHd4LO0VuPW10uhf-0qNCPwn4YTp8Z0TpZx6A67PaPnjEpET0Gdyxwn_qld0piDrjZceI5EIiM7eEOaOtgyLBwew2qEskSFkItrCV_1DeDYbbJFQ64GPRvIFPticAH9T1KxcqzRO4-EtzhZIc-SNucWa48MczQu1fj3VXmg_igiVi1Fkc
Frame ID: ABC3085786A638018B76471CF5971D2C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nouveau Galaxy S22 5G, fluidité garantie !

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

66 kB
Transfer

81 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request UhQDUzf3tIa9JCOGRT9Ak5DwXwBNyqk8jSI2tj4m1_KZMBowtE-516483tXCyDZLAjk5uILgXBWvilDRV70HH58A2x9WPhF0Yn3Ai3Ob-xuJKbIRcqFw6Azfvva_3b8vsJZPnwBAInVlzY5Uaak6UjgwLsMf_bGzcyr-8bTQx-sK-zk2bRIh0BsOuHACTveJxsONA... Show response
tr.xleads.digital/hit/TDGX/04Z/gz/ 31 KB
16 KB 282ms
101ms Document
text/html 195.62.75.209
NP6

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/UhQDUzf3tIa9JCOGRT9Ak5DwXwBNyqk8jSI2tj4m1_KZMBowtE-516483tXCyDZLAjk5uILgXBWvilDRV70HH58A2x9WPhF0Yn3Ai3Ob-xuJKbIRcqFw6Azfvva_3b8vsJZPnwBAInVlzY5Uaak6UjgwLsMf_bGzcyr-8bTQx-sK-zk2bRIh0BsOuHACTveJxsONAhx1xZNJieGWKdIgeC1pPfn8if-3JYmbHgfnHd4LO0VuPW10uhf-0qNCPwn4YTp8Z0TpZx6A67PaPnjEpET0Gdyxwn_qld0piDrjZceI5EIiM7eEOaOtgyLBwew2qEskSFkItrCV_1DeDYbbJFQ64GPRvIFPticAH9T1KxcqzRO4-EtzhZIc-SNucWa48MczQu1fj3VXmg_igiVi1Fkc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.62.75.209 , France, ASN204371 (NP6, FR),
Reverse DNS: mail.static.s209.75.bp06.net
Software: /
Resource Hash: 766c5cd431ff2a87fe5deb569865b099e995ba4e0ab60cc24295124cb8186d17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Jul 2022 08:25:12 GMT
Expires: -1
Pragma: no-cache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex, nofollow
X-Time: 31

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1011 B 211ms
34ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap

Requested by

Host: tr.xleads.digital
URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/UhQDUzf3tIa9JCOGRT9Ak5DwXwBNyqk8jSI2tj4m1_KZMBowtE-516483tXCyDZLAjk5uILgXBWvilDRV70HH58A2x9WPhF0Yn3Ai3Ob-xuJKbIRcqFw6Azfvva_3b8vsJZPnwBAInVlzY5Uaak6UjgwLsMf_bGzcyr-8bTQx-sK-zk2bRIh0BsOuHACTveJxsONAhx1xZNJieGWKdIgeC1pPfn8if-3JYmbHgfnHd4LO0VuPW10uhf-0qNCPwn4YTp8Z0TpZx6A67PaPnjEpET0Gdyxwn_qld0piDrjZceI5EIiM7eEOaOtgyLBwew2qEskSFkItrCV_1DeDYbbJFQ64GPRvIFPticAH9T1KxcqzRO4-EtzhZIc-SNucWa48MczQu1fj3VXmg_igiVi1Fkc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c9c0746f2ef86ac23977f074c5ed2a933465b7cb7cf2342069d56d0ef485441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 07:25:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 08:25:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 08:25:13 GMT

GET
H2 200 LOGO_BTE_2x.png
www.btob.direct/dnews_solo/2022/5021_bouygues_samsung_s22_0622_solo/images/ 6 KB
6 KB 199ms
23ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5021_bouygues_samsung_s22_0622_solo/images/LOGO_BTE_2x.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

