lp2s.cyber-guard.me Open in urlscan Pro
172.67.139.127 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secured.capitalonetrustfund.com/
Effective URL:
https://lp2s.cyber-guard.me/?&utm_campaign=00605_test-best&cep=B18UQ2jvg8Kgam9948qZL7qMYyclhPNYPgNbVLwTmmBU4ifjYOJE6lJBAH6tU...
Submission: On November 02 via api (November 2nd 2021, 9:04:59 am UTC) from US — Scanned from DE

Summary HTTP 6 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 6 HTTP transactions. The main IP is 172.67.139.127, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp2s.cyber-guard.me.
TLS certificate: Issued by R3 on September 22nd 2021. Valid for: 3 months.

This is the only time lp2s.cyber-guard.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	72.52.178.23 72.52.178.23	32244 (LIQUIDWEB) (LIQUIDWEB)
2 2	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
1 1	104.21.37.59 104.21.37.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.139.127 172.67.139.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
6	5

2 72.52.178.23 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com

secured.capitalonetrustfund.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.192.101.24 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p237996.mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.37.59 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

track.sparta-tracking.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.139.127 (United States)

ASN13335 (CLOUDFLARENET, US)

lp2s.cyber-guard.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	cyber-guard.me lp2s.cyber-guard.me	27 KB
2	mybetterdl.com 2 redirects mybetterdl.com p237996.mybetterdl.com	1 KB
2	capitalonetrustfund.com secured.capitalonetrustfund.com	13 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	sparta-tracking.xyz 1 redirects track.sparta-tracking.xyz	2 KB
6	6

	Domain	Requested by
2	lp2s.cyber-guard.me	secured.capitalonetrustfund.com lp2s.cyber-guard.me
2	secured.capitalonetrustfund.com	secured.capitalonetrustfund.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	lp2s.cyber-guard.me
1	track.sparta-tracking.xyz	1 redirects
1	p237996.mybetterdl.com	1 redirects
1	mybetterdl.com	1 redirects
6	7

This site contains links to these domains. Also see Links.

Domain
track.sparta-tracking.xyz

Subject Issuer	Validity	Valid
*.cyber-guard.me R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lp2s.cyber-guard.me/?&utm_campaign=00605_test-best&cep=B18UQ2jvg8Kgam9948qZL7qMYyclhPNYPgNbVLwTmmBU4ifjYOJE6lJBAH6tUQ7RJRRjvn-saTnKuwxLo15b-B_2FpV6kbxswbIUZ4szrsEe-okkMFA3_uNxbhLVykPOZn62XKVWZ8yJiO_MWf0C0fuyT2EX0VZCtk8Ma4Enadwu5E4VN4mFiNc-55E5VE7fEJd6d682Xpt0HNK0Ty2xP1gGIqwnMGSJrDXGEZHl0UyqBYeOUMlFPknpJbi6phP9Ol68yeWwkqa1vrYxtod3rtuRcZj_kM9BIwhqmlT8L-y-BL0cx0-KdH01HNe2EkGaxYiyITno6BQ-SGG_j8nGdJofxrSAxCNRJC-P5EUQLznlZdJtECKYFuouVE_uq4R2EcRfY6_7EyNEQSZ6TXCerko45_t6M57T13JCOdLA9n1m5u4Rhd1Mfaw00CyufvxwdyHLQobfVk-_irBrVDVw6n25CF0QpRC5Br-R3aJbwSJMEcm0WTVsVXykqLORy14WlfK9DFfRMGmZhskaFbXPUr3ppRvZRhImNl5S_HLDq72m67-zXKp_JpvnKUUyAwo3PGcRbhtwf1S-NeN1fiOP0w&lptoken=16db3563845d56319524&keyword=capitalonetrustfund.com&geo=DE&campaignname=00605&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440099173&bid=0.0051&clickid=87463541535
Frame ID: 3FEF7AB36A130AAACE7A79544C1692D2
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyber Guard

Page URL History Show full URLs

http://secured.capitalonetrustfund.com/ Page URL
http://secured.capitalonetrustfund.com/page/bouncy.php?&bpae=GbhGcL%2FGwlZ9jvPWFcLTAeWv%2BlOuKf8CjBTzslBtNdqI2DwnyK... Page URL
https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6TV7tX4V9JMKxuBH-a3XQQvKbAu06Y_CdMWljzGUZt5XP_qkUUIM... HTTP 302
https://p237996.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LonzVIM1k4oeNKId4yj9-6unqPDnxniNOqtAXOlclDvG... HTTP 302
https://track.sparta-tracking.xyz/979bbb61-d36f-4f9a-9759-0b545201ea60?keyword=capitalonetrustfund.com&geo=DE&... HTTP 302
https://lp2s.cyber-guard.me/?&utm_campaign=00605_test-best&cep=B18UQ2jvg8Kgam9948qZL7qMYyclhPNYPgNbVLwTm... Page URL

Page Statistics

6
Requests

67 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

86 kB
Transfer

173 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://track.sparta-tracking.xyz/click
Title: Cyber Guard ist nicht installiert Klicke auf "Ok" um zum Chrome Store zu gelangen und die Erweiterung zu installieren OK

