urlscan.io logo urlscan.io
SecurityTrails logo

www.rsptrack.com Open in urlscan Pro
3.128.92.51  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://identity.creditscorereports.us/
Effective URL: https://www.rsptrack.com/LTSanitizer.aspx?u=https%3a%2f%2fsecure.yourscoreandmore.com%2flanding.html%3fadid%3dYSAM424000%...
Submission Tags: phishingrod
Submission: On February 17 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 8 domains to perform 9 HTTP transactions. The main IP is 3.128.92.51, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.rsptrack.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 8th 2022. Valid for: a year.
This is the only time www.rsptrack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 207.244.242.113 40021 (CONTABO)
1 1 34.120.82.94 396982 (GOOGLE-CL...)
2 2 34.117.158.72 396982 (GOOGLE-CL...)
2 2 35.162.14.234 16509 (AMAZON-02)
4 151.101.193.91 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
2 5 3.128.92.51 16509 (AMAZON-02)
9 4
1    207.244.242.113 (St Louis, United States)

ASN40021 (CONTABO, US)
PTR: server11.serverdiana.com
identity.creditscorereports.us
1    34.120.82.94 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 94.82.120.34.bc.googleusercontent.com
www.pl2trk.com
2    34.117.158.72 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.158.117.34.bc.googleusercontent.com
www.i2gtrk.com
2    35.162.14.234 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-14-234.us-west-2.compute.amazonaws.com
secure.rspcdn.com
4    151.101.193.91 (United States)

ASN54113 (FASTLY, US)
confirmationpages.com
1    2607:f8b0:4006:822::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    3.128.92.51 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-92-51.us-east-2.compute.amazonaws.com
www.rsptrack.com
Apex Domain
Subdomains		 Transfer
5 rsptrack.com
www.rsptrack.com
260 KB
4 confirmationpages.com
confirmationpages.com
91 KB
2 rspcdn.com
secure.rspcdn.com
2 KB
2 i2gtrk.com
www.i2gtrk.com
770 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 298
31 KB
1 pl2trk.com
www.pl2trk.com
431 B
1 creditscorereports.us
identity.creditscorereports.us
224 B
0 yourscoreandmore.com Failed
secure.yourscoreandmore.com Failed
9 8
Domain Requested by
5 www.rsptrack.com 2 redirects confirmationpages.com
www.rsptrack.com
4 confirmationpages.com confirmationpages.com
2 secure.rspcdn.com 2 redirects
2 www.i2gtrk.com 2 redirects
1 ajax.googleapis.com confirmationpages.com
1 www.pl2trk.com 1 redirects
1 identity.creditscorereports.us 1 redirects
0 secure.yourscoreandmore.com Failed
9 8

This site contains no links.

Subject Issuer Validity Valid
confirmationpages.com
R3		 2023-01-28 -
2023-04-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
rsptrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-08 -
2023-05-09		 a year crt.sh

This page contains 1 frames:

Frame: https://secure.yourscoreandmore.com/landing.html?adid=YSAM424001&isFromLandingRedirect=true
Frame ID: 021B911B48C27FA3E54AA912602CD595
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://identity.creditscorereports.us/ HTTP 301
    https://www.pl2trk.com/3P8KRP/4MNZK6D/ HTTP 302
    https://www.i2gtrk.com/35SD349/C4974T/?sub5=c1509174e24f4faa9bf02ad497ad3372&sub1=60 HTTP 302
    https://www.i2gtrk.com/35SD349/5723JL/?__rpt=0&__po=204&__ptid=d6d28104eb5f4b68bfb9c9f9316c9988&__r... HTTP 302
    https://secure.rspcdn.com/xprr/red/PID/5862/SID/60?AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa HTTP 302
    https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC... Page URL
  2. https://secure.rspcdn.com/xprr/red/PID/5863/SID/60,n,GEN-DC HTTP 302
    https://www.rsptrack.com/click.track/?CID=429764&AFID=424618&SID=60,n,GEN-DC,n,n&EDATA2=60,n,GEN-DC&s... HTTP 302
    https://www.rsptrack.com/LTSanitizer.aspx?u=https%3a%2f%2fsecure.yourscoreandmore.com%2flanding.html%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