17244a15f1d21b3877bfa03340cdc8a129f6fce6688a240f0b0177d1dbee6e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:25:13 GMT
server: Apache
accept-language: bytes
etag: "180c-5e1f215388769"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 6156
expires: Mon, 11 Jul 2022 08:25:13 GMT

GET
H2 200 Banner_Email_S22.jpg
www.btob.direct/dnews_solo/2022/5021_bouygues_samsung_s22_0622_solo/images/ 14 KB
14 KB 31ms
30ms Image
image/jpeg 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5021_bouygues_samsung_s22_0622_solo/images/Banner_Email_S22.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

b121454f9fcc5aeb3fe895e19dfe072fea24cf2007043c0efefc068a09684f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:25:13 GMT
server: Apache
accept-language: bytes
etag: "37ca-5e1f21536e1a8"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=604800, private
content-length: 14282
expires: Mon, 11 Jul 2022 08:25:13 GMT

GET
H2 200 Offre_remboursement.png
www.btob.direct/dnews_solo/2022/5021_bouygues_samsung_s22_0622_solo/images/ 4 KB
4 KB 40ms
38ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5021_bouygues_samsung_s22_0622_solo/images/Offre_remboursement.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

c055801ddb401d1a8770d489894b562da4fbb8ea9340b5447056ca26e32d67d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:25:13 GMT
server: Apache
accept-language: bytes
etag: "10d1-5e1f215397688"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 4305
expires: Mon, 11 Jul 2022 08:25:13 GMT

GET
H2 200 Picto_Reconnaissance_empreintex2.png
www.btob.direct/dnews_solo/2022/5021_bouygues_samsung_s22_0622_solo/images/ 2 KB
2 KB 23ms
22ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5021_bouygues_samsung_s22_0622_solo/images/Picto_Reconnaissance_empreintex2.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

ba3f24d7ccca663834331ebcc25d74ad564d0cec9f2ab92b10562d69ef61594f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:25:13 GMT
server: Apache
accept-language: bytes
etag: "878-5e1f2153a72c3"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 2168
expires: Mon, 11 Jul 2022 08:25:13 GMT

GET
H2 200 Picto_Mobil_Cassex2.png
www.btob.direct/dnews_solo/2022/5021_bouygues_samsung_s22_0622_solo/images/ 3 KB
3 KB 31ms
30ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5021_bouygues_samsung_s22_0622_solo/images/Picto_Mobil_Cassex2.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

3ea15a596b345aa99a705f4608957f55bce0b16d21b9cd05cd204dc82194e11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:25:13 GMT
server: Apache
accept-language: bytes
etag: "a47-5e1f21539cc48"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 2631
expires: Mon, 11 Jul 2022 08:25:13 GMT

GET
H2 200 Picto_Multi_devicex2.png
www.btob.direct/dnews_solo/2022/5021_bouygues_samsung_s22_0622_solo/images/ 2 KB
2 KB 38ms
37ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5021_bouygues_samsung_s22_0622_solo/images/Picto_Multi_devicex2.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

a08fea229e1b67a815cc021518bfff87dbeab640c13d3a73399233bfe9954812

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:25:13 GMT
server: Apache
accept-language: bytes
etag: "795-5e1f2153a1eed"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 1941
expires: Mon, 11 Jul 2022 08:25:13 GMT

