brand-center.leascorp.fr
3.71.212.92 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
http://brand-center.leascorp.fr/ 5yr old
Effective URL:
https://brand-center.leascorp.fr/ 5yr old
Submission Tags: @phish_report
Submission: On May 25 via api (May 25th 2025, 8:25:13 pm UTC) from FI — Scanned from FR

Summary HTTP 41 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 41 HTTP transactions. The main IP is 3.71.212.92, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is brand-center.leascorp.fr. 5yr old
TLS certificate: Issued by R10 on May 19th 2025. Valid for: 3mo.

This is the only time brand-center.leascorp.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	3.71.212.92 3.71.212.92	16509 (AMAZON-02) (AMAZON-02)
3	13.32.99.93 13.32.99.93	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
1	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.174.226 104.16.174.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
2	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
2	99.86.4.20 99.86.4.20	16509 (AMAZON-02) (AMAZON-02)
3	216.239.34.178 216.239.34.178	15169 (GOOGLE) (GOOGLE)
2	169.150.247.39 169.150.247.39	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	13.32.27.86 13.32.27.86	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	13.32.118.111 13.32.118.111	16509 (AMAZON-02) (AMAZON-02)
1	184.24.77.26 184.24.77.26	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	150.171.22.12 150.171.22.12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	190.2.141.125 190.2.141.125	49981 (WorldStre...) (WorldStream WorldStream B.V.)
1	13.33.187.19 13.33.187.19	16509 (AMAZON-02) (AMAZON-02)
1	3.223.206.143 3.223.206.143	14618 (AMAZON-AES) (AMAZON-AES)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
3	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
41	21

6 3.71.212.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-212-92.eu-central-1.compute.amazonaws.com

brand-center.leascorp.fr 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 13.32.99.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-93.fra60.r.cloudfront.net

static.brandpad.io 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

fonts.googleapis.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.16.174.226 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f8.1e100.net

www.googletagmanager.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

www.youtube.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 99.86.4.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-20.fra6.r.cloudfront.net

depot.brandpad.io 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 216.239.34.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 169.150.247.39 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 169-150-247-39.bunnyinfra.net

scripts.simpleanalyticscdn.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.32.27.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-86.fra56.r.cloudfront.net

cdn.heapanalytics.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.32.118.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-111.fra60.r.cloudfront.net

d2yyd1h5u9mauk.cloudfront.net 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 184.24.77.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a184-24-77-26.deploy.static.akamaitechnologies.com

snap.licdn.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 150.171.22.12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 190.2.141.125 (Naaldwijk, Netherlands)

ASN49981 (WorldStream WorldStream B.V., NL)
PTR: 190-2-141-125.hosted-by-worldstream.net

queue.simpleanalyticscdn.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.33.187.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-19.fra60.r.cloudfront.net

script.hotjar.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.223.206.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-206-143.compute-1.amazonaws.com

heapanalytics.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
6	leascorp.fr brand-center.leascorp.fr 5yr old	14 KB
5	brandpad.io static.brandpad.io 4yr old depot.brandpad.io 4yr old	196 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 64 13yr old region1.google-analytics.com — Cisco Umbrella Rank: 2603 5yr old	22 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 122 11yr old	215 B
3	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 373 9yr old	2 KB
3	simpleanalyticscdn.com scripts.simpleanalyticscdn.com — Cisco Umbrella Rank: 59124 6yr old queue.simpleanalyticscdn.com — Cisco Umbrella Rank: 47166 6yr old	7 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 60 13yr old	354 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1122 10yr old script.hotjar.com — Cisco Umbrella Rank: 1464 10yr old	62 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 4362 13yr old heapanalytics.com — Cisco Umbrella Rank: 3119 13yr old	38 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 225 13yr old	83 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 92 10yr old	13 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 10yr old	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1097 10yr old	15 KB
1	cloudfront.net d2yyd1h5u9mauk.cloudfront.net 8yr old	4 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 334 13yr old	4 KB
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2142 10yr old	12 KB
41	16

	Domain	Requested by
6	brand-center.leascorp.fr	static.brandpad.io
3	www.facebook.com	static.brandpad.io brand-center.leascorp.fr
3	px.ads.linkedin.com	static.brandpad.io brand-center.leascorp.fr
3	www.google-analytics.com	www.googletagmanager.com static.brandpad.io
3	www.googletagmanager.com	brand-center.leascorp.fr www.googletagmanager.com www.google-analytics.com
3	static.brandpad.io	brand-center.leascorp.fr
2	connect.facebook.net	brand-center.leascorp.fr connect.facebook.net
2	scripts.simpleanalyticscdn.com	www.googletagmanager.com
2	depot.brandpad.io	static.brandpad.io
2	www.youtube.com	brand-center.leascorp.fr www.youtube.com
2	fonts.googleapis.com	brand-center.leascorp.fr
1	region1.google-analytics.com	static.brandpad.io
1	heapanalytics.com	brand-center.leascorp.fr
1	script.hotjar.com	static.hotjar.com
1	queue.simpleanalyticscdn.com	brand-center.leascorp.fr
1	snap.licdn.com	brand-center.leascorp.fr
1	d2yyd1h5u9mauk.cloudfront.net	brand-center.leascorp.fr
1	static.hotjar.com	brand-center.leascorp.fr
1	cdn.heapanalytics.com	brand-center.leascorp.fr
1	cdn.jsdelivr.net	brand-center.leascorp.fr
1	player.vimeo.com	brand-center.leascorp.fr
41	21

This site contains links to these domains. Also see Links.

