![](/screenshots/8d52c23e-8bb8-4e87-86c1-2acb3e7b0716.png)
leadabsolute.com
Open in
urlscan Pro
45.40.135.135
Malicious Activity!
Public Scan
Effective URL: https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6...
Submission: On April 05 via manual from FR
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 8th 2020. Valid for: 3 months.
This is the only time leadabsolute.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banque Postale (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 4 | 62.210.53.59 62.210.53.59 | 12876 (Online SAS) (Online SAS) | |
4 37 | 45.40.135.135 45.40.135.135 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 1 | 2600:9000:20e... 2600:9000:20eb:e000:15:e09:8a80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:215... 2600:9000:2156:d200:e:5581:7340:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
34 | 2 |
ASN12876 (Online SAS, FR)
bitly-redirectionversespaceclientid965295602034923.micapoik.com |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-45-40-135-135.ip.secureserver.net
leadabsolute.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
37 |
leadabsolute.com
4 redirects
leadabsolute.com |
1 MB |
4 |
micapoik.com
4 redirects
bitly-redirectionversespaceclientid965295602034923.micapoik.com |
1 KB |
2 |
iadvize.com
1 redirects
halc.iadvize.com static.iadvize.com |
13 KB |
34 | 3 |
Domain | Requested by | |
---|---|---|
37 | leadabsolute.com |
4 redirects
leadabsolute.com
|
4 | bitly-redirectionversespaceclientid965295602034923.micapoik.com | 4 redirects |
1 | static.iadvize.com |
leadabsolute.com
|
1 | halc.iadvize.com | 1 redirects |
34 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
leadabsolute.com cPanel, Inc. Certification Authority |
2020-02-08 - 2020-05-08 |
3 months | crt.sh |
*.iadvize.com Amazon |
2020-03-18 - 2021-04-18 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659
Frame ID: 3B35BD41358D0184C9C8080A13828EBF
Requests: 26 HTTP requests in this frame
Frame:
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/lg.php
Frame ID: F06CD2B4C6A9361A8F651A514B5DBB99
Requests: 8 HTTP requests in this frame
Screenshot
![](/screenshots/8d52c23e-8bb8-4e87-86c1-2acb3e7b0716.png)
Page URL History Show full URLs
-
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323
HTTP 301
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/ HTTP 302
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/899088 HTTP 301
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/899088/ HTTP 302
https://leadabsolute.com/votre.espace.ccp/ver HTTP 301
https://leadabsolute.com/votre.espace.ccp/ver/ HTTP 302
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300 HTTP 301
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/ HTTP 302
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bec... Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323
HTTP 301
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/ HTTP 302
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/899088 HTTP 301
http://bitly-redirectionversespaceclientid965295602034923.micapoik.com/LBP46594352323/899088/ HTTP 302
https://leadabsolute.com/votre.espace.ccp/ver HTTP 301
https://leadabsolute.com/votre.espace.ccp/ver/ HTTP 302
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300 HTTP 301
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/ HTTP 302
https://leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index.jsp.php?aspx&6e0bececd8916b982b3c81f4c6da4659 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 30- https://halc.iadvize.com/iadvize.js?sid=4219&tpl=labanquepostale.nb&lang=fr&tpl=laposte2&lang=fr HTTP 302
- https://static.iadvize.com/livechat/3.56.1/live.4629bd5a.js
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.jsp.php
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/ Redirect Chain
|
161 KB 162 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.min.css
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/css/ |
485 KB 485 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css@family=Lato_3A300,300i,400,400i,700,700i,900,900i&subset=latin-ext
leadabsolute.com/votre.espace.ccp/ver/particuliers/https@fonts.googleapis.com/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.min.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tc_LaBanquePostale_4.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inbenta-autocomplete.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader.svg
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/ |
735 B 981 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-lbp.png
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tel-3639.png
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
close.jpg
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LBP-logement-famille-picto.jpg
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/ |
13 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sinistre-picto.jpg
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LBP-senior-carnet-sante-en-ligne-picto.jpg
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base-footer.min.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ |
548 KB 548 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tc_LaBanquePostale_5.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tc_LaBanquePostale_6.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-iadvize.min.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ |
345 B 600 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tc_LaBanquePostale_4.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inbenta-autocomplete.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.ttf@9h9ppi
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/icomoon-library/ |
33 KB 34 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lg.php
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/ Frame F06C |
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cvs_all.css
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/css/ Frame F06C |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cvs_portable.css
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/css/ Frame F06C |
1012 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
transparent.gif
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/index_fichiers/ Frame F06C |
42 B 283 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.1.min.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ Frame F06C |
110 KB 110 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
val_keypad_cvvs-commun-unifie.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ Frame F06C |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
val_keypad_cvvs-unifie.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ Frame F06C |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe_api
leadabsolute.com/votre.espace.ccp/ver/particuliers/https@www.youtube.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/https@api.dmcdn.net/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tc_LaBanquePostale_5.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tc_LaBanquePostale_6.js
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
live.4629bd5a.js
static.iadvize.com/livechat/3.56.1/ Redirect Chain
|
42 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
particulier.alertMessage.json
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/content/ |
315 B 516 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginformff88.gif
leadabsolute.com/votre.espace.ccp/ver/particuliers/UAUT_from=032300/img/ Frame F06C |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banque Postale (Banking)31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| CryptoJS object| Modernizr object| App object| tc_vars function| MarkerClusterer function| Cluster function| ClusterIcon function| emptyString function| isEmpty function| isBlank function| onElementFocused function| removeFromArray function| $ function| jQuery function| iFrameResize240 function| iFrameResize355 object| jQuery111306491366480162168 function| promoUpdate object| docCookies string| device object| regex object| idzCustomData object| tracking object| validator function| getUserLocation function| getUserLocationFail function| getUserLocationForWS function| getUserLocationForMap function| getUserLocationForMapFail2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
leadabsolute.com/ | Name: lastVisit Value: 1586097489096 |
|
leadabsolute.com/ | Name: PHPSESSID Value: 9662cb2f9e17610f31a716175ca4df1b |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bitly-redirectionversespaceclientid965295602034923.micapoik.com
halc.iadvize.com
leadabsolute.com
static.iadvize.com
2600:9000:20eb:e000:15:e09:8a80:93a1
2600:9000:2156:d200:e:5581:7340:93a1
45.40.135.135
62.210.53.59
21fe57ad508ba74a27f609f546937736f4333ba88cbe80ad38f4aafd67bbcb0b
29a5ce0fa9d21a18687ed5e967e201418e5d33d9065e5d15a8eb248419d639b5
374f4a1bdfaad3585c1315d727dfd611dafe7d9eec8741a9d8e3ba84b6efbd3d
51c4cc2d0f4299e044f4397886e747048592826c440058ff01e300159dfe765f
5296bd3298e015e024430cd102cf35c4b7fdfe9b8b717116dfa21d854c7991ca
5800b5ec580f5174effb256df36e1484f503334b57508cc605a98ded4f6050d7
60a71abc8f1b3436d44f17f1244f40a9177e69a67b49e29c335ef10b822d4824
68c58ad52ab707b6dd945fa78734a182b8e47d69acc6d3b43e0c78fa5118e1de
6c2ecc8d8ed497ccfd5de46495d86ec26eb29234a7b65a48cb3bb60ea1519a0a
72e35418c679af04683bfeb3fef38dc5b6032cfc2ab8a6695b6eebdafb415777
806aad512868056b5b26505bbb2d2396198c8baac280e959c2fe1858b59dda22
82d32f68e5fa3a27052e1b6d8f2989e059ce83c0ec408f00c82abcd9639ee386
87c6d9164bb199fb19c54edcb3175ab75bd772d2ee94fd2477aa9074e9457f2f
8f4723dabbc7e614ac49a79544f72e3ef67acbe3530809b8c0feca3e3927be6f
93d4b2dc85cae862bf45fdbeee5f1c2b0c129dac4ab7edf23a2a5fd08c66a830
95fbb2095421ff0d9943c1332651afe57bc85700cd58da2ed618be62df75669c
b52d6ab0b2abc3dfa99cca6776c6e870101de005fd739a54c943795288c07c08
ba8342a63033ca62f60705e270f925110b80f4aa5e2e942e727cc128d1138473
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e82a16b354398501c46036cab262369b7868839e751d53d80e58a032ce5ab701
eeaf9e9e84b69299e5cf608c81b91da54d286e556e9a87feccaddedd9ba7ce93
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629