leadabsolute.com Open in urlscan Pro
45.40.135.135 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323
Effective URL:
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6...
Submission: On April 05 via manual (April 5th 2020, 2:38:25 pm UTC) from FR

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 34 HTTP transactions. The main IP is 45.40.135.135, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is leadabsolute.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 8th 2020. Valid for: 3 months.

This is the only time leadabsolute.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banque Postale (Banking)

Domain & IP information

	IP Address	AS Autonomous System
4 4	62.210.53.59 62.210.53.59	12876 (Online SAS) (Online SAS)
4 37	45.40.135.135 45.40.135.135	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1 1	2600:9000:20e... 2600:9000:20eb:e000:15:e09:8a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:d200:e:5581:7340:93a1	16509 (AMAZON-02) (AMAZON-02)
34	2

4 62.210.53.59 (Paris, France) 4 redirects

ASN12876 (Online SAS, FR)

bitly-redirectionversespaceclientid965295602034923.micapoik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 45.40.135.135 (Scottsdale, United States) 4 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-45-40-135-135.ip.secureserver.net

leadabsolute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e000:15:e09:8a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

halc.iadvize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:d200:e:5581:7340:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.iadvize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	leadabsolute.com 4 redirects leadabsolute.com	1 MB
4	micapoik.com 4 redirects bitly-redirectionversespaceclientid965295602034923.micapoik.com	1 KB
2	iadvize.com 1 redirects halc.iadvize.com static.iadvize.com	13 KB
34	3

	Domain	Requested by
37	leadabsolute.com	4 redirects leadabsolute.com
4	bitly-redirectionversespaceclientid965295602034923.micapoik.com	4 redirects
1	static.iadvize.com	leadabsolute.com
1	halc.iadvize.com	1 redirects
34	4

This site contains no links.

Subject Issuer	Validity	Valid
leadabsolute.com cPanel, Inc. Certification Authority	`2020-02-08` - `2020-05-08`	3 months	crt.sh
*.iadvize.com Amazon	`2020-03-18` - `2021-04-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659
Frame ID: 3B35BD41358D0184C9C8080A13828EBF
Requests: 26 HTTP requests in this frame

Frame: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php
Frame ID: F06CD2B4C6A9361A8F651A514B5DBB99
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323 HTTP 301
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/ HTTP 302
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/899088 HTTP 301
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/899088/ HTTP 302
https://leadabsolute.com/votre.espace.ccp/ver HTTP 301
https://leadabsolute.com/votre.espace.ccp/ver/ HTTP 302
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300 HTTP 301
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/ HTTP 302
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bec... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

34
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

1448 kB
Transfer

1472 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323 HTTP 301
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/ HTTP 302
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/899088 HTTP 301
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/899088/ HTTP 302
https://leadabsolute.com/votre.espace.ccp/ver HTTP 301
https://leadabsolute.com/votre.espace.ccp/ver/ HTTP 302
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300 HTTP 301
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/ HTTP 302
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://halc.iadvize.com/iadvize.js?sid=4219&tpl=labanquepostale.nb&lang=fr&tpl=laposte2&lang=fr HTTP 302
https://static.iadvize.com/livechat/3.56.1/live.4629bd5a.js

34 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.jsp.php Show response leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/ Redirect Chain http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323 http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/ http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/899088 http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/899088/ https://leadabsolute.com/votre.espace.ccp/ver https://leadabsolute.com/votre.espace.ccp/ver/ https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300 https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/ https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659	161 KB 162 KB	214ms 213ms	Document text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / PHP/5.6.40 Resource Hash `29a5ce0fa9d21a18687ed5e967e201418e5d33d9065e5d15a8eb248419d639b5` Request headers Host leadabsolute.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie PHPSESSID=9662cb2f9e17610f31a716175ca4df1b Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 05 Apr 2020 14:38:07 GMT Server Apache X-Powered-By PHP/5.6.40 Keep-Alive timeout=2, max=500 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Redirect headers Date Sun, 05 Apr 2020 14:38:06 GMT Server Apache X-Powered-By PHP/5.6.40 Location ./index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Keep-Alive timeout=2, max=497 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	base.min.css leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/css/	485 KB 485 KB	172ms 171ms	Stylesheet text/css	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/css/base.min.css Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `51c4cc2d0f4299e044f4397886e747048592826c440058ff01e300159dfe765f` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Sun, 05 Apr 2020 14:38:07 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=496 Content-Length 496414
GET H/1.1	404 Not Found	css@family=Lato_3A300,300i,400,400i,700,700i,900,900i&subset=latin-ext leadabsolute.com/votre.espace.ccp/ver/particuliers/https@fonts.googleapis.com/	0 0	449ms 163ms	Stylesheet text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/https@fonts.googleapis.com/css@family=Lato_3A300,300i,400,400i,700,700i,900,900i&subset=latin-ext Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Sun, 05 Apr 2020 14:38:07 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=500 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	base.min.js Show response leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/	18 KB 18 KB	456ms 170ms	Script application/javascript	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/base.min.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `87c6d9164bb199fb19c54edcb3175ab75bd772d2ee94fd2477aa9074e9457f2f` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:07 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=500 Content-Length 18339
GET H/1.1	404 Not Found	tc_LaBanquePostale_4.js leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/	0 0	460ms 173ms	Script text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/tc_LaBanquePostale_4.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:07 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=500 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	inbenta-autocomplete.js leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/	0 0	462ms 172ms	Script text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/inbenta-autocomplete.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:07 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=500 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	loader.svg leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/	735 B 981 B	619ms 170ms	Image image/svg+xml	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/loader.svg Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `e82a16b354398501c46036cab262369b7868839e751d53d80e58a032ce5ab701` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 05 Apr 2020 14:38:07 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=499 Content-Length 735
GET H/1.1	200 OK	logo-lbp.png leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/	5 KB 5 KB	180ms 169ms	Image image/png	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/logo-lbp.png Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `6c2ecc8d8ed497ccfd5de46495d86ec26eb29234a7b65a48cb3bb60ea1519a0a` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 05 Apr 2020 14:38:07 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=499 Content-Length 4818
GET H/1.1	404 Not Found	tel-3639.png leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/	315 B 315 B	170ms 170ms	Image text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/tel-3639.png Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 05 Apr 2020 14:38:08 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=497 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	close.jpg leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/	1 KB 2 KB	168ms 167ms	Image image/jpeg	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/close.jpg Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `8f4723dabbc7e614ac49a79544f72e3ef67acbe3530809b8c0feca3e3927be6f` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 05 Apr 2020 14:38:08 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=496 Content-Length 1461
GET H/1.1	200 OK	LBP-logement-famille-picto.jpg leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/	13 KB 14 KB	170ms 169ms	Image image/jpeg	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/LBP-logement-famille-picto.jpg Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `ba8342a63033ca62f60705e270f925110b80f4aa5e2e942e727cc128d1138473` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 05 Apr 2020 14:38:08 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=495 Content-Length 13595
GET H/1.1	200 OK	sinistre-picto.jpg leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/	9 KB 9 KB	168ms 168ms	Image image/jpeg	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/sinistre-picto.jpg Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `72e35418c679af04683bfeb3fef38dc5b6032cfc2ab8a6695b6eebdafb415777` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 05 Apr 2020 14:38:08 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=494 Content-Length 9225
GET H/1.1	200 OK	LBP-senior-carnet-sante-en-ligne-picto.jpg leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/	7 KB 7 KB	169ms 169ms	Image image/jpeg	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/LBP-senior-carnet-sante-en-ligne-picto.jpg Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `21fe57ad508ba74a27f609f546937736f4333ba88cbe80ad38f4aafd67bbcb0b` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 05 Apr 2020 14:38:08 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=493 Content-Length 7350
GET H/1.1	200 OK	base-footer.min.js Show response leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/	548 KB 548 KB	169ms 169ms	Script application/javascript	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/base-footer.min.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `60a71abc8f1b3436d44f17f1244f40a9177e69a67b49e29c335ef10b822d4824` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:08 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=498 Content-Length 560754
GET H/1.1	404 Not Found	tc_LaBanquePostale_5.js leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/	0 0	168ms 168ms	Script text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/tc_LaBanquePostale_5.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:08 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=499 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	tc_LaBanquePostale_6.js leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/	0 0	172ms 171ms	Script text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/tc_LaBanquePostale_6.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:08 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=499 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	clientlib-iadvize.min.js Show response leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/	345 B 600 B	169ms 169ms	Script application/javascript	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/clientlib-iadvize.min.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `806aad512868056b5b26505bbb2d2396198c8baac280e959c2fe1858b59dda22` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:08 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=498 Content-Length 345