78 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

4
IPs

1
Countries

380 kB
Transfer

439 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://identity.creditscorereports.us/ HTTP 301
    https://www.pl2trk.com/3P8KRP/4MNZK6D/ HTTP 302
    https://www.i2gtrk.com/35SD349/C4974T/?sub5=c1509174e24f4faa9bf02ad497ad3372&sub1=60 HTTP 302
    https://www.i2gtrk.com/35SD349/5723JL/?__rpt=0&__po=204&__ptid=d6d28104eb5f4b68bfb9c9f9316c9988&__rpa=0&__rc=1&sub1=60&sub2=&sub3=&sub4=&sub5=c1509174e24f4faa9bf02ad497ad3372&source_id=&__pcd=3 HTTP 302
    https://secure.rspcdn.com/xprr/red/PID/5862/SID/60?AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa HTTP 302
    https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&tkp=5862&tku=7652&tks=200140889 Page URL
  2. https://secure.rspcdn.com/xprr/red/PID/5863/SID/60,n,GEN-DC HTTP 302
    https://www.rsptrack.com/click.track/?CID=429764&AFID=424618&SID=60,n,GEN-DC,n,n&EDATA2=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&fname=&lname=&email=&straddr=&city=&state=&zip=&pp1=&pp2=&pp3=&phone1=&phone2=&phone3=&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&name=+&bill_address=&bill_city=&bill_state=&bill_zip=&phone=&firstname=&lastname=&address=&zipcode=&tkp=5863&tku=7653&tks=200140894 HTTP 302
    https://www.rsptrack.com/LTSanitizer.aspx?u=https%3a%2f%2fsecure.yourscoreandmore.com%2flanding.html%3fadid%3dYSAM424000%26PID%3d424618%26XID%3d60%252cn%252cGEN-DC%252cn%252cn%26EDATA2%3d60%252cn%252cGEN-DC%26sm-guid%3d200F583512DD4DC1A479F4677BADA586%26fname%3d%26lname%3d%26email%3d%26straddr%3d%26city%3d%26state%3d%26zip%3d%26pp1%3d%26pp2%3d%26pp3%3d%26phone1%3d%26phone2%3d%26phone3%3d%26name%3d%2b%26bill_address%3d%26bill_city%3d%26bill_state%3d%26bill_zip%3d%26phone%3d%26firstname%3d%26lastname%3d%26address%3d%26zipcode%3d%26tkp%3d5863%26tku%3d7653%26tks%3d200140894 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://identity.creditscorereports.us/ HTTP 301
  • https://www.pl2trk.com/3P8KRP/4MNZK6D/ HTTP 302
  • https://www.i2gtrk.com/35SD349/C4974T/?sub5=c1509174e24f4faa9bf02ad497ad3372&sub1=60 HTTP 302
  • https://www.i2gtrk.com/35SD349/5723JL/?__rpt=0&__po=204&__ptid=d6d28104eb5f4b68bfb9c9f9316c9988&__rpa=0&__rc=1&sub1=60&sub2=&sub3=&sub4=&sub5=c1509174e24f4faa9bf02ad497ad3372&source_id=&__pcd=3 HTTP 302
  • https://secure.rspcdn.com/xprr/red/PID/5862/SID/60?AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa HTTP 302
  • https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&tkp=5862&tku=7652&tks=200140889
Request Chain 5
  • https://www.rsptrack.com/impression.track?AFID=424618&CID=402425&SID=60,n,GEN-DC HTTP 302
  • https://www.rsptrack.com/pixel.gif
Request Chain 7
  • https://www.rsptrack.com/LTSanitizer.aspx?u=https%3a%2f%2fsecure.yourscoreandmore.com%2flanding.html%3fadid%3dYSAM424000%26PID%3d424618%26XID%3d60%252cn%252cGEN-DC%252cn%252cn%26EDATA2%3d60%252cn%252cGEN-DC%26sm-guid%3d200F583512DD4DC1A479F4677BADA586%26fname%3d%26lname%3d%26email%3d%26straddr%3d%26city%3d%26state%3d%26zip%3d%26pp1%3d%26pp2%3d%26pp3%3d%26phone1%3d%26phone2%3d%26phone3%3d%26name%3d%2b%26bill_address%3d%26bill_city%3d%26bill_state%3d%26bill_zip%3d%26phone%3d%26firstname%3d%26lastname%3d%26address%3d%26zipcode%3d%26tkp%3d5863%26tku%3d7653%26tks%3d200140894&step=2 HTTP 302
  • https://secure.yourscoreandmore.com/landing.html?adid=YSAM424000&PID=424618&XID=60%2cn%2cGEN-DC%2cn%2cn&EDATA2=60%2cn%2cGEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&fname=&lname=&email=&straddr=&city=&state=&zip=&pp1=&pp2=&pp3=&phone1=&phone2=&phone3=&name=+&bill_address=&bill_city=&bill_state=&bill_zip=&phone=&firstname=&lastname=&address=&zipcode=&tkp=5863&tku=7653&tks=200140894 HTTP 303
  • https://secure.yourscoreandmore.com/landing.html?adid=YSAM424001&isFromLandingRedirect=true