Domain
create.brand-center.leascorp.fr

Subject Issuer	Validity	Valid
brand-center.leascorp.fr R10	`2025-05-19` - `2025-08-17`	3mo	crt.sh
static.brandpad.io Amazon RSA 2048 M03	`2025-01-03` - `2026-02-01`	1yr	crt.sh
upload.video.google.com WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
vimeo.com WE1	`2025-05-19` - `2025-08-17`	3mo	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2025-04-25` - `2026-05-04`	1yr	crt.sh
*.google-analytics.com WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
*.google.com WE2	`2025-04-29` - `2025-07-22`	3mo	crt.sh
depot.brandpad.io Amazon RSA 2048 M02	`2025-01-03` - `2026-02-01`	1yr	crt.sh
scripts.simpleanalyticscdn.com R11	`2025-05-07` - `2025-08-05`	3mo	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2025-03-04` - `2025-06-02`	3mo	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M04	`2025-04-28` - `2026-05-27`	1yr	crt.sh
*.hotjar.com Amazon RSA 2048 M02	`2025-04-22` - `2026-05-22`	1yr	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2025-05-05` - `2026-04-23`	1yr	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2024-12-13` - `2025-12-12`	1yr	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2025-03-16` - `2025-09-16`	6mo	crt.sh
simpleanalyticscdn.com R11	`2025-04-17` - `2025-07-16`	3mo	crt.sh
heapanalytics.com Amazon RSA 2048 M03	`2024-11-18` - `2025-12-17`	1yr	crt.sh

This page contains 1 frames:

Primary Page: https://brand-center.leascorp.fr/
Frame ID: 6D4A7EC8DEB562A447115496AFDE7229
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

leascorp - brand identity, guideline and assets.

Page URL History Show full URLs

http://brand-center.leascorp.fr/ HTTP 307
https://brand-center.leascorp.fr/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

41
Requests

100 %
HTTPS

0 %
IPv6

16
Domains

21
Subdomains

21
IPs

4
Countries

827 kB
Transfer

2648 kB
Size

20
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://create.brand-center.leascorp.fr/login/
Title: Log In

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://brand-center.leascorp.fr/ HTTP 307
https://brand-center.leascorp.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
brand-center.leascorp.fr/
Redirect Chain

http://brand-center.leascorp.fr/
https://brand-center.leascorp.fr/

11 KB
12 KB

193ms
102ms

Document
text/html

3.71.212.92
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://brand-center.leascorp.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.71.212.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-212-92.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4c7d9a26a6cfb71b32207063f8960430dc163c8be2033f024d9b22d3ffcbb3b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: X-CSRFToken
content-length: 11428
content-type: text/html; charset=utf-8
date: Sun, 25 May 2025 20:25:14 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Cookie
x-content-type-options: nosniff
x-csrftoken: IjE1NTRlZmQ5OGM1MzIxMzg4ODhlZjQxYmUzYmY4ZDVjODBkODI2YjAi.aDN8qg.UcX08xNeUNO7O9pLn41B-x82Z2I
x-frame-options: SAMEORIGIN

Redirect headers

Location: https://brand-center.leascorp.fr/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 main.e595d960c0ac9b45d465.css
static.brandpad.io/legacy_fe/brand/ 51 KB
8 KB 149ms
36ms Stylesheet
text/css 13.32.99.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.css

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b2642123dc3af0666b04d66f1c7311df22ac5d92a03eb01851c969b0c449475c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: br
etag: W/"25a9cbe510017778332a81f5f7a19567"
age: 23559
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: acpupvbnXsGKM6cd7A4Qnzv_vKbRzWqL1sx-exA-2KOYIFDTGAwoLA==
date: Sun, 25 May 2025 13:52:36 GMT
content-type: text/css
vary: accept-encoding, Origin
last-modified: Tue, 11 Feb 2025 07:49:40 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
636 B 132ms
50ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Space+Grotesk:ital,wght@0,300;0,400;0,500;0,600;0,700

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

8fdaa98801860bb9cce4bb74aea8d771820e4b1da85059da2d1cf07afd8a7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 25 May 2025 20:25:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 20:25:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 25 May 2025 20:25:14 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 124ms
43ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

5f4edfd6c574a6498def6965e8a5fdb131eb648e809e586cda8c00bd7033b9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 25 May 2025 20:25:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 20:25:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 25 May 2025 18:48:40 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 38 KB
12 KB 146ms
77ms Script
application/javascript 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de3e18f0a84e22082b1e6cff7ce178fe33ff4058f2b41718a9b65fd078291910

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

Content-Encoding: gzip
cf-cache-status: DYNAMIC
Age: 1109
x-backend-server: srv001
expires: Sun, 25 May 2025 20:36:45 GMT
x-player-backend: g
x-cache: HIT, HIT
Date: Sun, 25 May 2025 20:25:14 GMT
Content-Type: application/javascript;charset=utf-8
x-bapp-server
x-served-by: cache-iad-kiad7000082-IAD, cache-par-lfpg1960085-PAR
x-cache-hits: 58, 1068
vary: Accept-Encoding
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Cache-Control: max-age=1800
x-timer: S1748204714.212344,VS0,VE0
Connection: keep-alive
via: 1.1 varnish, 1.1 varnish
CF-RAY: 9457c2c7b980d652-CDG
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 11510
Server: cloudflare

GET
H2 200 vendor.c100ddb6656f1ebf1da1.js Show response
static.brandpad.io/legacy_fe/front/ 507 KB
121 KB 157ms
50ms Script
application/javascript 13.32.99.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://static.brandpad.io/legacy_fe/front/vendor.c100ddb6656f1ebf1da1.js

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f93ab9ac2bf7f36602156d8f94e47f19d86dc8528d82daed8374b3fd8d0dea62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: br
etag: W/"2f0e13d05a93a95929442ae1bfb0fb1b"
age: 7967
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Ik3_3ZdRVL3Bdd32AW7HCORuSiq3S4D6zYBqm2N1iJlieK-H6AfMdQ==
date: Sun, 25 May 2025 18:12:28 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Tue, 11 Feb 2025 07:49:40 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 main.e595d960c0ac9b45d465.js Show response
static.brandpad.io/legacy_fe/brand/ 118 KB
37 KB 188ms
82ms Script
application/javascript 13.32.99.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.js

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-93.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7d746e2587cfec7be0d4a6606d715b3204b8c207fed7d39745dc0812c9bd64ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: br
etag: W/"d329097a83eb93bd918348dcf43c851e"
age: 7967
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: FkNwIPilg_I2hwCoJUBfyqOBoAdjq-LQaSg2dXyMZQNSteqGu1EPFg==
date: Sun, 25 May 2025 18:12:28 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Tue, 11 Feb 2025 07:49:40 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@17.6.1/dist/ 8 KB
4 KB 88ms
29ms Script
application/javascript 104.16.174.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@17.6.1/dist/lazyload.min.js