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secured.capitalonetrustfund.com/ Page URL
http://secured.capitalonetrustfund.com/page/bouncy.php?&bpae=GbhGcL%2FGwlZ9jvPWFcLTAeWv%2BlOuKf8CjBTzslBtNdqI2DwnyKiKZ8jwxGmoobp%2FtbHFW6GjlOmqvr9zL6t3YZ2X3IJGMdHjQZDmxA%2F9hdkH9xRQNy2x5BbCpngRGob%2FUn8MWHwuH5DET1Bx0ySLv2fO4Q2oCfvQEHilizC3enb2hfsJ%2BOeWHfGQ%2Fvcc8LZFEGA5aKYYjp6JVLbQUrjqYy62SbLEYEsF93hI2evjDtWzXTQG3O6g29NJekOrk1lHCQWHXmKhMAprVUZGyfSCRDONY9mVGxq%2FFtp%2FWHRNAul5Lyp1UDYct3vT4AlqdsskBRcXVdGIS3h9JwaA8Wog7d1ALmOsEhzO0pM6SEv9giypVEqfZYCdmaxqdvLeKyXLkE2aPFDpQS3Yx3dG%2BmSum%2FPlIPjiBDH%2Fd%2F9P8W9uI1tjAd9BoV9ivBk3y7vr%2Fgzrx%2BP9IsXdR2vH7QJxu2e70ndoZJEjpJTiM95unSq3%2Br5C%2BfkNyVe928LA8543dwCVcAxMjTHxT%2FdSxmZSktkGmeVmPSaPWQ4e5eZfVesT9FWamxLPkjsT53%2ByUuggdZCe9vf6e3SbZ4dlIIvPFcyc1FGUYWpgaPhcTuZG5NHNnjXBZLfcM4vcTOvu8117o1UNfqZkPK%2FyceBTi7UTpIMf0V2DCf0nhxM9x%2BDXDDA1ekCwP%2FUt7R%2BYDO6ui%2Bj2hNAgEbQxAjEAfxlnQXCobN%2FoXS9DbvXSRsr2LGqUGfA5a02EQY0AvDlcdEcqM0SlYBm%2BdHed%2BSFhH%2FMG%2FDXMMscqO1MPlHgVG9%2Bxn0G0xdG76XRNZAN6%2FClCgnNXBHQCuXOiVt5KV6ivJJdbFVgvZS57xLqSpb8s8HgFsqFysvTk8yfUupnRbp6x7wN%2BrmZZ5umcvLsWygpGTqZ7oOXmm1%2BTHggTdGjSLgYVj6k68xck83QBJUjuGkf6PFSZUl3CV4V%2FDngL70%2FgRNaxRxMiOb5at6qv%2F3ceK4k5xz8g7cGPd1pRHj2Hyc%2FwBRpcEIHu%2FzrrMmlbx%2Fz8RFb1bRV6TOft47TT7zZOyiwnHSBV8IRk9aFZrjNL7bn2xu913Kiyv1AJqF%2Fg0%2F%2FvmT40uBdTZq7KjQNZpo3oRM8Bg23SMQ2pNd3GolS2XGIewwttzVoMHlT7JlWNwWWVJA%2FyKKhEgl1fmjUHNSDtnbH3u1VixCAp9zTNQdQbZ0942V0QUcNgex0VZvmlU4CLbNn0htgWSsVHLvI89O26E%2BPjCn6u1irQ6vtq7ijM0ib7xSUaEe%2F5Cf6WLg%2FLEU9o%2BQT1C0qWoUfq%2B0KWM3qecqsVbIhaZupl2fNjbajc%2FmKw6u2267HWJWOIXoBww7W1yBdn2OJWfFz1SmMIvsb%2FrHvTjIGj7m7nUTsgJjs%2Bj92k3xegoOtoVWGghU9FbkTq%2FiTKK1ADBg%2BFxNJRtxlRB2VGB59URMGwJAOoIWVKyZSZ1rSi7P652317UtHoLtmS0%2FcgjTGRXftCBsfF498tZ%2F%2Fk7aDCC6m1w0XxVPTZ3ir92%2Fv8DqsBjazNGvB6Fs%2FVsZ4hzEMFfUuW2cp4wrnkkJklooKr67wtmnklJI1Ray%2FOl23AMorUWvra2w5LxnCG5RcDQFXGDv0%2FOx8u0tQ5ikQSapE8s6pmS575GZB3YrXCnUw9e4MlUlMOHHLQUC2bYPmVCbTbCzW7dvb%2FgHHOyr1FvFjNQabxnfUouNUkAusxqz9h%2BV6vNdvmnaY1OaJTkQNWWO4VkFqT5CWuC%2FqlxKE4utiKsJst3SBmJsPJKROyf%2B5oWuLNz58vqA7eXyp%2BbealtYHB5yuQVpbAWurgJdaNxIkZXp8fyPO6Vp68cwkxAZpVanIQaGMG54Bu4JrFJGkWtvRsLL%2FS8ZOJyWGLGQ1JpEGU1TQ16pTEhWn3ja%2FsntZBJRSQyWWHncC0OQUuuCbgdk4FckP%2BBYXJOxbx%2FbzV2Uji4S3ejFqF3Wcn5KoonvDvxszp9JVWRwVYj1TDwR8kEYqrn4ywSJiP7bJIoRc0A7BNNEtc2gmlA12V66OLiFizkCCD1Okcjq3yBlQPEAtFKtcYNc4FYrDuKGZlqJbqGXsjBagk3pk8tE4g%2BQcvUblwXcS053ObvIzx9NlHFsgPmoptZ2mwvLq9NJ9O8Ig%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6TV7tX4V9JMKxuBH-a3XQQvKbAu06Y_CdMWljzGUZt5XP_qkUUIMBRPrtKGeLDN2bDp6O7CY8H5otvV17wkvfiSxVzUh4G27zB_xj91QQmqspmcTlx44u3Z3JFwh8HBc0z2-Z6fHMSbNGBaLP11-ybTxlVlYmiYqf4t4ttHdDF2lPhji5FglGk-_NnF-szzsRrs0yXF9jA8xUMUQNkGkQRspm7XPaAJnG1N14gvI6ASZ8rLu-aYaKkGlQJQuTpOyxFjyP4KIb37AU17b69tTyZqOZwPFkA2AsGzdxnJEOSWvROBCdSzAKlmSy3bpA0VRGqsYd2xJW0_W7q2PmnL3tKTgWmt-AnKruLhOVoYw0rIm0RGJMlqLIo7HdjH_8dNT3B-8TzwPObOaLN-_MWTVmYMW6g0RXvcVjZw_iuEbl7TsmLiLIWiLTp3QV0db6enX3STBdmzKAa25X-RFeqbZHl9T8R4FV-cOdE9w6wtyj2lErj9btbg0xQK1x20Qw9uF4V3faBBPzx4Ju1qXodI4sVoySurH_-XCsOMdvgiEB13TO7QsOAQSm6Mga-1dc4DeMJ0tK9qz1RVRW7o_fxjEXR9nFylFX-KV88SxqtZEC-quobLa1ef43SrQvXgHXK5M_UGNq7Gzb-mW5R3Xwa3VfcEYtuhU77pgVsa2gArwDi98dR9DwNj4qUWpmH1XPG5agQklFnjlHwFRGzZ0OtpGrF0fDMUeTMmF38AH7WFkTmB9WSQwD1hFEd21HmFKu8V-W4_QtdfjCIo85m6OkbKs6o5_2PaGV2w2IqLWrLHZnHWp4VeHtG41iVRMh5Qt4BVcdCoI5bCwg3JCRX6kfd96LoRjDLzHtx2U7uTBENSMYjcUfs4yDuMmIjlTliA4aOHf1KRYMjitb_SERkJkBK4RC3dxIJyuMF_vBNjOib_oJBLvQIVPGDdLi3T0s7HjA4_WCzfdNmhsj5pP_mYVDbCTKpoztVPECHjCKoJ6RcRYGA2oj8AxdeIGyqrTd3yqqunNG-eY67zIgM8JN6ZTJk1fseIedozOvh8r9KlsereocjznqoICFuH1s-BWiTEz5kF6as5hJzMlfEL8BWDg3EKlSxlTZYuGsDErGYvPEGqZ8pIUBs7ulaWXAZ1UZlfGCaFHcg3P5BTS1B7GNLWyNNIN2_GNOcEboouiHDKpXu0RNHtw_6jVreAeNlrUZVbKx5ZbArpzuiINOnENpA53L4q1tx375iqyReKZEIvuh6oSZAspur0hpjotjEhlYx0uFVn5vmfn1Vi3lXsfpp1-wwjQqreC7uGTIWrDIE1sbWvDOf4mzYfNWNLh7di29mq3p3IW_O-Md3MQbj9K2GKtkyD3Tx4g5umOCOJfrFYNpuxYylAk8orOqBhazE_rFo5a4otZBNWFYQzcqchc_yX16DmwxaM-aZ2EWYIaNDMZ9krepfbWr78ER5yP1_-aZfBNIh2UEBingtw_af89j79bifxf3atr1A4uk9Xk7U5jDCok9YMrNKId4yj9-6unqPDnxniNOqtAXOlclDvGtPExdJ3McGJhd9RXwRoGzieo8OfGeI06q0Bc6VyUO8ageQrKU3UguaudK89CFAsDBMKyxAGjlv4cNaGs5vtFXBLrq4u9rcZkw HTTP 302
https://p237996.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LonzVIM1k4oeNKId4yj9-6unqPDnxniNOqtAXOlclDvGnHxm8XiKfyPth2dMggydW1yQCHMr_xmMi4NKnxHcuuiLglYlO3SHuM_RFaBcwr6-p1LGVWYVlTz_tvSyZhB3Zme2-kMvWtZh04izcTTY_t9Aw6qO82XnYSLuAxWDoquhW0pidsby1YyfhVu6plVqy0BSCF4qMtDorAIyiLGumliQs-GBVXI8D6jAG-pSZpQKtYRQ2iJqecLO_Q7McWmjiIhmaIqpl7mswk6-Nk0O65XVvP7oJdXqBXVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieHoR260PWixbRh5WhN0Axej_wmAiUbeoWBGu3Yx722PcuMwxu-yavJh16GJEt4j8YEMK4xzFC15TSspL4AEbnZZJCxAdeOqU&ui=w_Wj54-Mm6TV7tX4V9JMKxEF7R7AtJeQ5BqBrDJxXOECFxss9CJk3u1bUo3vi2mORl7TrYa-zklJqyh4phmA5is9C9iltKT7oxtYaJfdLgcCB2elpjpA-w&si=1&oref=21f438d082786200542ec60518f43f9d&optunit=o3PohfWRZSQ0aGT-r28bT9YnqCJ1zTEL&rb=RF1509_dvck&rr=1&abtg=0 HTTP 302
https://track.sparta-tracking.xyz/979bbb61-d36f-4f9a-9759-0b545201ea60?keyword=capitalonetrustfund.com&geo=DE&campaignname=00605&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440099173&bid=0.0051&clickid=87463541535 HTTP 302
https://lp2s.cyber-guard.me/?&utm_campaign=00605_test-best&cep=B18UQ2jvg8Kgam9948qZL7qMYyclhPNYPgNbVLwTmmBU4ifjYOJE6lJBAH6tUQ7RJRRjvn-saTnKuwxLo15b-B_2FpV6kbxswbIUZ4szrsEe-okkMFA3_uNxbhLVykPOZn62XKVWZ8yJiO_MWf0C0fuyT2EX0VZCtk8Ma4Enadwu5E4VN4mFiNc-55E5VE7fEJd6d682Xpt0HNK0Ty2xP1gGIqwnMGSJrDXGEZHl0UyqBYeOUMlFPknpJbi6phP9Ol68yeWwkqa1vrYxtod3rtuRcZj_kM9BIwhqmlT8L-y-BL0cx0-KdH01HNe2EkGaxYiyITno6BQ-SGG_j8nGdJofxrSAxCNRJC-P5EUQLznlZdJtECKYFuouVE_uq4R2EcRfY6_7EyNEQSZ6TXCerko45_t6M57T13JCOdLA9n1m5u4Rhd1Mfaw00CyufvxwdyHLQobfVk-_irBrVDVw6n25CF0QpRC5Br-R3aJbwSJMEcm0WTVsVXykqLORy14WlfK9DFfRMGmZhskaFbXPUr3ppRvZRhImNl5S_HLDq72m67-zXKp_JpvnKUUyAwo3PGcRbhtwf1S-NeN1fiOP0w&lptoken=16db3563845d56319524&keyword=capitalonetrustfund.com&geo=DE&campaignname=00605&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440099173&bid=0.0051&clickid=87463541535 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
secured.capitalonetrustfund.com/ 7 KB
8 KB 430ms
314ms Document
text/html 72.52.178.23
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://secured.capitalonetrustfund.com/
Protocol: HTTP/1.1
Server: 72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash: 2fa54ef954b8547f9b81cd42a5ef27e62500565ecbec0b11285853a3e3142c97

