tr.xleads.digital Open in urlscan Pro
195.62.75.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tr.xleads.digital/hit/TDGX/04Z/gz/ovZtOBeTjSfvcCEPZd_xguJ4A7zxOkXRbFc0RF39_JUahQ45mHHykAU0DD_BJWVCmF-O9XeWY79pwhRg...
Submission: On July 18 via api (July 18th 2022, 6:58:54 am UTC) from IE — Scanned from FR

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 195.62.75.209, located in France and belongs to NP6, FR. The main domain is tr.xleads.digital.
TLS certificate: Issued by R3 on June 30th 2022. Valid for: 3 months.

This is the only time tr.xleads.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	195.62.75.209 195.62.75.209	204371 (NP6) (NP6)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
10	87.98.141.21 87.98.141.21	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
15	5

2 195.62.75.209 (France)

ASN204371 (NP6, FR)
PTR: mail.static.s209.75.bp06.net

tr.xleads.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 87.98.141.21 (France)

ASN16276 (OVH, FR)
PTR: ip21.ip-87-98-141.eu

www.btob.direct	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	btob.direct www.btob.direct	335 KB
2	xleads.digital tr.xleads.digital	18 KB
1	gstatic.com fonts.gstatic.com Failed	20 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81	1 KB
15	4

	Domain	Requested by
10	www.btob.direct	tr.xleads.digital
2	tr.xleads.digital	tr.xleads.digital
1	fonts.gstatic.com	tr.xleads.digital fonts.googleapis.com
1	fonts.googleapis.com	tr.xleads.digital
15	4

This site contains no links.

Subject Issuer	Validity	Valid
tr.xleads.digital R3	`2022-06-30` - `2022-09-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
btob.direct R3	`2022-05-19` - `2022-08-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tr.xleads.digital/hit/TDGX/04Z/gz/ovZtOBeTjSfvcCEPZd_xguJ4A7zxOkXRbFc0RF39_JUahQ45mHHykAU0DD_BJWVCmF-O9XeWY79pwhRgNbMDSCA6lXdzGg8wvfIokyYdiPPx9w8ZODjw8xnl4aoYDL2BejAKrYbiROjxl45-JyB0ig3rF_Url7BwKikKsPCACIT2lxF2m7ZIhmvurNI0fTJL5P3_i_b22uCQpbJJU-tUFGysF9xZQz5KL7PhzRFExCLqkyRJ5yl7IesZ9oK0KPpO8m2lGeYQvHl4R75cUn1uWKmtarG0BX73-BG7CuYCT4aE6GpmahVfJDuaUnTr6e7qYNmNVTnddDHS_393Fb1H2mli1Kh8eVHAuUoyldVLqwU3O_uFghxRwKLaXaTkt5eYK9cAv-k6NrmP4Sa3LrZkhrSDU3Nv9Q
Frame ID: 1935AD097E9AB7ACA952B399509DA4DB
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

93 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

374 kB
Transfer

392 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ovZtOBeTjSfvcCEPZd_xguJ4A7zxOkXRbFc0RF39_JUahQ45mHHykAU0DD_BJWVCmF-O9XeWY79pwhRgNbMDSCA6lXdzGg8wvfIokyYdiPPx9w8ZODjw8xnl4aoYDL2BejAKrYbiROjxl45-JyB0ig3rF_Url7BwKikKsPCACIT2lxF2m7ZIhmvurNI0fTJL5P3_i... Show response
tr.xleads.digital/hit/TDGX/04Z/gz/ 38 KB
18 KB 310ms
213ms Document
text/html 195.62.75.209
NP6

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/ovZtOBeTjSfvcCEPZd_xguJ4A7zxOkXRbFc0RF39_JUahQ45mHHykAU0DD_BJWVCmF-O9XeWY79pwhRgNbMDSCA6lXdzGg8wvfIokyYdiPPx9w8ZODjw8xnl4aoYDL2BejAKrYbiROjxl45-JyB0ig3rF_Url7BwKikKsPCACIT2lxF2m7ZIhmvurNI0fTJL5P3_i_b22uCQpbJJU-tUFGysF9xZQz5KL7PhzRFExCLqkyRJ5yl7IesZ9oK0KPpO8m2lGeYQvHl4R75cUn1uWKmtarG0BX73-BG7CuYCT4aE6GpmahVfJDuaUnTr6e7qYNmNVTnddDHS_393Fb1H2mli1Kh8eVHAuUoyldVLqwU3O_uFghxRwKLaXaTkt5eYK9cAv-k6NrmP4Sa3LrZkhrSDU3Nv9Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.62.75.209 , France, ASN204371 (NP6, FR),
Reverse DNS: mail.static.s209.75.bp06.net
Software: /
Resource Hash: c71b94c6e5b14f40e0d266a1b7138131370f3e1618dcbe73e71e9baa6a3b0b30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 18 Jul 2022 06:58:53 GMT
Expires: -1
Pragma: no-cache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex, nofollow
X-Time: 156