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.174.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

958f80903c3b00a541c8fe1fde4dfe88c3c4b5aaed4e7497d2fdd2262f3417da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"20cf-/zWFEdu5PN0CPtE1DFxY0PWBlQs"
age: 4121397
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NukuFnjqNi%2B4TXnk0TrWa%2Fg7r7nE5luBz1gvLxbxiPCZKEigD%2B%2F3bPvHSKlSegZkNhGx5My%2Bft2vi8K%2FSCYQZgFFET1To5vDuFRkS8A5lxFQqvSTlBsR0yofnmKlO1HX3f8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sun, 25 May 2025 20:25:14 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230095-FRA, cache-lga21940-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9457c2c77d8500a6-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3069
server: cloudflare
x-jsd-version: 17.6.1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 365 KB
126 KB 162ms
79ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TD7C4N

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e8d72098d0a06739541c3bcf8f9d5a13f17e4d96adb7188900198e52326eb8ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1317:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1317:0"}],}
expires: Sun, 25 May 2025 20:25:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 20:25:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 25 May 2025 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1317:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1317:0
content-length: 128272
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 155ms
66ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

d08c58de75324d44a9d5e928df56ae6e7969e7ed90251fe4e888347874834bb2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: br
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9, ApTXX1w2dkJZuuxlV9csQYg+9ZVXekg+mOu8mS9vb7/V2oeMLKqGC8blgR6ech+eqbhGAgLKPthyai7z89MdTAgAAACLeyJvcmlnaW4iOiJodHRwczovL3d3dy55b3V0dWJlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRG9jdW1lbnRQb2xpY3lJbmNsdWRlSlNDYWxsU3RhY2tzSW5DcmFzaFJlcG9ydHMiLCJleHBpcnkiOjE3NDk1MTM2MDAsImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires: Sun, 25 May 2025 20:25:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
date: Sun, 25 May 2025 20:25:14 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H2 200 Graphik-Regular.woff2
depot.brandpad.io/fonts/ 27 KB
28 KB 149ms
40ms Font
application/font-woff2 99.86.4.20
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://depot.brandpad.io/fonts/Graphik-Regular.woff2

Requested by

Host: static.brandpad.io
URL: https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-20.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0c26c78c1ce20fea8010fb49a8d56ea59026272a5dc4120718d626a14a8cc87f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://brand-center.leascorp.fr
Referer: https://static.brandpad.io/

Response headers

access-control-expose-headers: *
etag: "12185915619bb21543149e6b44c1f01e"
age: 23558
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: CqaJFBo2g8b88Zp24_FRFhNU9QYM808bgWCykgX6Tn6pN-_C2kB7Ig==
date: Sun, 25 May 2025 13:52:37 GMT
content-type: application/font-woff2
last-modified: Mon, 16 Jan 2023 11:51:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27888
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 / Show response
brand-center.leascorp.fr/bugs/ 2 B
523 B 181ms
179ms Fetch
text/html 3.71.212.92
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://brand-center.leascorp.fr/bugs/

Requested by

Host: static.brandpad.io
URL: https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.71.212.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-212-92.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://brand-center.leascorp.fr/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-csrftoken: IjE1NTRlZmQ5OGM1MzIxMzg4ODhlZjQxYmUzYmY4ZDVjODBkODI2YjAi.aDN8qg.UcX08xNeUNO7O9pLn41B-x82Z2I
access-control-expose-headers: X-CSRFToken
x-content-type-options: nosniff
content-length: 2
date: Sun, 25 May 2025 20:25:14 GMT
content-type: text/html; charset=utf-8
vary: Cookie
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 76ms
16ms Script
text/javascript 216.239.34.178
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD7C4N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: gzip
age: 3666
report-to: {"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 25 May 2025 21:24:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 19:24:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:225:0
content-length: 20994
server: Golfe2

GET
H2 200 latest.js Show response
scripts.simpleanalyticscdn.com/ 7 KB
5 KB 128ms
32ms Script
application/javascript 169.150.247.39
CDN77 Datacamp Li...

General

Check archive.org

Download Go to

Full URL: https://scripts.simpleanalyticscdn.com/latest.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD7C4N
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-39.bunnyinfra.net
Software: BunnyCDN-DE1-1082 /
Resource Hash: a965bdafdcbdf6a1bc0a04fb81ee6d5fb86e1fde7a2da4e8998ab3bcf467bdb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: zstd
etag: "64ab8017-1d5b"
cdn-fileserver: 635
date: Sun, 25 May 2025 20:25:14 GMT
cdn-storageserver: DE-680
content-type: application/javascript
vary: Accept-Encoding
cdn-cachedat: 05/22/2025 21:53:31
last-modified: Mon, 10 Jul 2023 03:50:47 GMT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: public, max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 621ef7c8-45de-46e4-8237-2eca0c3a2d75
cdn-requestid: f569a30a9fc9c404d30c6523b5599b34
cdn-pullzone: 103822
cdn-proxyver: 1.28
simple-analytics: true
access-control-allow-origin: *
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1082

GET
H2 200 auto-events.js Show response
scripts.simpleanalyticscdn.com/ 3 KB
2 KB 131ms
34ms Script
application/javascript 169.150.247.39
CDN77 Datacamp Li...

General

Check archive.org

Download Go to

Full URL: https://scripts.simpleanalyticscdn.com/auto-events.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD7C4N
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-39.bunnyinfra.net
Software: BunnyCDN-DE1-1082 /
Resource Hash: 9b0af42637fc5ddf78c5a53922baa0e1588f3754975b9a18d9e487a5c3962ef4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: zstd
etag: "645288d9-acd"
cdn-fileserver: 252
date: Sun, 25 May 2025 20:25:14 GMT
cdn-storageserver: DE-1018
content-type: application/javascript
vary: Accept-Encoding
cdn-cachedat: 05/12/2025 05:00:22
last-modified: Wed, 03 May 2023 16:16:25 GMT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: public, max-age=10800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 621ef7c8-45de-46e4-8237-2eca0c3a2d75
cdn-requestid: ca34f6dcbfbccdd93102a081a0aeb8c2
cdn-pullzone: 103822
cdn-proxyver: 1.27
simple-analytics: true
access-control-allow-origin: *
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1082