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 02 Nov 2021 09:04:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK bouncy.php
secured.capitalonetrustfund.com/page/ 5 KB
6 KB 126ms
125ms Document
text/html 72.52.178.23
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://secured.capitalonetrustfund.com/page/bouncy.php?&bpae=GbhGcL%2FGwlZ9jvPWFcLTAeWv%2BlOuKf8CjBTzslBtNdqI2DwnyKiKZ8jwxGmoobp%2FtbHFW6GjlOmqvr9zL6t3YZ2X3IJGMdHjQZDmxA%2F9hdkH9xRQNy2x5BbCpngRGob%2FUn8MWHwuH5DET1Bx0ySLv2fO4Q2oCfvQEHilizC3enb2hfsJ%2BOeWHfGQ%2Fvcc8LZFEGA5aKYYjp6JVLbQUrjqYy62SbLEYEsF93hI2evjDtWzXTQG3O6g29NJekOrk1lHCQWHXmKhMAprVUZGyfSCRDONY9mVGxq%2FFtp%2FWHRNAul5Lyp1UDYct3vT4AlqdsskBRcXVdGIS3h9JwaA8Wog7d1ALmOsEhzO0pM6SEv9giypVEqfZYCdmaxqdvLeKyXLkE2aPFDpQS3Yx3dG%2BmSum%2FPlIPjiBDH%2Fd%2F9P8W9uI1tjAd9BoV9ivBk3y7vr%2Fgzrx%2BP9IsXdR2vH7QJxu2e70ndoZJEjpJTiM95unSq3%2Br5C%2BfkNyVe928LA8543dwCVcAxMjTHxT%2FdSxmZSktkGmeVmPSaPWQ4e5eZfVesT9FWamxLPkjsT53%2ByUuggdZCe9vf6e3SbZ4dlIIvPFcyc1FGUYWpgaPhcTuZG5NHNnjXBZLfcM4vcTOvu8117o1UNfqZkPK%2FyceBTi7UTpIMf0V2DCf0nhxM9x%2BDXDDA1ekCwP%2FUt7R%2BYDO6ui%2Bj2hNAgEbQxAjEAfxlnQXCobN%2FoXS9DbvXSRsr2LGqUGfA5a02EQY0AvDlcdEcqM0SlYBm%2BdHed%2BSFhH%2FMG%2FDXMMscqO1MPlHgVG9%2Bxn0G0xdG76XRNZAN6%2FClCgnNXBHQCuXOiVt5KV6ivJJdbFVgvZS57xLqSpb8s8HgFsqFysvTk8yfUupnRbp6x7wN%2BrmZZ5umcvLsWygpGTqZ7oOXmm1%2BTHggTdGjSLgYVj6k68xck83QBJUjuGkf6PFSZUl3CV4V%2FDngL70%2FgRNaxRxMiOb5at6qv%2F3ceK4k5xz8g7cGPd1pRHj2Hyc%2FwBRpcEIHu%2FzrrMmlbx%2Fz8RFb1bRV6TOft47TT7zZOyiwnHSBV8IRk9aFZrjNL7bn2xu913Kiyv1AJqF%2Fg0%2F%2FvmT40uBdTZq7KjQNZpo3oRM8Bg23SMQ2pNd3GolS2XGIewwttzVoMHlT7JlWNwWWVJA%2FyKKhEgl1fmjUHNSDtnbH3u1VixCAp9zTNQdQbZ0942V0QUcNgex0VZvmlU4CLbNn0htgWSsVHLvI89O26E%2BPjCn6u1irQ6vtq7ijM0ib7xSUaEe%2F5Cf6WLg%2FLEU9o%2BQT1C0qWoUfq%2B0KWM3qecqsVbIhaZupl2fNjbajc%2FmKw6u2267HWJWOIXoBww7W1yBdn2OJWfFz1SmMIvsb%2FrHvTjIGj7m7nUTsgJjs%2Bj92k3xegoOtoVWGghU9FbkTq%2FiTKK1ADBg%2BFxNJRtxlRB2VGB59URMGwJAOoIWVKyZSZ1rSi7P652317UtHoLtmS0%2FcgjTGRXftCBsfF498tZ%2F%2Fk7aDCC6m1w0XxVPTZ3ir92%2Fv8DqsBjazNGvB6Fs%2FVsZ4hzEMFfUuW2cp4wrnkkJklooKr67wtmnklJI1Ray%2FOl23AMorUWvra2w5LxnCG5RcDQFXGDv0%2FOx8u0tQ5ikQSapE8s6pmS575GZB3YrXCnUw9e4MlUlMOHHLQUC2bYPmVCbTbCzW7dvb%2FgHHOyr1FvFjNQabxnfUouNUkAusxqz9h%2BV6vNdvmnaY1OaJTkQNWWO4VkFqT5CWuC%2FqlxKE4utiKsJst3SBmJsPJKROyf%2B5oWuLNz58vqA7eXyp%2BbealtYHB5yuQVpbAWurgJdaNxIkZXp8fyPO6Vp68cwkxAZpVanIQaGMG54Bu4JrFJGkWtvRsLL%2FS8ZOJyWGLGQ1JpEGU1TQ16pTEhWn3ja%2FsntZBJRSQyWWHncC0OQUuuCbgdk4FckP%2BBYXJOxbx%2FbzV2Uji4S3ejFqF3Wcn5KoonvDvxszp9JVWRwVYj1TDwR8kEYqrn4ywSJiP7bJIoRc0A7BNNEtc2gmlA12V66OLiFizkCCD1Okcjq3yBlQPEAtFKtcYNc4FYrDuKGZlqJbqGXsjBagk3pk8tE4g%2BQcvUblwXcS053ObvIzx9NlHFsgPmoptZ2mwvLq9NJ9O8Ig%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by: Host: secured.capitalonetrustfund.com
URL: http://secured.capitalonetrustfund.com/
Protocol: HTTP/1.1
Server: 72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://secured.capitalonetrustfund.com/