GET H/1.1	404 Not Found	tc_LaBanquePostale_4.js leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/	0 0	169ms 169ms	Script text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/tc_LaBanquePostale_4.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:08 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=495 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	inbenta-autocomplete.js leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/	0 0	170ms 170ms	Script text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/inbenta-autocomplete.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:08 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=494 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	icons.ttf@9h9ppi leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/icomoon-library/	33 KB 34 KB	169ms 169ms	Font application/octet-stream	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/icomoon-library/icons.ttf@9h9ppi Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `eeaf9e9e84b69299e5cf608c81b91da54d286e556e9a87feccaddedd9ba7ce93` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/css/base.min.css Origin https://leadabsolute.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 05 Apr 2020 14:38:08 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=499 Content-Length 34296
GET H/1.1	200 OK	lg.php Show response leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/ Frame F06C	7 KB 7 KB	238ms 212ms	Document text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / PHP/5.6.40 Resource Hash `374f4a1bdfaad3585c1315d727dfd611dafe7d9eec8741a9d8e3ba84b6efbd3d` Request headers Host leadabsolute.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-origin Sec-Fetch-Mode navigate Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie PHPSESSID=9662cb2f9e17610f31a716175ca4df1b Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Response headers Date Sun, 05 Apr 2020 14:38:08 GMT Server Apache X-Powered-By PHP/5.6.40 Keep-Alive timeout=2, max=493 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	cvs_all.css leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/css/ Frame F06C	6 KB 6 KB	170ms 169ms	Stylesheet text/css	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/css/cvs_all.css Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `5296bd3298e015e024430cd102cf35c4b7fdfe9b8b717116dfa21d854c7991ca` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Sun, 05 Apr 2020 14:38:09 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=498 Content-Length 5944
GET H/1.1	200 OK	cvs_portable.css leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/css/ Frame F06C	1012 B 1 KB	172ms 172ms	Stylesheet text/css	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/css/cvs_portable.css Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `82d32f68e5fa3a27052e1b6d8f2989e059ce83c0ec408f00c82abcd9639ee386` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Sun, 05 Apr 2020 14:38:09 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=492 Content-Length 1012
GET H/1.1	200 OK	transparent.gif leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index_fichiers/ Frame F06C	42 B 283 B	170ms 169ms	Image image/gif	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index_fichiers/transparent.gif Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 05 Apr 2020 14:38:09 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=498 Content-Length 42
GET H/1.1	200 OK	jquery-1.11.1.min.js Show response leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ Frame F06C	110 KB 110 KB	177ms 174ms	Script application/javascript	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/jquery-1.11.1.min.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `b52d6ab0b2abc3dfa99cca6776c6e870101de005fd739a54c943795288c07c08` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:09 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=492 Content-Length 112772
GET H/1.1	200 OK	val_keypad_cvvs-commun-unifie.js Show response leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ Frame F06C	13 KB 13 KB	181ms 168ms	Script application/javascript	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/val_keypad_cvvs-commun-unifie.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `5800b5ec580f5174effb256df36e1484f503334b57508cc605a98ded4f6050d7` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:09 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=497 Content-Length 12957
GET H/1.1	200 OK	val_keypad_cvvs-unifie.js Show response leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ Frame F06C	9 KB 9 KB	339ms 169ms	Script application/javascript	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/val_keypad_cvvs-unifie.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `95fbb2095421ff0d9943c1332651afe57bc85700cd58da2ed618be62df75669c` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:09 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=497 Content-Length 9129
GET H/1.1	404 Not Found	iframe_api leadabsolute.com/votre.espace.ccp/ver/particuliers/https@www.youtube.com/	0 0	289ms 162ms	Script text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/https@www.youtube.com/iframe_api Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/base-footer.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:09 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=497 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	all.js leadabsolute.com/votre.espace.ccp/ver/particuliers/https@api.dmcdn.net/	0 0	291ms 163ms	Script text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/https@api.dmcdn.net/all.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/base-footer.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:09 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=491 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	tc_LaBanquePostale_5.js leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/	0 0	306ms 169ms	Script text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/tc_LaBanquePostale_5.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:09 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=496 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	tc_LaBanquePostale_6.js leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/	0 0	350ms 170ms	Script text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/tc_LaBanquePostale_6.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 14:38:09 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=497 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H2	200	live.4629bd5a.js Show response static.iadvize.com/livechat/3.56.1/ Redirect Chain https://halc.iadvize.com/iadvize.js?sid=4219&tpl=labanquepostale.nb&lang=fr&tpl=laposte2&lang=fr https://static.iadvize.com/livechat/3.56.1/live.4629bd5a.js	42 KB 12 KB	25ms 9ms	Script application/javascript	2600:9000:2156:d200:e:5581:7340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.iadvize.com/livechat/3.56.1/live.4629bd5a.js Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:d200:e:5581:7340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software 1a680fa4-4ec0-16f0-d077-cd028559a799, AmazonS3 / Resource Hash `93d4b2dc85cae862bf45fdbeee5f1c2b0c129dac4ab7edf23a2a5fd08c66a830` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 04 Apr 2020 13:02:00 GMT content-encoding gzip age 92169 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 last-modified Wed, 01 Apr 2020 12:56:35 GMT server 1a680fa4-4ec0-16f0-d077-cd028559a799, AmazonS3 etag W/"337178f2c83c6fbbdfea6af6a266404f" vary Accept-Encoding,Accept-Encoding x-amz-version-id null via 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront) cache-control public, max-age=259200 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id zP3swyEqMZESbmo4zbc4Zkgx5_HABkmzvZuIZgcPrVrOAlIZ56lLBQ== expires Tue, 07 Apr 2020 13:02:00 UTC Redirect headers date Sun, 05 Apr 2020 14:38:09 GMT content-encoding gzip server 0153da43-d0b5-4754-9acc-0f7412e3e7b4 x-amz-cf-pop FRA2-C1 location https://static.iadvize.com/livechat/3.56.1/live.4629bd5a.js vary Accept-Encoding x-cache Miss from cloudfront content-type text/html; charset=UTF-8 status 302, 302 Found content-length 23 via 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront) x-amz-cf-id AOqWp3f5vGt-mwq7CbdoTWIXvjZ_zBajY_Z5tntkGLGkAxDei4NPjA==
GET H/1.1	404 Not Found	particulier.alertMessage.json Show response leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/content/	315 B 516 B	170ms 170ms	XHR text/html	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/content/particulier.alertMessage.json Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/base-footer.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 05 Apr 2020 14:38:09 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=498 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	loginformff88.gif leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/ Frame F06C	3 KB 3 KB	332ms 174ms	Image image/gif	45.40.135.135 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/loginformff88.gif?imgid=allunifie1&e=3&0.7447373189577372 Requested by Host: leadabsolute.com URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.40.135.135 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-45-40-135-135.ip.secureserver.net Software Apache / Resource Hash `68c58ad52ab707b6dd945fa78734a182b8e47d69acc6d3b43e0c78fa5118e1de` Request headers Referer https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sun, 05 Apr 2020 14:38:09 GMT Last-Modified Sun, 05 Apr 2020 14:38:06 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=496 Content-Length 2833