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 275 KB
69 KB 66ms
25ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

467389e1c54ff093185c031255951ed7d0b319391f0ab2783dcf81f5671b1d94

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src data: 'nonce-uQiwMqlx' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com;font-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;img-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;media-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;child-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;frame-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;manifest-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;object-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;worker-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 25 May 2025 20:25:14 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src data: 'nonce-uQiwMqlx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4955, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: V8p7+I8dTZvFBjuz8yytUIMBA70hDysztHYWD4i/1m2uhpsmlMG38/jE9gpys9ITkbG0swak2U67XWBlUWlPVw==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-uQiwMqlx' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
content-length: 70852
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 heap-3922783258.js Show response
cdn.heapanalytics.com/js/ 119 KB
38 KB 212ms
137ms Script
application/javascript 13.32.27.86
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3922783258.js

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-86.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

4d10650789434a15990695d5340cc6ce556ce3f17553272cb77e2191a9d46a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: br
etag: W/"1dbc0-K5Qwo7djxkgcQPQG7EwzuHwL368"
age: 40
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 14Rrwi7nER0OXOP9PVV8ifcjbiSnjfSsH1LyO3_bki3kedmxQJ6eQw==
date: Sun, 25 May 2025 20:24:34 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=120
cross-origin-resource-policy: cross-origin
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
server: nginx

GET
H2 200 hotjar-1803067.js Show response
static.hotjar.com/c/ 15 KB
6 KB 168ms
83ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1803067.js?sv=6

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

315c655233329ae152a7ad8d1e6b01727e6ca18e7c11799aca3f20278fc96dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/9f4e319091bdd1c28ee13d199def27c5
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: osS41KnaBXYcDQzKwKS2CP7wqWk9cHvXPe_G87pMPxQJOvGfc2Q3Bg==
date: Sun, 25 May 2025 20:25:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H/1.1 200
OK delighted.js Show response
d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/zw1HLQQVqfChjTJO/ 159 B
4 KB 421ms
343ms Script
text/javascript 13.32.118.111
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/zw1HLQQVqfChjTJO/delighted.js

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-111.fra60.r.cloudfront.net

Software

Resource Hash

bffc53a34a16569907097bdba6121f043e9a2bdc205aae412e23666b0e47ce71

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self' data: https://fonts.gstatic.com http://.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://surveys-web.delighted.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.pendo.io https://app-sj30.marketo.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://rum-static.pingdom.net https://ssl.google-analytics.com https://tagmanager.google.com https://unpkg.com/web-vitals@4/dist/web-vitals.attribution.iife.js https://tpc.googlesyndication.com https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://surveys-web.delighted.com https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://td.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://www.googletagmanager.com; connect-src 'self' https://delighted.com https://.delighted.com https://api.delighted.com https://surveys-web.delighted.com https://accounts.google.com https://api.zapier.com https://zapier.com https://app.pendo.io https://beaconapi.helpscout.net https://chatapi.helpscout.net https://api.weglot.com https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://pendo-static-5802606298267648.storage.googleapis.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://.auryc.com wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

X-Request-Id: 4b6f0bfbd3a465d9197b250ce667f4da
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
Status: 200 OK
X-Cache: Miss from cloudfront
X-UA-Compatible: IE=Edge,chrome=1
X-Amz-Cf-Id: RlByE3dn67nOD5WAd__IJbgr67kBlSTfJxWblG1C_Mc4Eny96f6Tdw==
Date: Sun, 25 May 2025 20:25:14 GMT
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
X-Runtime: 0.011102
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; font-src 'self' data: https://fonts.gstatic.com http://*.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://surveys-web.delighted.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.pendo.io https://app-sj30.marketo.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://rum-static.pingdom.net https://ssl.google-analytics.com https://tagmanager.google.com https://unpkg.com/web-vitals@4/dist/web-vitals.attribution.iife.js https://tpc.googlesyndication.com https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://surveys-web.delighted.com https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://td.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://www.googletagmanager.com; connect-src 'self' https://delighted.com https://*.delighted.com https://api.delighted.com https://surveys-web.delighted.com https://accounts.google.com https://api.zapier.com https://zapier.com https://app.pendo.io https://beaconapi.helpscout.net https://chatapi.helpscout.net https://api.weglot.com https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://pendo-static-5802606298267648.storage.googleapis.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://*.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://*.auryc.com wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
Cache-Control: max-age=120, public
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
Via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA60-P1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
91 KB 58ms
56ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-138071656-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD7C4N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

cc3c9e7dda1d4f1d80b7ef6bae12a4d39ec2fd73a5e9a23a8a13675cc15e6d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Sun, 25 May 2025 20:25:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 20:25:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 25 May 2025 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 92504
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
15 KB 138ms
40ms Script
application/javascript 184.24.77.26
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.77.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a184-24-77-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

8d97f5d782a7ad8d194be7e61a71b88fcec9ea6ba94a97a97cd75387b1ed2e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

cache-control: max-age=86400
content-encoding: gzip
x-cdn-proto: HTTP2
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
content-length: 14695
date: Sun, 25 May 2025 20:25:14 GMT
last-modified: Tue, 20 May 2025 09:32:03 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/59b252b9/www-widgetapi.vflset/ 30 KB
10 KB 27ms
26ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/player/59b252b9/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

sffe /

Resource Hash

db3bce52707bb1e9fdf132a12e1cb1b02eaa43da4e54054d5496cee2ffc520c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: br
age: 5007
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 25 May 2026 19:01:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 19:01:47 GMT
last-modified: Tue, 20 May 2025 04:10:22 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10201
x-xss-protection: 0
server: sffe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
471 B 24ms
23ms XHR
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=541699701&t=pageview&_s=1&dl=https%3A%2F%2Fbrand-center.leascorp.fr%2F&ul=fr-fr&de=UTF-8&dt=leascorp%20-%20brand%20identity%2C%20guideline%20and%20assets.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=1863234183&gjid=1206770961&cid=464065070.1748204715&tid=UA-79772790-5&_gid=21719811.1748204715&_r=1&_slc=1&gtm=45He55l1n71TD7C4Nv72355167za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101509157~102015666~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&npa=1&z=1620477869