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
confirmationpages.com/concerto/
Redirect Chain
  • https://identity.creditscorereports.us/
  • https://www.pl2trk.com/3P8KRP/4MNZK6D/
  • https://www.i2gtrk.com/35SD349/C4974T/?sub5=c1509174e24f4faa9bf02ad497ad3372&sub1=60
  • https://www.i2gtrk.com/35SD349/5723JL/?__rpt=0&__po=204&__ptid=d6d28104eb5f4b68bfb9c9f9316c9988&__rpa=0&__rc=1&sub1=60&sub2=&sub3=&sub4=&sub5=c1509174e24f4faa9bf02ad497ad3372&source_id=&__pcd=3
  • https://secure.rspcdn.com/xprr/red/PID/5862/SID/60?AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa
  • https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&tkp=5862&tku=7652&t...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&tkp=5862&tku=7652&tks=200140889
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.22.1 / PHP/7.1.33
Resource Hash
55ca55bdb46e60a734193b3f879f346e179a080a7c94bac9b597b8e342cbd3ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
private
content-encoding
gzip
content-length
1465
content-type
text/html; charset=UTF-8
date
Fri, 17 Feb 2023 04:52:01 GMT
server
nginx/1.22.1
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-powered-by
PHP/7.1.33
x-served-by
cache-ewr18172-EWR
x-timer
S1676609521.706448,VS0,VE384

Redirect headers

cache-control
private, must-revalidate
content-type
text/html; charset=UTF-8
date
Fri, 17 Feb 2023 04:52:00 GMT
expires
-1
location
https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&tkp=5862&tku=7652&tks=200140889
pragma
no-cache
server
nginx/1.22.1
bases.css
confirmationpages.com/css/ 		157 B
242 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://confirmationpages.com/css/bases.css
Requested by
Host: confirmationpages.com
URL: https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&tkp=5862&tku=7652&tks=200140889
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
eade90ecc12a1b90e728491b33e527c040bdaef484ab9e45179f013e6de5cac5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&tkp=5862&tku=7652&tks=200140889
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by
cache-ewr18172-EWR
date
Fri, 17 Feb 2023 04:52:01 GMT
content-encoding
gzip
via
1.1 varnish
last-modified
Fri, 17 Feb 2023 02:33:19 GMT
server
nginx/1.22.1
age
0
x-timer
S1676609521.106149,VS0,VE351
etag
"9d-5f4dc22e579c0-gzip"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
accept-ranges
bytes
content-length
161
x-cache-hits
0
index_424618-1_gen.css
confirmationpages.com/css/ 		447 B
361 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://confirmationpages.com/css/index_424618-1_gen.css
Requested by
Host: confirmationpages.com
URL: https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&tkp=5862&tku=7652&tks=200140889
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
2038522950cafd2ea25984c4a506714c3e87dac7907df32f4a2c32cd33f76487

Request headers

accept-language
en-US,en;q=0.9
Referer
https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&tkp=5862&tku=7652&tks=200140889
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by
cache-ewr18172-EWR
date
Fri, 17 Feb 2023 04:52:01 GMT
content-encoding
gzip
via
1.1 varnish
last-modified
Fri, 17 Feb 2023 02:33:19 GMT
server
nginx/1.22.1
age
0
x-timer
S1676609521.106089,VS0,VE358
etag
"1bf-5f4dc22e579c0-gzip"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
accept-ranges
bytes
content-length
246
x-cache-hits
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: confirmationpages.com
URL: https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&tkp=5862&tku=7652&tks=200140889
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://confirmationpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 04:14:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Feb 2024 04:14:21 GMT
load.gif
confirmationpages.com/img/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://confirmationpages.com/img/load.gif
Requested by
Host: confirmationpages.com
URL: https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&tkp=5862&tku=7652&tks=200140889
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
b8186581561b14bbb3e0fa15193d492f33b9db9f0e0a2033b55ded94bf31de7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&tkp=5862&tku=7652&tks=200140889
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by
cache-ewr18172-EWR
date
Fri, 17 Feb 2023 04:52:02 GMT
via
1.1 varnish
last-modified
Fri, 17 Feb 2023 02:33:20 GMT
server
nginx/1.22.1
age
0
x-timer
S1676609522.549328,VS0,VE528
etag
"161a2-5f4dc22f4bc00"
x-cache
MISS
content-type
image/gif
accept-ranges
bytes
content-length
90530
x-cache-hits
0
pixel.gif
www.rsptrack.com/
Redirect Chain
  • https://www.rsptrack.com/impression.track?AFID=424618&CID=402425&SID=60,n,GEN-DC
  • https://www.rsptrack.com/pixel.gif
43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rsptrack.com/pixel.gif
Requested by
Host: confirmationpages.com
URL: https://confirmationpages.com/concerto/?AFID=424618&v=1&CID=402425&SID=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&AffiliateReferenceID=85d80b702f544e47966b69860e4d75fa&tkp=5862&tku=7652&tks=200140889
Protocol
HTTP/1.1
Server
3.128.92.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-92-51.us-east-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://confirmationpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 04:52:01 GMT
Last-Modified
Wed, 21 Jan 2015 22:13:22 GMT
Server
nginx
X-AspNet-Version
4.0.30319
ETag
"1D035C777E4ED00"
X-Powered-By
ASP.NET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sat, 18 Feb 2023 04:52:01 GMT

Redirect headers

Date
Fri, 17 Feb 2023 04:52:01 GMT
Server
nginx
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="/p3p/P3P.www.rsptrack.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
Location
/pixel.gif
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Cache-Control
private
Connection
keep-alive
Content-Length
127
Primary Request LTSanitizer.aspx
www.rsptrack.com/
Redirect Chain
  • https://secure.rspcdn.com/xprr/red/PID/5863/SID/60,n,GEN-DC
  • https://www.rsptrack.com/click.track/?CID=429764&AFID=424618&SID=60,n,GEN-DC,n,n&EDATA2=60,n,GEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&fname=&lname=&email=&straddr=&city=&state=&zip=&pp1=&pp2...
  • https://www.rsptrack.com/LTSanitizer.aspx?u=https%3a%2f%2fsecure.yourscoreandmore.com%2flanding.html%3fadid%3dYSAM424000%26PID%3d424618%26XID%3d60%252cn%252cGEN-DC%252cn%252cn%26EDATA2%3d60%252cn%2...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rsptrack.com/LTSanitizer.aspx?u=https%3a%2f%2fsecure.yourscoreandmore.com%2flanding.html%3fadid%3dYSAM424000%26PID%3d424618%26XID%3d60%252cn%252cGEN-DC%252cn%252cn%26EDATA2%3d60%252cn%252cGEN-DC%26sm-guid%3d200F583512DD4DC1A479F4677BADA586%26fname%3d%26lname%3d%26email%3d%26straddr%3d%26city%3d%26state%3d%26zip%3d%26pp1%3d%26pp2%3d%26pp3%3d%26phone1%3d%26phone2%3d%26phone3%3d%26name%3d%2b%26bill_address%3d%26bill_city%3d%26bill_state%3d%26bill_zip%3d%26phone%3d%26firstname%3d%26lastname%3d%26address%3d%26zipcode%3d%26tkp%3d5863%26tku%3d7653%26tks%3d200140894
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.128.92.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-92-51.us-east-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
d358460bbc9a81fa72c045f361224b9e0b6b72e78069f2d331741699900aa2ca

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://confirmationpages.com
Referer
https://confirmationpages.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Feb 2023 04:52:05 GMT
Server
nginx
Transfer-Encoding
chunked
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
669
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Feb 2023 04:52:05 GMT
Location
/LTSanitizer.aspx?u=https%3a%2f%2fsecure.yourscoreandmore.com%2flanding.html%3fadid%3dYSAM424000%26PID%3d424618%26XID%3d60%252cn%252cGEN-DC%252cn%252cn%26EDATA2%3d60%252cn%252cGEN-DC%26sm-guid%3d200F583512DD4DC1A479F4677BADA586%26fname%3d%26lname%3d%26email%3d%26straddr%3d%26city%3d%26state%3d%26zip%3d%26pp1%3d%26pp2%3d%26pp3%3d%26phone1%3d%26phone2%3d%26phone3%3d%26name%3d%2b%26bill_address%3d%26bill_city%3d%26bill_state%3d%26bill_zip%3d%26phone%3d%26firstname%3d%26lastname%3d%26address%3d%26zipcode%3d%26tkp%3d5863%26tku%3d7653%26tks%3d200140894
P3P
policyref="/p3p/P3P.www.rsptrack.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
Server
nginx
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
jquery-1.7.2.js
www.rsptrack.com/ 		256 KB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsptrack.com/jquery-1.7.2.js
Requested by
Host: www.rsptrack.com
URL: https://www.rsptrack.com/LTSanitizer.aspx?u=https%3a%2f%2fsecure.yourscoreandmore.com%2flanding.html%3fadid%3dYSAM424000%26PID%3d424618%26XID%3d60%252cn%252cGEN-DC%252cn%252cn%26EDATA2%3d60%252cn%252cGEN-DC%26sm-guid%3d200F583512DD4DC1A479F4677BADA586%26fname%3d%26lname%3d%26email%3d%26straddr%3d%26city%3d%26state%3d%26zip%3d%26pp1%3d%26pp2%3d%26pp3%3d%26phone1%3d%26phone2%3d%26phone3%3d%26name%3d%2b%26bill_address%3d%26bill_city%3d%26bill_state%3d%26bill_zip%3d%26phone%3d%26firstname%3d%26lastname%3d%26address%3d%26zipcode%3d%26tkp%3d5863%26tku%3d7653%26tks%3d200140894
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.128.92.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-92-51.us-east-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.rsptrack.com/LTSanitizer.aspx?u=https%3a%2f%2fsecure.yourscoreandmore.com%2flanding.html%3fadid%3dYSAM424000%26PID%3d424618%26XID%3d60%252cn%252cGEN-DC%252cn%252cn%26EDATA2%3d60%252cn%252cGEN-DC%26sm-guid%3d200F583512DD4DC1A479F4677BADA586%26fname%3d%26lname%3d%26email%3d%26straddr%3d%26city%3d%26state%3d%26zip%3d%26pp1%3d%26pp2%3d%26pp3%3d%26phone1%3d%26phone2%3d%26phone3%3d%26name%3d%2b%26bill_address%3d%26bill_city%3d%26bill_state%3d%26bill_zip%3d%26phone%3d%26firstname%3d%26lastname%3d%26address%3d%26zipcode%3d%26tkp%3d5863%26tku%3d7653%26tks%3d200140894
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 17 Feb 2023 04:52:05 GMT
Last-Modified
Wed, 21 Jan 2015 22:13:22 GMT
Server
nginx
X-AspNet-Version
4.0.30319
ETag
"1D035C777E4ED00"
X-Powered-By
ASP.NET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
262285
Expires
Sat, 18 Feb 2023 04:52:05 GMT
landing.html
secure.yourscoreandmore.com/
Redirect Chain
  • https://www.rsptrack.com/LTSanitizer.aspx?u=https%3a%2f%2fsecure.yourscoreandmore.com%2flanding.html%3fadid%3dYSAM424000%26PID%3d424618%26XID%3d60%252cn%252cGEN-DC%252cn%252cn%26EDATA2%3d60%252cn%2...
  • https://secure.yourscoreandmore.com/landing.html?adid=YSAM424000&PID=424618&XID=60%2cn%2cGEN-DC%2cn%2cn&EDATA2=60%2cn%2cGEN-DC&sm-guid=200F583512DD4DC1A479F4677BADA586&fname=&lname=&email=&straddr=...
  • https://secure.yourscoreandmore.com/landing.html?adid=YSAM424001&isFromLandingRedirect=true
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.yourscoreandmore.com
URL
https://secure.yourscoreandmore.com/landing.html?adid=YSAM424001&isFromLandingRedirect=true

