![](/screenshots/6af7add9-2dee-4119-9fb4-42ad73c285c5.png)
leona-games.com
Open in
urlscan Pro
2a01:238:20a:202:1064::
Malicious Activity!
Public Scan
Submission: On March 06 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on January 6th 2024. Valid for: a year.
This is the only time leona-games.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: La Poste (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 2a01:238:20a:... 2a01:238:20a:202:1064:: | 6724 (STRATO ST...) (STRATO STRATO AG) | |
1 | 18.244.30.55 18.244.30.55 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
22 | 3 |
ASN16509 (AMAZON-02, US)
PTR: server-18-244-30-55.cdg52.r.cloudfront.net
logs1187.xiti.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
leona-games.com
leona-games.com |
970 KB |
4 |
gstatic.com
fonts.gstatic.com |
80 KB |
1 |
xiti.com
logs1187.xiti.com — Cisco Umbrella Rank: 100821 |
326 B |
22 | 3 |
Domain | Requested by | |
---|---|---|
17 | leona-games.com |
leona-games.com
|
4 | fonts.gstatic.com |
leona-games.com
|
1 | logs1187.xiti.com |
leona-games.com
|
22 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.leona-games.com Encryption Everywhere DV TLS CA - G2 |
2024-01-06 - 2025-01-18 |
a year | crt.sh |
*.xiti.com Thawte RSA CA 2018 |
2023-04-14 - 2024-05-14 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://leona-games.com/l/p/
Frame ID: 902DDAE391AC5D3535733E3DA28B200C
Requests: 22 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
leona-games.com/l/p/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cs.css
leona-games.com/l/p/assets/css/ |
30 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
leona-games.com/l/p/assets/css/ |
25 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commons.7bf9d5857ae7e175722f.css
leona-games.com/l/p/assets/css/ |
74 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tcfapi.js
leona-games.com/l/p/assets/js/ |
75 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
engage.js
leona-games.com/l/p/assets/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tc_MireMonCompte_20.js
leona-games.com/l/p/assets/js/ |
323 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-LIN.svg
leona-games.com/l/p/assets/images/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
la-poste-logo.svg
leona-games.com/l/p/assets/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-link-line-white.svg
leona-games.com/l/p/assets/images/ |
249 B 244 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-link-line-gray.svg
leona-games.com/l/p/assets/images/ |
239 B 240 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
leona-games.com/l/p/assets/js/ |
326 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.6e80977d7ad53ae376cb.js
leona-games.com/l/p/assets/js/ |
1 KB 819 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commons.44fb4f79bf6e159f49a5.js
leona-games.com/l/p/assets/js/ |
2 MB 397 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LIN_login.png
leona-games.com/l/p/assets/images/ |
352 KB 352 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event
logs1187.xiti.com/ |
0 326 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-link-line-white.svg
leona-games.com/l/p/assets/images/ |
249 B 244 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-link-line-gray.svg
leona-games.com/l/p/assets/images/ |
239 B 240 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: La Poste (Transportation)49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| flash object| keycloak object| foreign_tc_vars function| tC_cookieAtuserId function| get_account_id function| universalUserId function| extractValuesFromJSON function| verifierCookieAT function| getCookieValue object| pianoAnalytics undefined| extractedValues object| searchParams undefined| tip undefined| timestamp undefined| gtag undefined| adperftrackobj function| tc_events_20 function| tC object| tC_4589_20 object| caReady function| cact object| tc_array_events function| tC4589_20 object| tc_vars object| ATInternet function| ATCustomEvent object| _pac undefined| client_id object| pdl object| _paq object| pa function| tc_ATinternet_ConsentMode string| chap1 string| chap2 string| chap3 string| paramsString object| clientid_url string| clientid string| accostant_vf object| properties number| id_site_lp_connect string| cookie_final object| Raven object| hcaptcha object| __core-js_shared__ object| core object| webpackChunk object| tCdata3 function| isES6Supported0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.gstatic.com
leona-games.com
logs1187.xiti.com
18.244.30.55
2a00:1450:4001:80b::2003
2a01:238:20a:202:1064::
00f0ca5978af7f577f3bb245b52f5b98546fca77cbf7b2b42838fddc2b53cd59
0f05a5d8ced61f63543c8eed24343d2cf5018380451376eb10c8d071a9745482
0f72da71f07c5da57cf2a17793c9e50b3552055f1ed0a23648d397008772fdcd
13e9eb7dba60196ca988d20af502820927b2b4ae2f15f6bf0c2f6e59af6e0d60
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
2fb7fd1af30ae7ecfc23b8f3d2a11e43ee769250d93523365784c43fb03b1027
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
335e2927330d07cb8399270d7515f2fcb8b6819b75e6be75cf2cd578418ac359
3ef2616b16e70dddef6cadfd38756d6f6dff26be13b958b9c700d6918f57e76e
40f10e2cf8be525bea908f6fb79edb4de92b4f7ce9d8f5cb019cb526773ce5b1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b93df95f8259684ed099ef6e82a5a9222ef9291ac652cd852e4016176cd0346c
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
cdd79675e3077f3f5d7fbd9f0d047539fc942900f617a38ca21b60d2519a6f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee2827e219928657187a8ab2223a9037d686ed4fbf5d88d333f9ce640508c3bb
f478fcd90b6ab7a398a05f1a2143ea7c20f9c07b5d70b5fb2ee8c7c5c2f7a64b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fad73292b4d231ed982e30b9d64531f159e5ee517387bb1c4c5dc481de387807