Response headers

Date: Tue, 02 Nov 2021 09:04:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request / Show response
lp2s.cyber-guard.me/
Redirect Chain

https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6TV7tX4V9JMKxuBH-a3XQQvKbAu06Y_CdMWljzGUZt5XP_qkUUIMBRPrtKGeLDN2bDp6O7CY8H5otvV17wkvfiSxVzUh4G27zB_xj91QQmqspmcTlx44u3Z3JFwh8HBc0z2-Z6fHMSbNGBaLP11-yb...
https://p237996.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12LonzVIM1k4oeNKId4yj9-6unqPDnxniNOqtAXOlclDvGnHxm8XiKfyPth2dMggydW1yQCHMr_xmMi4NKnxHcuuiLglYlO3SHuM_RFaBcwr6-p1LGVWYVlTz_tvSyZhB3Zme2-k...
https://track.sparta-tracking.xyz/979bbb61-d36f-4f9a-9759-0b545201ea60?keyword=capitalonetrustfund.com&geo=DE&campaignname=00605&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&sourc...
https://lp2s.cyber-guard.me/?&utm_campaign=00605_test-best&cep=B18UQ2jvg8Kgam9948qZL7qMYyclhPNYPgNbVLwTmmBU4ifjYOJE6lJBAH6tUQ7RJRRjvn-saTnKuwxLo15b-B_2FpV6kbxswbIUZ4szrsEe-okkMFA3_uNxbhLVykPOZn62XK...