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 96ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@900&display=swap

Requested by

Host: tr.xleads.digital
URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/ovZtOBeTjSfvcCEPZd_xguJ4A7zxOkXRbFc0RF39_JUahQ45mHHykAU0DD_BJWVCmF-O9XeWY79pwhRgNbMDSCA6lXdzGg8wvfIokyYdiPPx9w8ZODjw8xnl4aoYDL2BejAKrYbiROjxl45-JyB0ig3rF_Url7BwKikKsPCACIT2lxF2m7ZIhmvurNI0fTJL5P3_i_b22uCQpbJJU-tUFGysF9xZQz5KL7PhzRFExCLqkyRJ5yl7IesZ9oK0KPpO8m2lGeYQvHl4R75cUn1uWKmtarG0BX73-BG7CuYCT4aE6GpmahVfJDuaUnTr6e7qYNmNVTnddDHS_393Fb1H2mli1Kh8eVHAuUoyldVLqwU3O_uFghxRwKLaXaTkt5eYK9cAv-k6NrmP4Sa3LrZkhrSDU3Nv9Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c99c3fbb63e003146a51eb255ba18af77487abc571baefa485cfa8c41282791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 06:48:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Jul 2022 06:58:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Jul 2022 06:58:50 GMT

GET
H2 200 logo_moooncard.png
www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/ 5 KB
5 KB 109ms
66ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/logo_moooncard.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

87af686479b6a2298f48dca007108eb02c7e89b4a55d664a69134e383d8ace78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 06:58:50 GMT
server: Apache
accept-language: bytes
etag: "13c1-5df1ffee7c89e"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 5057
expires: Mon, 25 Jul 2022 06:58:50 GMT

GET
H2 200 mooncard_CTA.gif
www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/ 145 KB
146 KB 69ms
43ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/mooncard_CTA.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

2b7ee29cd75312975d9a5fd13d062825e0f0f0b939be1c0ab5244241cf3a6ee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 06:58:50 GMT
server: Apache
accept-language: bytes
etag: "245f6-5df1ffee4ef77"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 148982
expires: Mon, 25 Jul 2022 06:58:50 GMT

GET
H2 200 mooncard-img_right.png
www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/ 79 KB
79 KB 93ms
67ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/mooncard-img_right.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

8b184b02f46b41f931667c3fe1540eb8ee76635c25fef623000ab81719800f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 06:58:50 GMT
server: Apache
accept-language: bytes
etag: "13a87-5df1ffee940e3"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 80519
expires: Mon, 25 Jul 2022 06:58:50 GMT

GET
H2 200 card_left.png
www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/ 44 KB
44 KB 94ms
68ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/card_left.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

3da9e0f0dac184b5b56e2960b5ba8d63a804775e0cac73e2a2d7dcff3c20848f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 06:58:50 GMT
server: Apache
accept-language: bytes
etag: "b004-5df1ffee5fc9f"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 45060
expires: Mon, 25 Jul 2022 06:58:50 GMT

GET
H2 200 check_1.png
www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/ 950 B
1 KB 93ms
67ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/check_1.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

1829d1dded2cc01155aaca5a0128eeb1ddbc23812a79c1dadde61395870cd766

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 06:58:50 GMT
server: Apache
accept-language: bytes
etag: "3b6-5df1ffee660a9"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 950
expires: Mon, 25 Jul 2022 06:58:50 GMT

GET
H2 200 App_right.png
www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/ 20 KB
20 KB 54ms
29ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/App_right.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

7090619f01a416afb2b052127bb5c0f6398cf65d6be9a2567a8f1ba8ec932ad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 06:58:50 GMT
server: Apache
accept-language: bytes
etag: "4f53-5df1ffee540ff"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 20307
expires: Mon, 25 Jul 2022 06:58:50 GMT

GET
H2 200 cta3.png
www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/ 2 KB
2 KB 59ms
54ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/cta3.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

7e25ca22c3319154eee32490e13816a2608f3f1b37760a13a0f0ca592ebc216e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 06:58:50 GMT
server: Apache
accept-language: bytes
etag: "72a-5df1ffee6b50d"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 1834
expires: Mon, 25 Jul 2022 06:58:50 GMT

GET
H2 200 laptop_mooncard.png
www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/ 19 KB
19 KB 60ms
55ms Image
image/png 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/laptop_mooncard.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

62562f68044dec3ddc7fc703e4526b39df829f341f66772016d62d061511063c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 06:58:50 GMT
server: Apache
accept-language: bytes
etag: "4cde-5df1ffee77ce0"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=604800, private
content-length: 19678
expires: Mon, 25 Jul 2022 06:58:50 GMT