Requested by

Host: static.brandpad.io
URL: https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

edcf5cc0fd26e06d468d6c26e2ab1a792c54edd80bc62a32e74db9f5368058f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://brand-center.leascorp.fr/

Response headers

report-to: {"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 20:25:14 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://brand-center.leascorp.fr
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:175:0
content-length: 15
server: Golfe2

GET
H3 200 189893998079769 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 341ms
341ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/189893998079769?v=2.9.203&r=stable&domain=brand-center.leascorp.fr&hme=36c7454c4b078660353e5d4c89e3eaca439a56e5c3ceaadddff6c79ae427835a&ex_m=74%2C128%2C113%2C117%2C65%2C6%2C106%2C73%2C19%2C101%2C93%2C55%2C58%2C183%2C204%2C211%2C207%2C208%2C210%2C32%2C107%2C57%2C81%2C209%2C178%2C181%2C205%2C206%2C191%2C140%2C45%2C196%2C193%2C194%2C37%2C152%2C18%2C54%2C200%2C199%2C142%2C21%2C44%2C2%2C47%2C69%2C70%2C71%2C75%2C97%2C20%2C17%2C100%2C96%2C95%2C114%2C56%2C116%2C42%2C115%2C33%2C98%2C43%2C90%2C29%2C179%2C182%2C149%2C14%2C15%2C16%2C8%2C9%2C28%2C25%2C26%2C61%2C66%2C68%2C79%2C105%2C108%2C30%2C80%2C12%2C10%2C84%2C52%2C24%2C110%2C109%2C111%2C102%2C13%2C23%2C4%2C41%2C78%2C22%2C161%2C136%2C77%2C1%2C99%2C60%2C88%2C36%2C31%2C86%2C87%2C92%2C40%2C7%2C94%2C85%2C48%2C35%2C38%2C0%2C72%2C118%2C91%2C5%2C51%2C50%2C89%2C248%2C176%2C126%2C164%2C157%2C3%2C39%2C67%2C46%2C112%2C49%2C83%2C64%2C63%2C34%2C103%2C62%2C59%2C53%2C82%2C76%2C27%2C104%2C11%2C119

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

7e776e44d2135a6a9eb83fa1945f73ed71d5a90c829ed8faf0ec7f93d17b7252

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src data: 'nonce-ThfPzBko' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com;font-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;img-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;media-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;child-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;frame-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;manifest-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;object-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;worker-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 25 May 2025 20:25:14 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src data: 'nonce-ThfPzBko' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=84, mss=1232, tbw=82291, tp=76, tpl=0, uplat=315, ullat=0
pragma: public
x-fb-debug: wiLHr9uI0lCciyVs34bmkmZm07rQ/exN5N/DhYlEnYqQ+4w0yRgOug53q8p86Xx+XvrP2LpCsV9YZikJWyFBuA==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-ThfPzBko' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 410 KB
137 KB 63ms
62ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8ZPDJ79NTR&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

02e79ff367cccdb24dfece89894fc6f6a65496f8a4c1358f6a602db15c6861d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Sun, 25 May 2025 20:25:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 20:25:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 140068
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 26ms
25ms XHR
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=541699701&t=pageview&_s=1&dl=https%3A%2F%2Fbrand-center.leascorp.fr%2F&ul=fr-fr&de=UTF-8&dt=leascorp%20-%20brand%20identity%2C%20guideline%20and%20assets.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUABBAAAACAAI~&jid=260626152&gjid=1092308189&cid=464065070.1748204715&tid=UA-138071656-1&_gid=21719811.1748204715&_r=1&gtm=457e55l1za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101509157~103116026~103130495~103130497~103200004~103211513~103233427~103252644~103252646~104481633~104481635&jsscut=1&npa=1&z=1463201314

Requested by

Host: static.brandpad.io
URL: https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://brand-center.leascorp.fr/

Response headers

report-to: {"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 20:25:14 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://brand-center.leascorp.fr
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:175:0
content-length: 1
server: Golfe2

POST
H2 200 / Show response
brand-center.leascorp.fr/bugs/ 2 B
523 B 216ms
215ms Fetch
text/html 3.71.212.92
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://brand-center.leascorp.fr/bugs/

Requested by

Host: static.brandpad.io
URL: https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.71.212.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-212-92.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://brand-center.leascorp.fr/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-csrftoken: IjE1NTRlZmQ5OGM1MzIxMzg4ODhlZjQxYmUzYmY4ZDVjODBkODI2YjAi.aDN8qg.UcX08xNeUNO7O9pLn41B-x82Z2I
access-control-expose-headers: X-CSRFToken
x-content-type-options: nosniff
content-length: 2
date: Sun, 25 May 2025 20:25:14 GMT
content-type: text/html; charset=utf-8
vary: Cookie
server: nginx
x-frame-options: SAMEORIGIN

POST
H2 200 / Show response
brand-center.leascorp.fr/bugs/ 2 B
523 B 229ms
228ms Fetch
text/html 3.71.212.92
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://brand-center.leascorp.fr/bugs/

Requested by

Host: static.brandpad.io
URL: https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.71.212.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-212-92.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://brand-center.leascorp.fr/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-csrftoken: IjE1NTRlZmQ5OGM1MzIxMzg4ODhlZjQxYmUzYmY4ZDVjODBkODI2YjAi.aDN8qg.UcX08xNeUNO7O9pLn41B-x82Z2I
access-control-expose-headers: X-CSRFToken
x-content-type-options: nosniff
content-length: 2
date: Sun, 25 May 2025 20:25:14 GMT
content-type: text/html; charset=utf-8
vary: Cookie
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
818 B 236ms
119ms XHR
application/json 150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=1641426&time=1748204714654&url=https%3A%2F%2Fbrand-center.leascorp.fr%2F
Requested by: Host: static.brandpad.io
URL: https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: *
Referer: https://brand-center.leascorp.fr/

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 000635fba105bc252769fe60d0185972
x-msedge-ref: Ref A: 9F88DACCE7B04A13BCE6293FDCDB43AD Ref B: LON04EDGE0607 Ref C: 2025-05-25T20:25:14Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAY1+6EFvCUnaf5g0BhZcg==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 25 May 2025 20:25:13 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2 200 collect
px.ads.linkedin.com/ 0
666 B 306ms
189ms Image
application/javascript 150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1641426&time=1748204714654&url=https%3A%2F%2Fbrand-center.leascorp.fr%2F
Requested by: Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E65CA278CFB44937B7BEE9A673E54A9B Ref B: LON04EDGE0608 Ref C: 2025-05-25T20:25:14Z
x-li-fabric: prod-lor1
x-li-uuid: AAY1+6EGTmGY4MlT6w/mNg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sun, 25 May 2025 20:25:13 GMT
content-type: application/javascript

GET
H2 202 simple.gif
queue.simpleanalyticscdn.com/ 43 B
223 B 130ms
37ms Image
image/gif 190.2.141.125
WorldStream World...

General

Check archive.org

Download Go to Show image

Full URL: https://queue.simpleanalyticscdn.com/simple.gif?version=cdn_latest_11&hostname=brand-center.leascorp.fr&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F136.0.0.0%20Safari%2F537.36&https=true&timezone=Europe%2FParis&page_id=99f061f7-33a4-4084-ad3c-bde8e47035c7&session_id=ee223f43-820d-437e-9e6b-19be33d648e2&sri=false&mobile=false&brands=%5B%5D&os_name=&os_version=&path=%2F&viewport_width=1600&viewport_height=1200&language=fr-FR&screen_width=1600&screen_height=1200&unique=true&id=99f061f7-33a4-4084-ad3c-bde8e47035c7&type=pageview&time=1748204714663
Requested by: Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.2.141.125 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS: 190-2-141-125.hosted-by-worldstream.net
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
simple-analytics-feedback: Thanks for sending this page view!
expires: 0
access-control-allow-origin: *
content-length: 43
date: Sun, 25 May 2025 20:25:14 GMT
content-type: image/gif
simple-analytics-location: not_set

GET
H2 200 modules.f5772d147096c4644991.js Show response
script.hotjar.com/ 224 KB
56 KB 124ms
39ms Script
application/javascript 13.33.187.19
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://script.hotjar.com/modules.f5772d147096c4644991.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1803067.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-19.fra60.r.cloudfront.net

Software

Resource Hash

e40f65481ad4bc0e042c6f3dbe6d011f05fe84e5a5921962f5a8f32c84b8e999

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

x-robots-tag: none
content-encoding: br
etag: "fa00874f2a83ba99ac8632b86a0817c2"
age: 299348
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: rfsE3tl2jbJE_k_6I4VwgY1YWj3PkIdK6slVKWGQd0tehuyk9AEA7A==
date: Thu, 22 May 2025 09:16:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 22 May 2025 09:15:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56750
x-amz-cf-pop: FRA60-P9

GET
H2 200 h
heapanalytics.com/ 37 B
378 B 412ms
196ms Image
image/gif 3.223.206.143
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3922783258&u=7006164774354605&v=4519706309687106&s=7573650382491613&b=web&tv=4.0&z=0&h=%2F&d=brand-center.leascorp.fr&t=leascorp%20-%20brand%20identity%2C%20guideline%20and%20assets.&ts=1748204714697&sch=1200&scw=1600&st=1748204714700&lv=4.23.6&ld=cdn.heapanalytics.com

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.223.206.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-223-206-143.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods: POST, PUT, GET
access-control-allow-origin: *
content-length: 37
date: Sun, 25 May 2025 20:25:15 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 85ms
28ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8ZPDJ79NTR&gtm=45je55l1v9133633216za200&_p=1748204714090&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ul=fr-fr&sr=1600x1200&cid=464065070.1748204715&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbrand-center.leascorp.fr%2F&dt=leascorp%20-%20brand%20identity%2C%20guideline%20and%20assets.&sid=1748204714&sct=1&seg=0&_tu=wAQ&en=page_view&_fv=1&_ss=1&_ee=1&tfd=916
Requested by: Host: static.brandpad.io
URL: https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:99:0
report-to: {"group":"ascnsrsggc:99:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:99:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://brand-center.leascorp.fr
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:99:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 20:25:14 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 / Show response
brand-center.leascorp.fr/bugs/ 2 B
524 B 197ms
196ms Fetch
text/html 3.71.212.92
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://brand-center.leascorp.fr/bugs/

Requested by

Host: static.brandpad.io
URL: https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.71.212.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-212-92.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://brand-center.leascorp.fr/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-csrftoken: IjE1NTRlZmQ5OGM1MzIxMzg4ODhlZjQxYmUzYmY4ZDVjODBkODI2YjAi.aDN8qw.S9xQXu-Rwh_DFhqVOvBQlyqwlk8
access-control-expose-headers: X-CSRFToken
x-content-type-options: nosniff
content-length: 2
date: Sun, 25 May 2025 20:25:15 GMT
content-type: text/html; charset=utf-8
vary: Cookie
server: nginx
x-frame-options: SAMEORIGIN

POST
H2 200 / Show response
brand-center.leascorp.fr/bugs/ 2 B
524 B 211ms
208ms Fetch
text/html 3.71.212.92
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://brand-center.leascorp.fr/bugs/

Requested by

Host: static.brandpad.io
URL: https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.71.212.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-212-92.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://brand-center.leascorp.fr/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-csrftoken: IjE1NTRlZmQ5OGM1MzIxMzg4ODhlZjQxYmUzYmY4ZDVjODBkODI2YjAi.aDN8qw.S9xQXu-Rwh_DFhqVOvBQlyqwlk8
access-control-expose-headers: X-CSRFToken
x-content-type-options: nosniff
content-length: 2
date: Sun, 25 May 2025 20:25:15 GMT
content-type: text/html; charset=utf-8
vary: Cookie
server: nginx
x-frame-options: SAMEORIGIN

GET
H3 200 /
www.facebook.com/privacy_sandbox/topics/registration/ 67 B
0 83ms
48ms Fetch
image/png 157.240.251.35
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/privacy_sandbox/topics/registration/?id=189893998079769

Requested by

Host: static.brandpad.io
URL: https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 127.0.0.1: 'nonce-oubOr1pW' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com .fb.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .fb.com .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

access-control-expose-headers: X-FB-Debug, X-Loader-Length, X-Stack, Error-MID
content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7508482078792643494&cpp=C3&cv=1023181082&st=1748204715015"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
observe-browsing-topics: ?1
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-methods: OPTIONS
alt-svc: h3=":443"; ma=86400
date: Sun, 25 May 2025 20:25:15 GMT
content-type: image/png
vary: Origin, Accept-Encoding
x-fb-debug: nW9ec8lQ9UYhMFFV1/+pnL8WWE28+m2e/aMFdu+WYVuFHDs5+k++AtfFmUUtIBHqDq3tdrzNMqDMUIiWtBOUjA==
priority: u=1,i
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7508482078792643494&cpp=C3&cv=1023181082&st=1748204715015", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-oubOr1pW' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.fb.com *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4957, tp=9, tpl=0, uplat=23, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 76ms
35ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=189893998079769&ev=PageView&dl=https%3A%2F%2Fbrand-center.leascorp.fr%2F&rl=&if=false&ts=1748204714954&sw=1600&sh=1200&v=2.9.203&r=stable&ec=0&o=4126&fbp=fb.1.1748204714950.739063994110623272&ler=empty&cdl=API_unavailable&it=1748204714585&coo=false&rqm=GET

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=23, mss=1232, tbw=4732, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 25 May 2025 20:25:15 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 268ms
227ms Image
image/png 157.240.251.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=189893998079769&ev=PageView&dl=https%3A%2F%2Fbrand-center.leascorp.fr%2F&rl=&if=false&ts=1748204714954&sw=1600&sh=1200&v=2.9.203&r=stable&ec=0&o=4126&fbp=fb.1.1748204714950.739063994110623272&ler=empty&cdl=API_unavailable&it=1748204714585&coo=false&rqm=FGET

Requested by

Host: brand-center.leascorp.fr
URL: https://brand-center.leascorp.fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 127.0.0.1: 'nonce-h5kxLeXx' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com .fb.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .fb.com .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7508482078864199466&cpp=C3&cv=1023181082&st=1748204715027"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 25 May 2025 20:25:15 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: +xCfvk7ElyGe071S6aCQ/FETHr0JYlBr+L//6V/pwlUQVZnr4GCCzv+ajfedKfLUgXmryuDF8+y6X2OnMoJCUg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7508482078864199466&cpp=C3&cv=1023181082&st=1748204715027", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-h5kxLeXx' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.fb.com *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=24, mss=1232, tbw=5372, tp=13, tpl=0, uplat=191, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
203 B 185ms
183ms XHR
text/plain 150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: static.brandpad.io
URL: https://static.brandpad.io/legacy_fe/brand/main.e595d960c0ac9b45d465.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://brand-center.leascorp.fr/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 8359E7972FA447C1AD925CD640F1F765 Ref B: LON04EDGE0608 Ref C: 2025-05-25T20:25:14Z
x-li-fabric: prod-lor1
access-control-allow-credentials: true
x-li-uuid: AAY1+6EJKBGAiZs+hYnYqA==
x-li-proto: http/2
access-control-allow-origin: https://brand-center.leascorp.fr
x-cache: CONFIG_NOCACHE
date: Sun, 25 May 2025 20:25:14 GMT
vary: Origin

GET
H2 200 favicon-32x32.png
depot.brandpad.io/images/ 690 B
1 KB 140ms
76ms Other
image/png 99.86.4.20
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://depot.brandpad.io/images/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-20.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

79e7809892dc4e2107341236b802609462730b50f44482382fa2a9acc1256115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://brand-center.leascorp.fr/

Response headers

etag: "c3a5e4c042cad9f0d168d7081d351d30"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 57epNMUPE73Ctn22ysELwNWKNQvgShDHFNC-asL5zBllczJCwaWB9A==
date: Sun, 25 May 2025 20:25:16 GMT
content-type: image/png
vary: accept-encoding, Origin
last-modified: Mon, 16 Jan 2023 12:24:25 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 690
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

Verdicts & Comments Add Verdict or Comment

63 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vimeo.com/	1970-01-21 05:36:46	Name: __cf_bm Value: fBZsU9px2JImx2COFYwtIHzpeR8Xfy67oBPe3AmchoU-1748204714-1.0.1.1-peZ4kChpi2sT5fKwZCD0qNQ9j58.aC5KQLXU9La7sVS4E_KpQ27mZxZfmfnHzZP8
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 3Kbzi_zOhM55KXGj3Vhm4T4S0bLzAQz0WjsacSurbrU-1748204714214-0.0.1.1-604800000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: NmUEV_v24tY
.youtube.com/	1970-01-21 09:55:56	Name: VISITOR_INFO1_LIVE Value: QhmiNW5DGnI
.youtube.com/	1970-01-21 09:55:56	Name: VISITOR_PRIVACY_METADATA Value: CgJGUhIhEh0SGwsMDg8QERITFBUWFxgZGhscHR4fICEiIyQlJiAY
.youtube.com/	1970-01-21 09:55:56	Name: __Secure-ROLLOUT_TOKEN Value: CKThyqSIraXTShCOkfmHur-NAxiOkfmHur-NAw%3D%3D
.leascorp.fr/	1970-01-21 15:12:44	Name: _ga Value: GA1.2.464065070.1748204715
.leascorp.fr/	1970-01-21 05:38:11	Name: _gid Value: GA1.2.21719811.1748204715
.leascorp.fr/	1970-01-21 05:36:44	Name: _gat_UA-79772790-5 Value: 1
.leascorp.fr/	1970-01-21 05:36:44	Name: _gat_gtag_UA_138071656_1 Value: 1
.leascorp.fr/	1970-01-21 15:04:42	Name: _hp2_id.3922783258 Value: %7B%22userId%22%3A%227006164774354605%22%2C%22pageviewId%22%3A%224519706309687106%22%2C%22sessionId%22%3A%227573650382491613%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.leascorp.fr/	1970-01-21 15:12:44	Name: _ga_8ZPDJ79NTR Value: GS2.2.s1748204714$o1$g0$t1748204714$j0$l0$h0
.leascorp.fr/	1970-01-21 14:22:20	Name: _hjSessionUser_1803067 Value: eyJpZCI6ImJhNWMwNzkyLTYxMDItNWYyOC1iMDkwLWU1Nzc1NTdiZDY4ZiIsImNyZWF0ZWQiOjE3NDgyMDQ3MTQ4NzEsImV4aXN0aW5nIjpmYWxzZX0=
.leascorp.fr/	1970-01-21 05:36:46	Name: _hjSession_1803067 Value: eyJpZCI6IjYwY2ZhYjE5LTBkMDUtNGZlZi05NTliLWQ2NmI0NjZhOTAxMSIsImMiOjE3NDgyMDQ3MTQ4NzIsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.leascorp.fr/	1970-01-21 07:46:20	Name: _fbp Value: fb.1.1748204714950.739063994110623272
.linkedin.com/	1970-01-21 14:22:20	Name: bcookie Value: "v=2&2662dd91-eeee-490e-8243-50e3ae67adff"
.linkedin.com/	1970-01-21 09:55:56	Name: li_gc Value: MTswOzE3NDgyMDQ3MTQ7MjswMjH3IeEs8apUnvKeGObEAPfFg21QGOSBALALn+89DFaiaQ==
.linkedin.com/	1970-01-21 05:38:11	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3620:u=1:x=1:i=1748204714:t=1748291114:v=2:sig=AQHhOvVDLubStCIvigH5hlpu2-BtQoin"
.brand-center.leascorp.fr/	1970-01-21 06:19:56	Name: session Value: eyJfcGVybWFuZW50Ijp0cnVlLCJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiMTU1NGVmZDk4YzUzMjEzODg4OGVmNDFiZTNiZjhkNWM4MGQ4MjZiMCJ9.aDN8qw._6LAYuYazvrjJIgoopqPeuD08Ac
.leascorp.fr/	1970-01-21 05:36:46	Name: _hp2_ses_props.3922783258 Value: %7B%22ts%22%3A1748204714697%2C%22d%22%3A%22brand-center.leascorp.fr%22%2C%22h%22%3A%22%2F%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