72 KB
26 KB

101ms
59ms

Document
text/html

172.67.139.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp2s.cyber-guard.me/?&utm_campaign=00605_test-best&cep=B18UQ2jvg8Kgam9948qZL7qMYyclhPNYPgNbVLwTmmBU4ifjYOJE6lJBAH6tUQ7RJRRjvn-saTnKuwxLo15b-B_2FpV6kbxswbIUZ4szrsEe-okkMFA3_uNxbhLVykPOZn62XKVWZ8yJiO_MWf0C0fuyT2EX0VZCtk8Ma4Enadwu5E4VN4mFiNc-55E5VE7fEJd6d682Xpt0HNK0Ty2xP1gGIqwnMGSJrDXGEZHl0UyqBYeOUMlFPknpJbi6phP9Ol68yeWwkqa1vrYxtod3rtuRcZj_kM9BIwhqmlT8L-y-BL0cx0-KdH01HNe2EkGaxYiyITno6BQ-SGG_j8nGdJofxrSAxCNRJC-P5EUQLznlZdJtECKYFuouVE_uq4R2EcRfY6_7EyNEQSZ6TXCerko45_t6M57T13JCOdLA9n1m5u4Rhd1Mfaw00CyufvxwdyHLQobfVk-_irBrVDVw6n25CF0QpRC5Br-R3aJbwSJMEcm0WTVsVXykqLORy14WlfK9DFfRMGmZhskaFbXPUr3ppRvZRhImNl5S_HLDq72m67-zXKp_JpvnKUUyAwo3PGcRbhtwf1S-NeN1fiOP0w&lptoken=16db3563845d56319524&keyword=capitalonetrustfund.com&geo=DE&campaignname=00605&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440099173&bid=0.0051&clickid=87463541535

Requested by

Host: secured.capitalonetrustfund.com
URL: http://secured.capitalonetrustfund.com/page/bouncy.php?&bpae=GbhGcL%2FGwlZ9jvPWFcLTAeWv%2BlOuKf8CjBTzslBtNdqI2DwnyKiKZ8jwxGmoobp%2FtbHFW6GjlOmqvr9zL6t3YZ2X3IJGMdHjQZDmxA%2F9hdkH9xRQNy2x5BbCpngRGob%2FUn8MWHwuH5DET1Bx0ySLv2fO4Q2oCfvQEHilizC3enb2hfsJ%2BOeWHfGQ%2Fvcc8LZFEGA5aKYYjp6JVLbQUrjqYy62SbLEYEsF93hI2evjDtWzXTQG3O6g29NJekOrk1lHCQWHXmKhMAprVUZGyfSCRDONY9mVGxq%2FFtp%2FWHRNAul5Lyp1UDYct3vT4AlqdsskBRcXVdGIS3h9JwaA8Wog7d1ALmOsEhzO0pM6SEv9giypVEqfZYCdmaxqdvLeKyXLkE2aPFDpQS3Yx3dG%2BmSum%2FPlIPjiBDH%2Fd%2F9P8W9uI1tjAd9BoV9ivBk3y7vr%2Fgzrx%2BP9IsXdR2vH7QJxu2e70ndoZJEjpJTiM95unSq3%2Br5C%2BfkNyVe928LA8543dwCVcAxMjTHxT%2FdSxmZSktkGmeVmPSaPWQ4e5eZfVesT9FWamxLPkjsT53%2ByUuggdZCe9vf6e3SbZ4dlIIvPFcyc1FGUYWpgaPhcTuZG5NHNnjXBZLfcM4vcTOvu8117o1UNfqZkPK%2FyceBTi7UTpIMf0V2DCf0nhxM9x%2BDXDDA1ekCwP%2FUt7R%2BYDO6ui%2Bj2hNAgEbQxAjEAfxlnQXCobN%2FoXS9DbvXSRsr2LGqUGfA5a02EQY0AvDlcdEcqM0SlYBm%2BdHed%2BSFhH%2FMG%2FDXMMscqO1MPlHgVG9%2Bxn0G0xdG76XRNZAN6%2FClCgnNXBHQCuXOiVt5KV6ivJJdbFVgvZS57xLqSpb8s8HgFsqFysvTk8yfUupnRbp6x7wN%2BrmZZ5umcvLsWygpGTqZ7oOXmm1%2BTHggTdGjSLgYVj6k68xck83QBJUjuGkf6PFSZUl3CV4V%2FDngL70%2FgRNaxRxMiOb5at6qv%2F3ceK4k5xz8g7cGPd1pRHj2Hyc%2FwBRpcEIHu%2FzrrMmlbx%2Fz8RFb1bRV6TOft47TT7zZOyiwnHSBV8IRk9aFZrjNL7bn2xu913Kiyv1AJqF%2Fg0%2F%2FvmT40uBdTZq7KjQNZpo3oRM8Bg23SMQ2pNd3GolS2XGIewwttzVoMHlT7JlWNwWWVJA%2FyKKhEgl1fmjUHNSDtnbH3u1VixCAp9zTNQdQbZ0942V0QUcNgex0VZvmlU4CLbNn0htgWSsVHLvI89O26E%2BPjCn6u1irQ6vtq7ijM0ib7xSUaEe%2F5Cf6WLg%2FLEU9o%2BQT1C0qWoUfq%2B0KWM3qecqsVbIhaZupl2fNjbajc%2FmKw6u2267HWJWOIXoBww7W1yBdn2OJWfFz1SmMIvsb%2FrHvTjIGj7m7nUTsgJjs%2Bj92k3xegoOtoVWGghU9FbkTq%2FiTKK1ADBg%2BFxNJRtxlRB2VGB59URMGwJAOoIWVKyZSZ1rSi7P652317UtHoLtmS0%2FcgjTGRXftCBsfF498tZ%2F%2Fk7aDCC6m1w0XxVPTZ3ir92%2Fv8DqsBjazNGvB6Fs%2FVsZ4hzEMFfUuW2cp4wrnkkJklooKr67wtmnklJI1Ray%2FOl23AMorUWvra2w5LxnCG5RcDQFXGDv0%2FOx8u0tQ5ikQSapE8s6pmS575GZB3YrXCnUw9e4MlUlMOHHLQUC2bYPmVCbTbCzW7dvb%2FgHHOyr1FvFjNQabxnfUouNUkAusxqz9h%2BV6vNdvmnaY1OaJTkQNWWO4VkFqT5CWuC%2FqlxKE4utiKsJst3SBmJsPJKROyf%2B5oWuLNz58vqA7eXyp%2BbealtYHB5yuQVpbAWurgJdaNxIkZXp8fyPO6Vp68cwkxAZpVanIQaGMG54Bu4JrFJGkWtvRsLL%2FS8ZOJyWGLGQ1JpEGU1TQ16pTEhWn3ja%2FsntZBJRSQyWWHncC0OQUuuCbgdk4FckP%2BBYXJOxbx%2FbzV2Uji4S3ejFqF3Wcn5KoonvDvxszp9JVWRwVYj1TDwR8kEYqrn4ywSJiP7bJIoRc0A7BNNEtc2gmlA12V66OLiFizkCCD1Okcjq3yBlQPEAtFKtcYNc4FYrDuKGZlqJbqGXsjBagk3pk8tE4g%2BQcvUblwXcS053ObvIzx9NlHFsgPmoptZ2mwvLq9NJ9O8Ig%3D&redirectType=js&inIframe=false&inPopUp=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.139.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7814e71106e0ad02387698dd0d8cf1f9be17eea0335ebc76d44e8b687d485f0e