GET
H/1.1 200
OK uSAOTT_Nc-CO5PTauk_qHA-V6Ihlwr2OdvgJZDlct3y5cBqbudBEB8QCIqva4cOO6i_MoqRY-VedCXY7AEp5sOnpoAAfnj4I6Juxp18DJLcqBFX3JgzKNNc-IjKToDRl1Uw0Vl6i845aLj11rVl142AJnc7N54VNpzv6XghnUIxC_VDsIv51nLegcHPgj4aHnkAqP...
tr.xleads.digital/hit/TDGX/04Z/gz/ 43 B
245 B 51ms
50ms Image
image/gif 195.62.75.209
NP6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/uSAOTT_Nc-CO5PTauk_qHA-V6Ihlwr2OdvgJZDlct3y5cBqbudBEB8QCIqva4cOO6i_MoqRY-VedCXY7AEp5sOnpoAAfnj4I6Juxp18DJLcqBFX3JgzKNNc-IjKToDRl1Uw0Vl6i845aLj11rVl142AJnc7N54VNpzv6XghnUIxC_VDsIv51nLegcHPgj4aHnkAqP_St-UdzyBoVvFSLMF1r45x0ybiHQW-xv903YZNU5mC-vMwWGCqA3ckBPb203Fh46wVia6DOOcgm1BtC23vZw1UjP5W_9PE-1eI8SwkdhENnk77DZK24cJoiJiWUFqcz2FlF_Hcci6A2ORDLvtW1WiUlZNfv3CEvYS6ukVHXZJGzoy2u9KjB6LBxaMRFxJs
Requested by: Host: tr.xleads.digital
URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/UhQDUzf3tIa9JCOGRT9Ak5DwXwBNyqk8jSI2tj4m1_KZMBowtE-516483tXCyDZLAjk5uILgXBWvilDRV70HH58A2x9WPhF0Yn3Ai3Ob-xuJKbIRcqFw6Azfvva_3b8vsJZPnwBAInVlzY5Uaak6UjgwLsMf_bGzcyr-8bTQx-sK-zk2bRIh0BsOuHACTveJxsONAhx1xZNJieGWKdIgeC1pPfn8if-3JYmbHgfnHd4LO0VuPW10uhf-0qNCPwn4YTp8Z0TpZx6A67PaPnjEpET0Gdyxwn_qld0piDrjZceI5EIiM7eEOaOtgyLBwew2qEskSFkItrCV_1DeDYbbJFQ64GPRvIFPticAH9T1KxcqzRO4-EtzhZIc-SNucWa48MczQu1fj3VXmg_igiVi1Fkc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.62.75.209 , France, ASN204371 (NP6, FR),
Reverse DNS: mail.static.s209.75.bp06.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/hit/TDGX/04Z/gz/UhQDUzf3tIa9JCOGRT9Ak5DwXwBNyqk8jSI2tj4m1_KZMBowtE-516483tXCyDZLAjk5uILgXBWvilDRV70HH58A2x9WPhF0Yn3Ai3Ob-xuJKbIRcqFw6Azfvva_3b8vsJZPnwBAInVlzY5Uaak6UjgwLsMf_bGzcyr-8bTQx-sK-zk2bRIh0BsOuHACTveJxsONAhx1xZNJieGWKdIgeC1pPfn8if-3JYmbHgfnHd4LO0VuPW10uhf-0qNCPwn4YTp8Z0TpZx6A67PaPnjEpET0Gdyxwn_qld0piDrjZceI5EIiM7eEOaOtgyLBwew2qEskSFkItrCV_1DeDYbbJFQ64GPRvIFPticAH9T1KxcqzRO4-EtzhZIc-SNucWa48MczQu1fj3VXmg_igiVi1Fkc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 08:25:12 GMT
Content-Type: image/gif
Cache-Control: no-cache
X-Robots-Tag: noindex, nofollow
X-Time: 15
Content-Length: 43
Expires: -1

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 92ms
28ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tr.xleads.digital
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 392369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:25:44 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 88ms
24ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tr.xleads.digital
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 392420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:24:53 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
tr.xleads.digital
www.btob.direct
195.62.75.209
2a00:1450:4001:80b::2003
2a00:1450:4001:828::200a
87.98.141.21
17244a15f1d21b3877bfa03340cdc8a129f6fce6688a240f0b0177d1dbee6e28
3ea15a596b345aa99a705f4608957f55bce0b16d21b9cd05cd204dc82194e11d
5c9c0746f2ef86ac23977f074c5ed2a933465b7cb7cf2342069d56d0ef485441
766c5cd431ff2a87fe5deb569865b099e995ba4e0ab60cc24295124cb8186d17
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a08fea229e1b67a815cc021518bfff87dbeab640c13d3a73399233bfe9954812
b121454f9fcc5aeb3fe895e19dfe072fea24cf2007043c0efefc068a09684f09
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba3f24d7ccca663834331ebcc25d74ad564d0cec9f2ab92b10562d69ef61594f
c055801ddb401d1a8770d489894b562da4fbb8ea9340b5447056ca26e32d67d2

tr.xleads.digital Open in urlscan Pro 195.62.75.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

66 kBTransfer

81 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Indicators

tr.xleads.digital Open in urlscan Pro
195.62.75.209 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

66 kB
Transfer

81 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions