app.lead-concept.com Open in urlscan Pro
163.172.106.186 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.lead-concept.com/iframe/
Submission: On September 15 via manual (September 15th 2023, 2:05:02 pm UTC) from FR — Scanned from FR

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 20 HTTP transactions. The main IP is 163.172.106.186, located in France and belongs to Online SAS, FR. The main domain is app.lead-concept.com.
TLS certificate: Issued by R3 on July 22nd 2023. Valid for: 3 months.

This is the only time app.lead-concept.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	163.172.106.186 163.172.106.186	12876 (Online SAS) (Online SAS)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
20	5

11 163.172.106.186 (France)

ASN12876 (Online SAS, FR)
PTR: sd-120606.dedibox.fr

app.lead-concept.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
qual.lead-concept.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	lead-concept.com app.lead-concept.com qual.lead-concept.com	127 KB
3	gstatic.com www.gstatic.com	391 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	30 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3038	40 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 918	24 KB
20	5

	Domain	Requested by
10	app.lead-concept.com	app.lead-concept.com
3	www.gstatic.com	www.google.com
3	www.google.com	app.lead-concept.com www.gstatic.com www.google.com
2	stackpath.bootstrapcdn.com	app.lead-concept.com
1	qual.lead-concept.com	app.lead-concept.com
1	code.jquery.com	app.lead-concept.com
20	6

This site contains no links.

Subject Issuer	Validity	Valid
app.lead-concept.com R3	`2023-07-22` - `2023-10-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
qual.lead-concept.com R3	`2023-07-22` - `2023-10-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://app.lead-concept.com/iframe/
Frame ID: C395293D98C1756EAFCB888B3836257C
Requests: 2 HTTP requests in this frame

Frame: https://app.lead-concept.com/iframe/params/source=website&id=2?initialWidth=1000&childId=lc-6504648ae2dfd&parentTitle=&parentUrl=https%3A%2F%2Fapp.lead-concept.com%2Fiframe%2F
Frame ID: D4BBC9F24851EC7506CF1C4B158EA339
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeeBu0ZAAAAAN7nl4RS8bdGUofgkv86enHwPj9n&co=aHR0cHM6Ly9hcHAubGVhZC1jb25jZXB0LmNvbTo0NDM.&hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=ribe9egcsxsn
Frame ID: 53D5EA96E8D168447B7FA20456AF75A5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

20
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

4
Countries

612 kB
Transfer

1793 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
app.lead-concept.com/iframe/ 797 B
2 KB 105ms
39ms Document
text/html 163.172.106.186
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.lead-concept.com/iframe/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.172.106.186 , France, ASN12876 (Online SAS, FR),

Reverse DNS

sd-120606.dedibox.fr

Software

Apache /

Resource Hash

8457be373e2450fc9861b089627a4417675ea4466959a4f1ecb4cd4ee33267e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 491
Content-Type: text/html; charset=UTF-8
Date: Fri, 15 Sep 2023 14:04:58 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Security-Policy: allow 'self';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK iframes.js Show response
app.lead-concept.com/js/iframe/ 27 KB
7 KB 22ms
21ms Script
application/javascript 163.172.106.186
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.lead-concept.com/js/iframe/iframes.js

Requested by

Host: app.lead-concept.com
URL: https://app.lead-concept.com/iframe/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.172.106.186 , France, ASN12876 (Online SAS, FR),

Reverse DNS

sd-120606.dedibox.fr

Software

Apache /

Resource Hash

b6319f85edeaa4973b25753942d86f964ad3f180dbbb997086c2efd43f6c5fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.lead-concept.com/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 14:04:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 23 Feb 2023 08:37:11 GMT
Server: Apache
ETag: "6bc6-5f559eb3b9bc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6203
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: allow 'self';

GET
H/1.1 200
OK source=website&id=2 Show response
app.lead-concept.com/iframe/params/ Frame D4BB 26 KB
5 KB 61ms
61ms Document
text/html 163.172.106.186
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.lead-concept.com/iframe/params/source=website&id=2?initialWidth=1000&childId=lc-6504648ae2dfd&parentTitle=&parentUrl=https%3A%2F%2Fapp.lead-concept.com%2Fiframe%2F