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://secured.capitalonetrustfund.com/page/bouncy.php?&bpae=GbhGcL%2FGwlZ9jvPWFcLTAeWv%2BlOuKf8CjBTzslBtNdqI2DwnyKiKZ8jwxGmoobp%2FtbHFW6GjlOmqvr9zL6t3YZ2X3IJGMdHjQZDmxA%2F9hdkH9xRQNy2x5BbCpngRGob%2FUn8MWHwuH5DET1Bx0ySLv2fO4Q2oCfvQEHilizC3enb2hfsJ%2BOeWHfGQ%2Fvcc8LZFEGA5aKYYjp6JVLbQUrjqYy62SbLEYEsF93hI2evjDtWzXTQG3O6g29NJekOrk1lHCQWHXmKhMAprVUZGyfSCRDONY9mVGxq%2FFtp%2FWHRNAul5Lyp1UDYct3vT4AlqdsskBRcXVdGIS3h9JwaA8Wog7d1ALmOsEhzO0pM6SEv9giypVEqfZYCdmaxqdvLeKyXLkE2aPFDpQS3Yx3dG%2BmSum%2FPlIPjiBDH%2Fd%2F9P8W9uI1tjAd9BoV9ivBk3y7vr%2Fgzrx%2BP9IsXdR2vH7QJxu2e70ndoZJEjpJTiM95unSq3%2Br5C%2BfkNyVe928LA8543dwCVcAxMjTHxT%2FdSxmZSktkGmeVmPSaPWQ4e5eZfVesT9FWamxLPkjsT53%2ByUuggdZCe9vf6e3SbZ4dlIIvPFcyc1FGUYWpgaPhcTuZG5NHNnjXBZLfcM4vcTOvu8117o1UNfqZkPK%2FyceBTi7UTpIMf0V2DCf0nhxM9x%2BDXDDA1ekCwP%2FUt7R%2BYDO6ui%2Bj2hNAgEbQxAjEAfxlnQXCobN%2FoXS9DbvXSRsr2LGqUGfA5a02EQY0AvDlcdEcqM0SlYBm%2BdHed%2BSFhH%2FMG%2FDXMMscqO1MPlHgVG9%2Bxn0G0xdG76XRNZAN6%2FClCgnNXBHQCuXOiVt5KV6ivJJdbFVgvZS57xLqSpb8s8HgFsqFysvTk8yfUupnRbp6x7wN%2BrmZZ5umcvLsWygpGTqZ7oOXmm1%2BTHggTdGjSLgYVj6k68xck83QBJUjuGkf6PFSZUl3CV4V%2FDngL70%2FgRNaxRxMiOb5at6qv%2F3ceK4k5xz8g7cGPd1pRHj2Hyc%2FwBRpcEIHu%2FzrrMmlbx%2Fz8RFb1bRV6TOft47TT7zZOyiwnHSBV8IRk9aFZrjNL7bn2xu913Kiyv1AJqF%2Fg0%2F%2FvmT40uBdTZq7KjQNZpo3oRM8Bg23SMQ2pNd3GolS2XGIewwttzVoMHlT7JlWNwWWVJA%2FyKKhEgl1fmjUHNSDtnbH3u1VixCAp9zTNQdQbZ0942V0QUcNgex0VZvmlU4CLbNn0htgWSsVHLvI89O26E%2BPjCn6u1irQ6vtq7ijM0ib7xSUaEe%2F5Cf6WLg%2FLEU9o%2BQT1C0qWoUfq%2B0KWM3qecqsVbIhaZupl2fNjbajc%2FmKw6u2267HWJWOIXoBww7W1yBdn2OJWfFz1SmMIvsb%2FrHvTjIGj7m7nUTsgJjs%2Bj92k3xegoOtoVWGghU9FbkTq%2FiTKK1ADBg%2BFxNJRtxlRB2VGB59URMGwJAOoIWVKyZSZ1rSi7P652317UtHoLtmS0%2FcgjTGRXftCBsfF498tZ%2F%2Fk7aDCC6m1w0XxVPTZ3ir92%2Fv8DqsBjazNGvB6Fs%2FVsZ4hzEMFfUuW2cp4wrnkkJklooKr67wtmnklJI1Ray%2FOl23AMorUWvra2w5LxnCG5RcDQFXGDv0%2FOx8u0tQ5ikQSapE8s6pmS575GZB3YrXCnUw9e4MlUlMOHHLQUC2bYPmVCbTbCzW7dvb%2FgHHOyr1FvFjNQabxnfUouNUkAusxqz9h%2BV6vNdvmnaY1OaJTkQNWWO4VkFqT5CWuC%2FqlxKE4utiKsJst3SBmJsPJKROyf%2B5oWuLNz58vqA7eXyp%2BbealtYHB5yuQVpbAWurgJdaNxIkZXp8fyPO6Vp68cwkxAZpVanIQaGMG54Bu4JrFJGkWtvRsLL%2FS8ZOJyWGLGQ1JpEGU1TQ16pTEhWn3ja%2FsntZBJRSQyWWHncC0OQUuuCbgdk4FckP%2BBYXJOxbx%2FbzV2Uji4S3ejFqF3Wcn5KoonvDvxszp9JVWRwVYj1TDwR8kEYqrn4ywSJiP7bJIoRc0A7BNNEtc2gmlA12V66OLiFizkCCD1Okcjq3yBlQPEAtFKtcYNc4FYrDuKGZlqJbqGXsjBagk3pk8tE4g%2BQcvUblwXcS053ObvIzx9NlHFsgPmoptZ2mwvLq9NJ9O8Ig%3D&redirectType=js&inIframe=false&inPopUp=false