brand-center.leascorp.fr
cdn.heapanalytics.com
cdn.jsdelivr.net
connect.facebook.net
d2yyd1h5u9mauk.cloudfront.net
depot.brandpad.io
fonts.googleapis.com
heapanalytics.com
player.vimeo.com
px.ads.linkedin.com
queue.simpleanalyticscdn.com
region1.google-analytics.com
script.hotjar.com
scripts.simpleanalyticscdn.com
snap.licdn.com
static.brandpad.io
static.hotjar.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
104.16.174.226
13.32.118.111
13.32.27.86
13.32.99.93
13.33.187.19
142.250.185.74
142.250.186.46
150.171.22.12
157.240.251.35
157.240.251.9
162.159.128.61
169.150.247.39
172.217.18.8
18.66.102.53
184.24.77.26
190.2.141.125
216.239.32.36
216.239.34.178
3.223.206.143
3.71.212.92
99.86.4.20
02e79ff367cccdb24dfece89894fc6f6a65496f8a4c1358f6a602db15c6861d4
0c26c78c1ce20fea8010fb49a8d56ea59026272a5dc4120718d626a14a8cc87f
315c655233329ae152a7ad8d1e6b01727e6ca18e7c11799aca3f20278fc96dbf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
467389e1c54ff093185c031255951ed7d0b319391f0ab2783dcf81f5671b1d94
4c7d9a26a6cfb71b32207063f8960430dc163c8be2033f024d9b22d3ffcbb3b7
4d10650789434a15990695d5340cc6ce556ce3f17553272cb77e2191a9d46a12
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f4edfd6c574a6498def6965e8a5fdb131eb648e809e586cda8c00bd7033b9bf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79e7809892dc4e2107341236b802609462730b50f44482382fa2a9acc1256115
7d746e2587cfec7be0d4a6606d715b3204b8c207fed7d39745dc0812c9bd64ae
7e776e44d2135a6a9eb83fa1945f73ed71d5a90c829ed8faf0ec7f93d17b7252
8d97f5d782a7ad8d194be7e61a71b88fcec9ea6ba94a97a97cd75387b1ed2e44
8fdaa98801860bb9cce4bb74aea8d771820e4b1da85059da2d1cf07afd8a7808
958f80903c3b00a541c8fe1fde4dfe88c3c4b5aaed4e7497d2fdd2262f3417da
9b0af42637fc5ddf78c5a53922baa0e1588f3754975b9a18d9e487a5c3962ef4
a965bdafdcbdf6a1bc0a04fb81ee6d5fb86e1fde7a2da4e8998ab3bcf467bdb4
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b2642123dc3af0666b04d66f1c7311df22ac5d92a03eb01851c969b0c449475c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bffc53a34a16569907097bdba6121f043e9a2bdc205aae412e23666b0e47ce71
cc3c9e7dda1d4f1d80b7ef6bae12a4d39ec2fd73a5e9a23a8a13675cc15e6d51
d08c58de75324d44a9d5e928df56ae6e7969e7ed90251fe4e888347874834bb2
db3bce52707bb1e9fdf132a12e1cb1b02eaa43da4e54054d5496cee2ffc520c8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de3e18f0a84e22082b1e6cff7ce178fe33ff4058f2b41718a9b65fd078291910
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f65481ad4bc0e042c6f3dbe6d011f05fe84e5a5921962f5a8f32c84b8e999
e8d72098d0a06739541c3bcf8f9d5a13f17e4d96adb7188900198e52326eb8ee
edcf5cc0fd26e06d468d6c26e2ab1a792c54edd80bc62a32e74db9f5368058f4
f93ab9ac2bf7f36602156d8f94e47f19d86dc8528d82daed8374b3fd8d0dea62

brand-center.leascorp.fr 3.71.212.92 Public Scan Open in urlscan Pro

Internal

Effective Hostname

Submitted URL

Effective URL Pivot

Effective IP

Summary

urlscan.io Verdict: No classification

Domain & IP information

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

0 %IPv6

16 Domains

21 Subdomains

21 IPs

4 Countries

827 kBTransfer

2648 kBSize

20 Cookies

1 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

brand-center.leascorp.fr
3.71.212.92 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

0 %
IPv6

16
Domains

21
Subdomains

21
IPs

4
Countries

827 kB
Transfer

2648 kB
Size

20
Cookies

41 HTTP transactions
0 data transactions