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

8 Cookies

Domain/Path Name / Value
www.pl2trk.com/ Name: uniqueClick_4MNZK6D
Value: 7e060906-270c-408e-9d16-ed548f26a744:1676609519
www.pl2trk.com/ Name: transaction_id
Value: c1509174e24f4faa9bf02ad497ad3372
www.i2gtrk.com/ Name: uniqueClick_C4974T
Value: af5306e8-bcf9-4da7-b077-868e5cc43439:1676609520
www.i2gtrk.com/ Name: uniqueClick_5723JL
Value: 8ff20b9a-35bf-4986-af05-d2f2424d83c7:1676609520
www.i2gtrk.com/ Name: transaction_id
Value: 85d80b702f544e47966b69860e4d75fa
.rspcdn.com/ Name: rspcdn
Value: eyJlcHMiOnsiMTk5MjIwOTc0Ijp7ImR0IjoiMjAyMy0wMi0xN1QwNDo1MjowMCswMDowMCIsImVwaWQiOjE5OTIyMDk3NCwiY2lkIjo0MDI0MjUsImFmaWQiOjQyNDYxOCwic2lkIjoyMDAxNDA4ODksInBpZCI6NTg2MiwidWlkIjo3NjUyLCJjbGlja0lwIjoiNS4xODEuMjM0LjEzMiIsInRyYW5zYWN0ZWQiOmZhbHNlfSwiMTk5MjIwOTc5Ijp7ImR0IjoiMjAyMy0wMi0xN1QwNDo1MjowNSswMDowMCIsImVwaWQiOjE5OTIyMDk3OSwiY2lkIjo0Mjk3NjQsImFmaWQiOjQyNDYxOCwic2lkIjoyMDAxNDA4OTQsInBpZCI6NTg2MywidWlkIjo3NjUzLCJjbGlja0lwIjoiNS4xODEuMjM0LjEzMiIsInRyYW5zYWN0ZWQiOmZhbHNlfX0sImd1aWQiOiIyMDBGNTgzNTEyREQ0REMxQTQ3OUY0Njc3QkFEQTU4NiJ9
www.rsptrack.com/ Name: LTTC6_429764
Value: 02_118001602_6aafb14e-521b-43cf-af95-b922862426d2
www.rsptrack.com/ Name: ASP.NET_SessionId
Value: yv2ue0owsiyiihyzg5naaqvx