Response headers

date: Tue, 02 Nov 2021 09:04:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: ALLOWALL
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, Authorization
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch4ms7BEmZ6CajEEnmzBW7yInub0ijIArvBFw7tjlPy%2BmJKgXiQAc6BNxNwZKBAkdyb7QDiagqgysk%2Bxy%2B%2Bnrp3BfywUEZpZ%2BLN6Xsptbrn0tMu2%2Brh1GloTcQN64ZdbUjwqu1AT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a7c32ba7df6598f-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Tue, 02 Nov 2021 09:04:55 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://lp2s.cyber-guard.me/?&utm_campaign=00605_test-best&cep=B18UQ2jvg8Kgam9948qZL7qMYyclhPNYPgNbVLwTmmBU4ifjYOJE6lJBAH6tUQ7RJRRjvn-saTnKuwxLo15b-B_2FpV6kbxswbIUZ4szrsEe-okkMFA3_uNxbhLVykPOZn62XKVWZ8yJiO_MWf0C0fuyT2EX0VZCtk8Ma4Enadwu5E4VN4mFiNc-55E5VE7fEJd6d682Xpt0HNK0Ty2xP1gGIqwnMGSJrDXGEZHl0UyqBYeOUMlFPknpJbi6phP9Ol68yeWwkqa1vrYxtod3rtuRcZj_kM9BIwhqmlT8L-y-BL0cx0-KdH01HNe2EkGaxYiyITno6BQ-SGG_j8nGdJofxrSAxCNRJC-P5EUQLznlZdJtECKYFuouVE_uq4R2EcRfY6_7EyNEQSZ6TXCerko45_t6M57T13JCOdLA9n1m5u4Rhd1Mfaw00CyufvxwdyHLQobfVk-_irBrVDVw6n25CF0QpRC5Br-R3aJbwSJMEcm0WTVsVXykqLORy14WlfK9DFfRMGmZhskaFbXPUr3ppRvZRhImNl5S_HLDq72m67-zXKp_JpvnKUUyAwo3PGcRbhtwf1S-NeN1fiOP0w&lptoken=16db3563845d56319524&keyword=capitalonetrustfund.com&geo=DE&campaignname=00605&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440099173&bid=0.0051&clickid=87463541535
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyRb9aY5gqikWPKiPoLDT2C1n2ZMAzKGaj3UnUOM9bScV%2FgNLG02F1GpCEC3Ghi%2Btk0dh%2FajQcICkGe0odCTYYz9fx10S6T4J1lapQLos3TRf4hTaPbSJhTeaO4XAWIlyFiwFi5VR%2FWnsw6Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a7c32b9bf8cf9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 39ms
16ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600&display=swap

Requested by

Host: lp2s.cyber-guard.me
URL: https://lp2s.cyber-guard.me/?&utm_campaign=00605_test-best&cep=B18UQ2jvg8Kgam9948qZL7qMYyclhPNYPgNbVLwTmmBU4ifjYOJE6lJBAH6tUQ7RJRRjvn-saTnKuwxLo15b-B_2FpV6kbxswbIUZ4szrsEe-okkMFA3_uNxbhLVykPOZn62XKVWZ8yJiO_MWf0C0fuyT2EX0VZCtk8Ma4Enadwu5E4VN4mFiNc-55E5VE7fEJd6d682Xpt0HNK0Ty2xP1gGIqwnMGSJrDXGEZHl0UyqBYeOUMlFPknpJbi6phP9Ol68yeWwkqa1vrYxtod3rtuRcZj_kM9BIwhqmlT8L-y-BL0cx0-KdH01HNe2EkGaxYiyITno6BQ-SGG_j8nGdJofxrSAxCNRJC-P5EUQLznlZdJtECKYFuouVE_uq4R2EcRfY6_7EyNEQSZ6TXCerko45_t6M57T13JCOdLA9n1m5u4Rhd1Mfaw00CyufvxwdyHLQobfVk-_irBrVDVw6n25CF0QpRC5Br-R3aJbwSJMEcm0WTVsVXykqLORy14WlfK9DFfRMGmZhskaFbXPUr3ppRvZRhImNl5S_HLDq72m67-zXKp_JpvnKUUyAwo3PGcRbhtwf1S-NeN1fiOP0w&lptoken=16db3563845d56319524&keyword=capitalonetrustfund.com&geo=DE&campaignname=00605&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440099173&bid=0.0051&clickid=87463541535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