Requested by

Host: app.lead-concept.com
URL: https://app.lead-concept.com/js/iframe/iframes.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.172.106.186 , France, ASN12876 (Online SAS, FR),

Reverse DNS

sd-120606.dedibox.fr

Software

Apache /

Resource Hash

fa26bd4db9a31d622fbcd57a28a33db1f1bea8f40cb7f57eb2d7e27a06521c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.lead-concept.com/iframe/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4062
Content-Type: text/html; charset=UTF-8
Date: Fri, 15 Sep 2023 14:04:58 GMT
Keep-Alive: timeout=5, max=98
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Security-Policy: allow 'self';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ Frame D4BB 157 KB
24 KB 90ms
36ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: app.lead-concept.com
URL: https://app.lead-concept.com/iframe/params/source=website&id=2?initialWidth=1000&childId=lc-6504648ae2dfd&parentTitle=&parentUrl=https%3A%2F%2Fapp.lead-concept.com%2Fiframe%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.lead-concept.com/
Origin: https://app.lead-concept.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 14:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1074
age: 16637595
cdn-cachedat: 01/15/2023 23:14:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"3afe15e976734d9daac26310110c4594"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e82e17ddf1e8c55e1a7d870b6d7c55f7
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 80716c01bcbfd55c-CDG
cdn-requestpullsuccess: True

GET
H/1.1 200
OK style.css
app.lead-concept.com/css/iframe/1/ Frame D4BB 10 KB
3 KB 26ms
21ms Stylesheet
text/css 163.172.106.186
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.lead-concept.com/css/iframe/1/style.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.172.106.186 , France, ASN12876 (Online SAS, FR),

Reverse DNS

sd-120606.dedibox.fr

Software

Apache /

Resource Hash

03c38b2c2d970bb80926ff13c5d3118f32fe08ebb8041060e3a51f5d3154ea78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.lead-concept.com/iframe/params/source=website&id=2?initialWidth=1000&childId=lc-6504648ae2dfd&parentTitle=&parentUrl=https%3A%2F%2Fapp.lead-concept.com%2Fiframe%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 14:04:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 22 Jun 2022 10:35:59 GMT
Server: Apache
ETag: "26ed-5e206e72af86b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2217
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: allow 'self';

GET
H2 200 jquery-3.5.1.slim.min.js Show response
code.jquery.com/ Frame D4BB 71 KB
24 KB 86ms
29ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by: Host: app.lead-concept.com
URL: https://app.lead-concept.com/iframe/params/source=website&id=2?initialWidth=1000&childId=lc-6504648ae2dfd&parentTitle=&parentUrl=https%3A%2F%2Fapp.lead-concept.com%2Fiframe%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Referer: https://app.lead-concept.com/
Origin: https://app.lead-concept.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 14:04:58 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-11abc"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1694786698.cdn4-pxy220-cdg02.pa1.evs,1694786698.cds228.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 24606

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/ Frame D4BB 59 KB
16 KB 82ms
30ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.lead-concept.com/
Origin: https://app.lead-concept.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 14:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 951
age: 16637413
cdn-cachedat: 07/25/2022 03:11:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"6bea60c34c5db6797150610dacdc6bce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 6ef8cefe406c6ed9e010108f1a63a390
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 80716c01bcc0d55c-CDG
cdn-requestpullsuccess: True

GET
H/1.1 200
OK vendor.bundle.base.js Show response
app.lead-concept.com/vendors/js/ Frame D4BB 185 KB
58 KB 55ms
27ms Script
application/javascript 163.172.106.186
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.lead-concept.com/vendors/js/vendor.bundle.base.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.172.106.186 , France, ASN12876 (Online SAS, FR),

Reverse DNS

sd-120606.dedibox.fr

Software

Apache /

Resource Hash

4f50453f7cd5f72302963a1e7b34107c8d8c0b2527b9955f8a92699131675ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.lead-concept.com/iframe/params/source=website&id=2?initialWidth=1000&childId=lc-6504648ae2dfd&parentTitle=&parentUrl=https%3A%2F%2Fapp.lead-concept.com%2Fiframe%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 14:04:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 15 Apr 2021 14:42:57 GMT
Server: Apache
ETag: "2e3f8-5c003e1115e40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 58946
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: allow 'self';

GET
H/1.1 200
OK jquery.inputmask.bundle.js Show response
app.lead-concept.com/js/ Frame D4BB 179 KB
33 KB 67ms
24ms Script
application/javascript 163.172.106.186
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.lead-concept.com/js/jquery.inputmask.bundle.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.172.106.186 , France, ASN12876 (Online SAS, FR),

Reverse DNS

sd-120606.dedibox.fr

Software

Apache /

Resource Hash

337d969ba2c38ae6fd217f2b723b4956b5a7d296d5c65bc2da6a0122695da0a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.lead-concept.com/iframe/params/source=website&id=2?initialWidth=1000&childId=lc-6504648ae2dfd&parentTitle=&parentUrl=https%3A%2F%2Fapp.lead-concept.com%2Fiframe%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 14:04:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 25 May 2021 14:53:57 GMT
Server: Apache
ETag: "2ca44-5c328b20f2b40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33170
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: allow 'self';

GET
H/1.1 200
OK script.js Show response
app.lead-concept.com/js/iframe/1/ Frame D4BB 31 KB
7 KB 62ms
19ms Script
application/javascript 163.172.106.186
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.lead-concept.com/js/iframe/1/script.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.172.106.186 , France, ASN12876 (Online SAS, FR),

Reverse DNS

sd-120606.dedibox.fr

Software

Apache /

Resource Hash

06724f9d6dc5d36945b5dbdd71b66d8973ef9896377871644b415b8330b695aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.lead-concept.com/iframe/params/source=website&id=2?initialWidth=1000&childId=lc-6504648ae2dfd&parentTitle=&parentUrl=https%3A%2F%2Fapp.lead-concept.com%2Fiframe%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 14:04:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 15 Mar 2023 15:19:24 GMT
Server: Apache
ETag: "7ce7-5f6f1de7f7700-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6442
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: allow 'self';

GET
H/1.1 200
OK generate.js Show response
app.lead-concept.com/js/iframe/1/ Frame D4BB 22 KB
6 KB 64ms
19ms Script
application/javascript 163.172.106.186
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.lead-concept.com/js/iframe/1/generate.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.172.106.186 , France, ASN12876 (Online SAS, FR),

Reverse DNS

sd-120606.dedibox.fr

Software

Apache /

Resource Hash

50983a58d4e417efe4b2c5a0b263007e5cd192f6393dffd6ef5c315d36ab8517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.lead-concept.com/iframe/params/source=website&id=2?initialWidth=1000&childId=lc-6504648ae2dfd&parentTitle=&parentUrl=https%3A%2F%2Fapp.lead-concept.com%2Fiframe%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 14:04:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 08 Dec 2022 15:35:10 GMT
Server: Apache
ETag: "578d-5ef52c846e780-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5711
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: allow 'self';

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame D4BB 1 KB
1 KB 103ms
38ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeeBu0ZAAAAAN7nl4RS8bdGUofgkv86enHwPj9n

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d384f23204a538809745b124bdd3aaa2637366e783bea77efdf3049464ba3c74

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.lead-concept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 14:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 862
x-xss-protection: 1; mode=block
expires: Fri, 15 Sep 2023 14:04:58 GMT

GET
H/1.1 200
OK check.svg
qual.lead-concept.com/images/svg/ Frame D4BB 788 B
1 KB 91ms
19ms Image
image/svg+xml 163.172.106.186
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qual.lead-concept.com/images/svg/check.svg

Requested by

Host: app.lead-concept.com
URL: https://app.lead-concept.com/css/iframe/1/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.172.106.186 , France, ASN12876 (Online SAS, FR),

Reverse DNS

sd-120606.dedibox.fr

Software

Apache /

Resource Hash

8de5c221f464c909b692c7ec6d7cddac65ef3b65fec20e9d50d8e3c47bcfd713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.lead-concept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 14:04:58 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 21 Jul 2022 11:20:22 GMT
Server: Apache
ETag: "314-5e44ee74cf020"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 788

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame D4BB 456 KB
184 KB 86ms
25ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeeBu0ZAAAAAN7nl4RS8bdGUofgkv86enHwPj9n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ce37ea84857112dcc89ee3ffbb8f40e997280dbdd8d19fab36e53ccc0ed4afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.lead-concept.com/
Origin: https://app.lead-concept.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 22:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187392
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Sep 2024 22:40:54 GMT

GET
H/1.1 200
OK emails.json Show response
app.lead-concept.com/ Frame D4BB 509 B
937 B 19ms
18ms XHR
application/json 163.172.106.186
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.lead-concept.com/emails.json

Requested by

Host: app.lead-concept.com
URL: https://app.lead-concept.com/vendors/js/vendor.bundle.base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.172.106.186 , France, ASN12876 (Online SAS, FR),

Reverse DNS

sd-120606.dedibox.fr

Software

Apache /

Resource Hash

1fbd16b5f2e75c93c0dda032da93928a87594d729877ba00bc4f81d259bb0451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.lead-concept.com/iframe/params/source=website&id=2?initialWidth=1000&childId=lc-6504648ae2dfd&parentTitle=&parentUrl=https%3A%2F%2Fapp.lead-concept.com%2Fiframe%2F
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 14:04:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 25 Mar 2021 16:42:45 GMT
Server: Apache
ETag: "1fd-5be5f1ad94052"
Content-Type: application/json
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 509
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: allow 'self';

GET
H/1.1 200
OK tels.json Show response
app.lead-concept.com/ Frame D4BB 5 KB
5 KB 19ms
19ms XHR
application/json 163.172.106.186
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.lead-concept.com/tels.json

Requested by

Host: app.lead-concept.com
URL: https://app.lead-concept.com/vendors/js/vendor.bundle.base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.172.106.186 , France, ASN12876 (Online SAS, FR),

Reverse DNS

sd-120606.dedibox.fr

Software

Apache /

Resource Hash

eb8445e1eb70e07526f34746ca43ba830b0a16295c431d7c2edb4f6aaa6ac7b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.lead-concept.com/iframe/params/source=website&id=2?initialWidth=1000&childId=lc-6504648ae2dfd&parentTitle=&parentUrl=https%3A%2F%2Fapp.lead-concept.com%2Fiframe%2F
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 14:04:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 25 Mar 2021 16:42:45 GMT
Server: Apache
ETag: "139b-5be5f1ad94052"
Content-Type: application/json
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5019
X-XSS-Protection: 1; mode=block
X-Content-Security-Policy: allow 'self';

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 53D5 51 KB
28 KB 54ms
53ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeeBu0ZAAAAAN7nl4RS8bdGUofgkv86enHwPj9n&co=aHR0cHM6Ly9hcHAubGVhZC1jb25jZXB0LmNvbTo0NDM.&hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=ribe9egcsxsn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__fr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ff7b9f5be039b43cd2837049753948d70f24aa3979ffdf1dd10792e59428da9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R0iBSehAMRclwM7tPrhmBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.lead-concept.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28704
content-security-policy: script-src 'report-sample' 'nonce-R0iBSehAMRclwM7tPrhmBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 14:04:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame 53D5 55 KB
24 KB 75ms
25ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeeBu0ZAAAAAN7nl4RS8bdGUofgkv86enHwPj9n&co=aHR0cHM6Ly9hcHAubGVhZC1jb25jZXB0LmNvbTo0NDM.&hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=ribe9egcsxsn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 18:51:21 GMT

GET
H3 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame 53D5 456 KB
183 KB 89ms
39ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__fr.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ce37ea84857112dcc89ee3ffbb8f40e997280dbdd8d19fab36e53ccc0ed4afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 22:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187392
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Sep 2024 22:40:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 53D5 102 B
134 B 35ms
34ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2bc1d0b05d00bb3f3676cb86da2ca2ae7054f725916c86cd51785d156c06b3dc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeeBu0ZAAAAAN7nl4RS8bdGUofgkv86enHwPj9n&co=aHR0cHM6Ly9hcHAubGVhZC1jb25jZXB0LmNvbTo0NDM.&hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=ribe9egcsxsn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 14:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 15 Sep 2023 14:04:59 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app.lead-concept.com/	1970-01-20 14:46:33	Name: XSRF-TOKEN Value: eyJpdiI6IkZNalo0bDFvTmVlN0VrR1dieHpjMFE9PSIsInZhbHVlIjoiMTY5cHk5LzJqRkhvUGFHYWFkSEVTbEZQckEvTUN2S2d3Sm0vekJoa0N5KzFrSm4zSmFhSkZiQkV4bFJNV2NoOThUeXFTRzZCY1M3TTlNZ3AxTnRmMkFKZHdLWkcyQk1GTEQwU2l3d1ZPS2ZhTXZPUEZJUWRoSTIreGZiNWFSaloiLCJtYWMiOiJlNWI3YTk4ODFlODAwNjQzNmI0OTNjMGU0ODE4ZTNlOGEyNzdkMzk1NmQwNjg3Y2FjNzkyNDgxOTAyZGVlNTQwIn0%3D
			app.lead-concept.com/	1970-01-20 14:46:33	Name: leadconcept_session Value: eyJpdiI6Ik9wME9FdUZSVkZqZGppOUhXa3VIVXc9PSIsInZhbHVlIjoiTTZtR0FjclZEMTRvd0dPL2dCTzRMeTlGQ3NFVUpOcUJiSFZLZXRneW00b3ZkdVJ1d0R5YmNZMG1HMnBzSHdYbWV5dzZBRW9xbjJMTlU2TTlicWZUTVlXRzR5SFc0WE55anNEZmFnclh1dFliM0x1eThCSWpLdERRTHRRSHgrVkQiLCJtYWMiOiIxZWQ1ZmRjNDNlMTllZTBlOWFjNTUyZGMyZDcwN2E2NWI0MjZkNjQ2YmM1ZmUxMmY3NGJjODU2NzAzZGQ0ZmYwIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.lead-concept.com
code.jquery.com
qual.lead-concept.com
stackpath.bootstrapcdn.com
www.google.com
www.gstatic.com
163.172.106.186
2001:4de0:ac18::1:a:1a
2606:4700::6812:bcf
2a00:1450:4001:813::2004
2a00:1450:4001:827::2003
03c38b2c2d970bb80926ff13c5d3118f32fe08ebb8041060e3a51f5d3154ea78
06724f9d6dc5d36945b5dbdd71b66d8973ef9896377871644b415b8330b695aa
1fbd16b5f2e75c93c0dda032da93928a87594d729877ba00bc4f81d259bb0451
2bc1d0b05d00bb3f3676cb86da2ca2ae7054f725916c86cd51785d156c06b3dc
337d969ba2c38ae6fd217f2b723b4956b5a7d296d5c65bc2da6a0122695da0a4
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
4ce37ea84857112dcc89ee3ffbb8f40e997280dbdd8d19fab36e53ccc0ed4afc
4f50453f7cd5f72302963a1e7b34107c8d8c0b2527b9955f8a92699131675ee9
50983a58d4e417efe4b2c5a0b263007e5cd192f6393dffd6ef5c315d36ab8517
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7ff7b9f5be039b43cd2837049753948d70f24aa3979ffdf1dd10792e59428da9
8457be373e2450fc9861b089627a4417675ea4466959a4f1ecb4cd4ee33267e1
8de5c221f464c909b692c7ec6d7cddac65ef3b65fec20e9d50d8e3c47bcfd713
b6319f85edeaa4973b25753942d86f964ad3f180dbbb997086c2efd43f6c5fc6
d384f23204a538809745b124bdd3aaa2637366e783bea77efdf3049464ba3c74
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
eb8445e1eb70e07526f34746ca43ba830b0a16295c431d7c2edb4f6aaa6ac7b6
fa26bd4db9a31d622fbcd57a28a33db1f1bea8f40cb7f57eb2d7e27a06521c19

app.lead-concept.com Open in urlscan Pro 163.172.106.186 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

80 %IPv6

5 Domains

6 Subdomains

5 IPs

4 Countries

612 kBTransfer

1793 kBSize

2 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

app.lead-concept.com Open in urlscan Pro
163.172.106.186 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

4
Countries

612 kB
Transfer

1793 kB
Size

2
Cookies

20 HTTP transactions
0 data transactions