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banque Postale (Banking)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			leadabsolute.com/	1969-12-31 23:59:59	Name: lastVisit Value: 1586097489096
			leadabsolute.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9662cb2f9e17610f31a716175ca4df1b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bitly-redirectionversespaceclientid965295602034923.micapoik.com
halc.iadvize.com
leadabsolute.com
static.iadvize.com
2600:9000:20eb:e000:15:e09:8a80:93a1
2600:9000:2156:d200:e:5581:7340:93a1
45.40.135.135
62.210.53.59
21fe57ad508ba74a27f609f546937736f4333ba88cbe80ad38f4aafd67bbcb0b
29a5ce0fa9d21a18687ed5e967e201418e5d33d9065e5d15a8eb248419d639b5
374f4a1bdfaad3585c1315d727dfd611dafe7d9eec8741a9d8e3ba84b6efbd3d
51c4cc2d0f4299e044f4397886e747048592826c440058ff01e300159dfe765f
5296bd3298e015e024430cd102cf35c4b7fdfe9b8b717116dfa21d854c7991ca
5800b5ec580f5174effb256df36e1484f503334b57508cc605a98ded4f6050d7
60a71abc8f1b3436d44f17f1244f40a9177e69a67b49e29c335ef10b822d4824
68c58ad52ab707b6dd945fa78734a182b8e47d69acc6d3b43e0c78fa5118e1de
6c2ecc8d8ed497ccfd5de46495d86ec26eb29234a7b65a48cb3bb60ea1519a0a
72e35418c679af04683bfeb3fef38dc5b6032cfc2ab8a6695b6eebdafb415777
806aad512868056b5b26505bbb2d2396198c8baac280e959c2fe1858b59dda22
82d32f68e5fa3a27052e1b6d8f2989e059ce83c0ec408f00c82abcd9639ee386
87c6d9164bb199fb19c54edcb3175ab75bd772d2ee94fd2477aa9074e9457f2f
8f4723dabbc7e614ac49a79544f72e3ef67acbe3530809b8c0feca3e3927be6f
93d4b2dc85cae862bf45fdbeee5f1c2b0c129dac4ab7edf23a2a5fd08c66a830
95fbb2095421ff0d9943c1332651afe57bc85700cd58da2ed618be62df75669c
b52d6ab0b2abc3dfa99cca6776c6e870101de005fd739a54c943795288c07c08
ba8342a63033ca62f60705e270f925110b80f4aa5e2e942e727cc128d1138473
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e82a16b354398501c46036cab262369b7868839e751d53d80e58a032ce5ab701
eeaf9e9e84b69299e5cf608c81b91da54d286e556e9a87feccaddedd9ba7ce93
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

leadabsolute.com Open in urlscan Pro 45.40.135.135 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

2 IPs

2 Countries

1448 kBTransfer

1472 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

leadabsolute.com Open in urlscan Pro
45.40.135.135 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

1448 kB
Transfer

1472 kB
Size

2
Cookies

34 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!