6a03510d8cf10d576f2b661c520f9c0cab7ef3ab2af4e88e79d92cf70847fc71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp2s.cyber-guard.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 09:03:57 GMT
server: ESF
date: Tue, 02 Nov 2021 09:04:55 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 02 Nov 2021 09:04:55 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ad31ec47d41a732612e74c59b019694f40183b5a60cc67991191056a3b21a1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cd0255036c9c3e2ae2b945e69dfd2f6a7084f1b5452ecd70fe80afa1f99a45d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4620c82395af51e527d1498de22d6bb86785e00487a1134d9a57853ad2e5934b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 email-decode.min.js Show response
lp2s.cyber-guard.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 17ms
16ms Script
application/javascript 172.67.139.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp2s.cyber-guard.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.139.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp2s.cyber-guard.me/?&utm_campaign=00605_test-best&cep=B18UQ2jvg8Kgam9948qZL7qMYyclhPNYPgNbVLwTmmBU4ifjYOJE6lJBAH6tUQ7RJRRjvn-saTnKuwxLo15b-B_2FpV6kbxswbIUZ4szrsEe-okkMFA3_uNxbhLVykPOZn62XKVWZ8yJiO_MWf0C0fuyT2EX0VZCtk8Ma4Enadwu5E4VN4mFiNc-55E5VE7fEJd6d682Xpt0HNK0Ty2xP1gGIqwnMGSJrDXGEZHl0UyqBYeOUMlFPknpJbi6phP9Ol68yeWwkqa1vrYxtod3rtuRcZj_kM9BIwhqmlT8L-y-BL0cx0-KdH01HNe2EkGaxYiyITno6BQ-SGG_j8nGdJofxrSAxCNRJC-P5EUQLznlZdJtECKYFuouVE_uq4R2EcRfY6_7EyNEQSZ6TXCerko45_t6M57T13JCOdLA9n1m5u4Rhd1Mfaw00CyufvxwdyHLQobfVk-_irBrVDVw6n25CF0QpRC5Br-R3aJbwSJMEcm0WTVsVXykqLORy14WlfK9DFfRMGmZhskaFbXPUr3ppRvZRhImNl5S_HLDq72m67-zXKp_JpvnKUUyAwo3PGcRbhtwf1S-NeN1fiOP0w&lptoken=16db3563845d56319524&keyword=capitalonetrustfund.com&geo=DE&campaignname=00605&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440099173&bid=0.0051&clickid=87463541535
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 09:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 12:26:29 GMT
server: cloudflare
etag: W/"616eb975-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6rVJ9HqxLWIdSw15Aj6eYHPdmLXkVZhV%2Fe%2BzwZZoatoiqn7aRr0Y5PMqyhQXxi1%2FwLn0mXk%2BwDByQ8pZU8ZeZV5sEr3%2FyWLFSTMo%2Btp6%2FSfir%2BUglR7LOP4nDK9hGhJkGy44kyy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a7c32bafef4598f-AMS
vary: Accept-Encoding
expires: Thu, 04 Nov 2021 09:04:55 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4093ffd2e0e95b1a431f70a76d2fdb75cc7347edde4ff38309c8c55ef04d692d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 29ms
6ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp2s.cyber-guard.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 42778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 21:11:57 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mybetterdl.com/	1970-01-20 02:43:15	Name: rhid Value: 80019340615
.mybetterdl.com/	1970-01-19 22:24:07	Name: loi Value: ad_1118671_off_563690_aff_8203_cid_237996-CAPITALONETRUSTFUND.COM_ts_1635843895
.track.sparta-tracking.xyz/	1970-01-19 22:25:30	Name: 979bbb61-d36f-4f9a-9759-0b545201ea60-v4 Value: GHJec70Ms6z7zCzMIsdHqdeqh7FAYy1kNd35GMmQi9o
.track.sparta-tracking.xyz/	1970-01-19 22:25:30	Name: cep-v4 Value: QYqIUG7r58ZWWnB_kmuWFGibjHMEJPj4CyL3cSHoMV3GBMrCmNOXZ7UQJE1myuhN4fPODuRVwceFr6HbLhL0grveB1kG6AOkbLvKdIqK0DPsK6BFfJTUbHMdw68_vtSd9chP_C7x4pUcEXr5KPPrpU9RujL6qMYAsVS6PUl0nN1ONCBNzpaXQQDfkbVWhzggUQcLAETFm0rhATdGi_8cQ9yMKTYPQKx83Cji_sfPzpt4mGBonbjZQk0Yjh_FeWsv4UQPxf88_PmAlSXUPqB1KmqWSl7873uNkOrcbH-O69WqZfKKvNO4IF9DRY5voqn5F127Ltv2KTxL65GGlvhVCoS3Ht6tQ1-YA4RmTn1HWNcMiCv3VQh_X7fFOvaXvBVbXhKOpDF3L3RWTt1ZuAnvq42bnPfrF9o4LBQu2qWeYcLi2WAa5UbfRVlyNyeUnp82ER-aohUo_bJEFbDLCEMa1J07Rhlxpj6WGO6p02hdJ_BctbxM38n4qhPgWHYy7ACoQOwluzw-lk7eMnv8pGBHcZ1up43nAokkRJA0JZUAWK2kKbNs7aknQbI-tSBhhPaXbUhZRmeM_mw04Djd57qk1A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
lp2s.cyber-guard.me
mybetterdl.com
p237996.mybetterdl.com
secured.capitalonetrustfund.com
track.sparta-tracking.xyz
104.21.37.59
142.250.184.234
142.250.186.35
172.67.139.127
173.192.101.24
72.52.178.23
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2fa54ef954b8547f9b81cd42a5ef27e62500565ecbec0b11285853a3e3142c97
4093ffd2e0e95b1a431f70a76d2fdb75cc7347edde4ff38309c8c55ef04d692d
4620c82395af51e527d1498de22d6bb86785e00487a1134d9a57853ad2e5934b
6a03510d8cf10d576f2b661c520f9c0cab7ef3ab2af4e88e79d92cf70847fc71
7814e71106e0ad02387698dd0d8cf1f9be17eea0335ebc76d44e8b687d485f0e
7cd0255036c9c3e2ae2b945e69dfd2f6a7084f1b5452ecd70fe80afa1f99a45d
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8ad31ec47d41a732612e74c59b019694f40183b5a60cc67991191056a3b21a1c

lp2s.cyber-guard.me Open in urlscan Pro 172.67.139.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

6 Requests

67 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

5 IPs

2 Countries

86 kBTransfer

173 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

4 Cookies

Indicators

lp2s.cyber-guard.me Open in urlscan Pro
172.67.139.127 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

67 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

86 kB
Transfer

173 kB
Size

4
Cookies

6 HTTP transactions
4 data transactions