GET
H2 200 cta4.gif
www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/ 9 KB
9 KB 61ms
55ms Image
image/gif 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/cta4.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

68bc45e490c08489da6d02b7cc911e1f8a74f246ee13e9fd95f12db682aebb06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 06:58:50 GMT
server: Apache
accept-language: bytes
etag: "24f3-5df1ffee4aaf8"
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: max-age=604800, private
content-length: 9459
expires: Mon, 25 Jul 2022 06:58:50 GMT

GET
H/1.1 200
OK nrfZ1t0V1JQG837uDAQSXeZHmqhiTrp7tSatZ-bVMX7VoOu_PDnC90X_Xe1If4bv3gEhgUlD9BeGuFZEoDBbTXxpcc-V9Ue-4zXTfqPdF8oEqKiQYvMXjTVG7kRs0-lfpTqqPE85kUTIRjTC9jXXnH8S2fN3LQbV5Yglfzh5Tf9T_HwPc9PPMThp0Cl5Xvxo8ZQDF...
tr.xleads.digital/hit/TDGX/04Z/gz/ 43 B
244 B 36ms
36ms Image
image/gif 195.62.75.209
NP6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/nrfZ1t0V1JQG837uDAQSXeZHmqhiTrp7tSatZ-bVMX7VoOu_PDnC90X_Xe1If4bv3gEhgUlD9BeGuFZEoDBbTXxpcc-V9Ue-4zXTfqPdF8oEqKiQYvMXjTVG7kRs0-lfpTqqPE85kUTIRjTC9jXXnH8S2fN3LQbV5Yglfzh5Tf9T_HwPc9PPMThp0Cl5Xvxo8ZQDFVHYMDQdf9PhJayUFF9DBpP9n8ZiRYUhfvAx4FUeFhwADexiB8vfJ1aVrCY-_l_xyRa2bEnPdTpId4UmeHzPLetJ5XCPogpUkGnbL4zpQLwOQgN3c-aQ8z6bpWGCvVU9wg_aah09_JOMr6rpfvpAGLMBmdZXV3jg1sd_EVCGqiy8awu5cQ6OM0EnMz0bwh75NHo
Requested by: Host: tr.xleads.digital
URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/ovZtOBeTjSfvcCEPZd_xguJ4A7zxOkXRbFc0RF39_JUahQ45mHHykAU0DD_BJWVCmF-O9XeWY79pwhRgNbMDSCA6lXdzGg8wvfIokyYdiPPx9w8ZODjw8xnl4aoYDL2BejAKrYbiROjxl45-JyB0ig3rF_Url7BwKikKsPCACIT2lxF2m7ZIhmvurNI0fTJL5P3_i_b22uCQpbJJU-tUFGysF9xZQz5KL7PhzRFExCLqkyRJ5yl7IesZ9oK0KPpO8m2lGeYQvHl4R75cUn1uWKmtarG0BX73-BG7CuYCT4aE6GpmahVfJDuaUnTr6e7qYNmNVTnddDHS_393Fb1H2mli1Kh8eVHAuUoyldVLqwU3O_uFghxRwKLaXaTkt5eYK9cAv-k6NrmP4Sa3LrZkhrSDU3Nv9Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.62.75.209 , France, ASN204371 (NP6, FR),
Reverse DNS: mail.static.s209.75.bp06.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/hit/TDGX/04Z/gz/ovZtOBeTjSfvcCEPZd_xguJ4A7zxOkXRbFc0RF39_JUahQ45mHHykAU0DD_BJWVCmF-O9XeWY79pwhRgNbMDSCA6lXdzGg8wvfIokyYdiPPx9w8ZODjw8xnl4aoYDL2BejAKrYbiROjxl45-JyB0ig3rF_Url7BwKikKsPCACIT2lxF2m7ZIhmvurNI0fTJL5P3_i_b22uCQpbJJU-tUFGysF9xZQz5KL7PhzRFExCLqkyRJ5yl7IesZ9oK0KPpO8m2lGeYQvHl4R75cUn1uWKmtarG0BX73-BG7CuYCT4aE6GpmahVfJDuaUnTr6e7qYNmNVTnddDHS_393Fb1H2mli1Kh8eVHAuUoyldVLqwU3O_uFghxRwKLaXaTkt5eYK9cAv-k6NrmP4Sa3LrZkhrSDU3Nv9Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 06:58:50 GMT
Content-Type: image/gif
Cache-Control: no-cache
X-Robots-Tag: noindex, nofollow
X-Time: 0
Content-Length: 43
Expires: -1

GET cJZKeOuBrn4kERxqtaUH3bO3LdcAZYWl9Si6vvxL-qU.woff
fonts.gstatic.com/s/opensans/v10/ 0
0

GET
H2 200 mooncard_bg.jpg
www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/ 8 KB
9 KB 31ms
31ms Image
image/jpeg 87.98.141.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.btob.direct/dnews_solo/2022/5011_Moongroup_0422_solo/images/mooncard_bg.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.98.141.21 , France, ASN16276 (OVH, FR),

Reverse DNS

ip21.ip-87-98-141.eu

Software

Apache /

Resource Hash

44b10f3ce218ea70f3990e09b6273d9c3573fd4aa09b89f548f456c902d86a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tr.xleads.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 06:58:50 GMT
server: Apache
accept-language: bytes
etag: "2192-5df1ffee8d91e"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=604800, private
content-length: 8594
expires: Mon, 25 Jul 2022 06:58:50 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 92ms
27ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tr.xleads.digital
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 16:30:46 GMT
x-content-type-options: nosniff
age: 138484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19816
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:08:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jul 2023 16:30:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.gstatic.com
URL: http://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3bO3LdcAZYWl9Si6vvxL-qU.woff

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://tr.xleads.digital/hit/TDGX/04Z/gz/ovZtOBeTjSfvcCEPZd_xguJ4A7zxOkXRbFc0RF39_JUahQ45mHHykAU0DD_BJWVCmF-O9XeWY79pwhRgNbMDSCA6lXdzGg8wvfIokyYdiPPx9w8ZODjw8xnl4aoYDL2BejAKrYbiROjxl45-JyB0ig3rF_Url7BwKikKsPCACIT2lxF2m7ZIhmvurNI0fTJL5P3_i_b22uCQpbJJU-tUFGysF9xZQz5KL7PhzRFExCLqkyRJ5yl7IesZ9oK0KPpO8m2lGeYQvHl4R75cUn1uWKmtarG0BX73-BG7CuYCT4aE6GpmahVfJDuaUnTr6e7qYNmNVTnddDHS_393Fb1H2mli1Kh8eVHAuUoyldVLqwU3O_uFghxRwKLaXaTkt5eYK9cAv-k6NrmP4Sa3LrZkhrSDU3Nv9Q Message: Mixed Content: The page at 'https://tr.xleads.digital/hit/TDGX/04Z/gz/ovZtOBeTjSfvcCEPZd_xguJ4A7zxOkXRbFc0RF39_JUahQ45mHHykAU0DD_BJWVCmF-O9XeWY79pwhRgNbMDSCA6lXdzGg8wvfIokyYdiPPx9w8ZODjw8xnl4aoYDL2BejAKrYbiROjxl45-JyB0ig3rF_Url7BwKikKsPCACIT2lxF2m7ZIhmvurNI0fTJL5P3_i_b22uCQpbJJU-tUFGysF9xZQz5KL7PhzRFExCLqkyRJ5yl7IesZ9oK0KPpO8m2lGeYQvHl4R75cUn1uWKmtarG0BX73-BG7CuYCT4aE6GpmahVfJDuaUnTr6e7qYNmNVTnddDHS_393Fb1H2mli1Kh8eVHAuUoyldVLqwU3O_uFghxRwKLaXaTkt5eYK9cAv-k6NrmP4Sa3LrZkhrSDU3Nv9Q' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3bO3LdcAZYWl9Si6vvxL-qU.woff'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
tr.xleads.digital
www.btob.direct
fonts.gstatic.com
195.62.75.209
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
87.98.141.21
1829d1dded2cc01155aaca5a0128eeb1ddbc23812a79c1dadde61395870cd766
2b7ee29cd75312975d9a5fd13d062825e0f0f0b939be1c0ab5244241cf3a6ee7
2c99c3fbb63e003146a51eb255ba18af77487abc571baefa485cfa8c41282791
3da9e0f0dac184b5b56e2960b5ba8d63a804775e0cac73e2a2d7dcff3c20848f
44b10f3ce218ea70f3990e09b6273d9c3573fd4aa09b89f548f456c902d86a42
62562f68044dec3ddc7fc703e4526b39df829f341f66772016d62d061511063c
68bc45e490c08489da6d02b7cc911e1f8a74f246ee13e9fd95f12db682aebb06
7090619f01a416afb2b052127bb5c0f6398cf65d6be9a2567a8f1ba8ec932ad2
7e25ca22c3319154eee32490e13816a2608f3f1b37760a13a0f0ca592ebc216e
87af686479b6a2298f48dca007108eb02c7e89b4a55d664a69134e383d8ace78
8b184b02f46b41f931667c3fe1540eb8ee76635c25fef623000ab81719800f17
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c71b94c6e5b14f40e0d266a1b7138131370f3e1618dcbe73e71e9baa6a3b0b30
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b

tr.xleads.digital Open in urlscan Pro 195.62.75.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

374 kBTransfer

392 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

tr.xleads.digital Open in urlscan Pro
195.62.75.209 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

374 kB
Transfer

392 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions