![](/screenshots/ce1ffdc7-06e1-449f-b3ba-ecd49705f3ce.png)
lp3s.cyber-guard.me
Open in
urlscan Pro
2606:4700:3032::6815:1ae4
Public Scan
Effective URL: https://lp3s.cyber-guard.me/?&utm_campaign=00687_test-best&cep=AKHOXAnTmTQn_fv4BdTLEyjboS8xvzTZolrGRBmZBlhLZqx7Lvkf8frFs_cZr...
Submission: On January 09 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on November 20th 2021. Valid for: 3 months.
This is the only time lp3s.cyber-guard.me was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 4 | 64.190.62.111 64.190.62.111 | 47846 (SEDO-AS) (SEDO-AS) | |
1 | 205.234.175.175 205.234.175.175 | 23352 (SERVERCEN...) (SERVERCENTRAL) | |
1 1 | 173.239.53.32 173.239.53.32 | 36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL) | |
2 2 | 2606:4700:303... 2606:4700:3035::6815:253b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3032::6815:1ae4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 5 |
ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
cpitalone.com
2 redirects
citrix.cloud.cpitalone.com |
3 KB |
2 |
cyber-guard.me
lp3s.cyber-guard.me |
30 KB |
2 |
sparta-tracking.xyz
2 redirects
track.sparta-tracking.xyz — Cisco Umbrella Rank: 478698 |
3 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2146 |
22 KB |
1 |
sedodna.com
1 redirects
xml.sedodna.com — Cisco Umbrella Rank: 288337 |
418 B |
1 |
sedoparking.com
img.sedoparking.com — Cisco Umbrella Rank: 52101 |
5 KB |
6 | 6 |
Domain | Requested by | |
---|---|---|
4 | citrix.cloud.cpitalone.com |
2 redirects
citrix.cloud.cpitalone.com
|
2 | lp3s.cyber-guard.me |
citrix.cloud.cpitalone.com
lp3s.cyber-guard.me |
2 | track.sparta-tracking.xyz | 2 redirects |
1 | stackpath.bootstrapcdn.com |
lp3s.cyber-guard.me
|
1 | xml.sedodna.com | 1 redirects |
1 | img.sedoparking.com |
citrix.cloud.cpitalone.com
|
6 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.cyber-guard.me R3 |
2021-11-20 - 2022-02-18 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-03-01 - 2022-02-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://lp3s.cyber-guard.me/?&utm_campaign=00687_test-best&cep=AKHOXAnTmTQn_fv4BdTLEyjboS8xvzTZolrGRBmZBlhLZqx7Lvkf8frFs_cZr9sDGYaAqPZAtMpmMxNwUaJVqu9iELOwLjTHMcfofpKq_H4zF08wJV9lURAuy1LdOjHubjJBpNWFNkghfRs7caLwoK2_JDaoy0FoOjJASzeYnc-kBsLX9RLtnUwiBqqKAN4DhkeJpMPauwBui64PuNCaMBqu2mv_n40h4ODg58GB8QUSMBEn16qKOBXg0Ilyv7QkQIyIK62kKWjCDFbHAV7o8gksLNHoBRew9QXzOZ-oZvgfuVPLh5Jh0TW67fqvP9UaN_frfBd3YKs58px2mbeSuc-EkeMpG_NO_b0j2JgX8kIvcu8WI04FlEFcr3pottTc-lV1xC3fPjF8gFJ2st-OsVO8Wac1mI9oGzYHGNQNqUoKDMq5xrzhFOCX-eMXhA2owHO6HoZXwjW2liLVT0L8qerLQ0Nscamp1jHYY0pfnsz31CKkDNKLlb3drwJPoS66i3LNs0W6yiFC5rhSbcoIRHmqAipdHVCcGaJw-4hA23yL4c3N0IuEI0wHxrtLTrJBlAer8g8R8NsOvw5wB_5XtskmwukCMf_0QFTVXVBG7h8&lptoken=167741c36895918f086b&pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keyword=*&campaign_id=773006&state=&ip=217.64.151.8&banner=5259938&bid=0.001&conversion=ZRakH6fZ87M
Frame ID: B61C2FEDAD70F61FD5CBC5470062F4D2
Requests: 9 HTTP requests in this frame
Screenshot
![](/screenshots/ce1ffdc7-06e1-449f-b3ba-ecd49705f3ce.png)
Page Title
Cyber GuardPage URL History Show full URLs
- http://citrix.cloud.cpitalone.com/ Page URL
-
http://citrix.cloud.cpitalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ddjh%2Af384p...
HTTP 302
http://citrix.cloud.cpitalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ddjh%2Af384p... HTTP 302
http://xml.sedodna.com/click?i=djh*f384p5g_0 HTTP 302
http://track.sparta-tracking.xyz/9abff502-1365-4276-8031-5839a561be8d?pubfeed=95356&subid=240934_270055&sourc... HTTP 301
https://track.sparta-tracking.xyz/9abff502-1365-4276-8031-5839a561be8d?pubfeed=95356&subid=240934_270055&sourc... HTTP 302
https://lp3s.cyber-guard.me/?&utm_campaign=00687_test-best&cep=AKHOXAnTmTQn_fv4BdTLEyjboS8xvzTZolrGRBmZB... Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://citrix.cloud.cpitalone.com/ Page URL
-
http://citrix.cloud.cpitalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ddjh%2Af384p5g_0&v=MzIxMmVhYjNjM2ExNzBiZjUzYWE4YTNjYjZmZjhlZjEJMQljaXRyaXguY2xvdWQuY3BpdGFsb25lLmNvbTYxZGEyOTBiMjlkMDI3LjQwMDc0MTIwCWNpdHJpeC5jbG91ZC5jcGl0YWxvbmUuY29tNjFkYTI5MGIyOWQzMDQuMDkyMTg4MTAJMTY0MTY4NzMwOAlhZF82M18w&l=OAk1ODEzODc1ZDY0OTkzMzZjZjRlMjVhOTQ2NTU0NWFmNAkwCTMJMAkzYzJjMzJiZjdhOTYzZmZhNDU2MDBlZWM1OGZhOTJmMQkzNjM3ODQzNDQJY3BpdGFsb25lCTAJNjMJNDcJNzcJMTY0MTY4NzMwOAkwLjAwMDY5CU4JMAkxCTgzMAkxMjA1CTM1MTE4NjI4MwkyMTcuNjQuMTUxLjgJMA%3D%3D
HTTP 302
http://citrix.cloud.cpitalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ddjh%2Af384p5g_0&v=MzIxMmVhYjNjM2ExNzBiZjUzYWE4YTNjYjZmZjhlZjEJMQljaXRyaXguY2xvdWQuY3BpdGFsb25lLmNvbTYxZGEyOTBiMjlkMDI3LjQwMDc0MTIwCWNpdHJpeC5jbG91ZC5jcGl0YWxvbmUuY29tNjFkYTI5MGIyOWQzMDQuMDkyMTg4MTAJMTY0MTY4NzMwOAlhZF82M18w&l=OAk1ODEzODc1ZDY0OTkzMzZjZjRlMjVhOTQ2NTU0NWFmNAkwCTMJMAkzYzJjMzJiZjdhOTYzZmZhNDU2MDBlZWM1OGZhOTJmMQkzNjM3ODQzNDQJY3BpdGFsb25lCTAJNjMJNDcJNzcJMTY0MTY4NzMwOAkwLjAwMDY5CU4JMAkxCTgzMAkxMjA1CTM1MTE4NjI4MwkyMTcuNjQuMTUxLjgJMA%3D%3D HTTP 302
http://xml.sedodna.com/click?i=djh*f384p5g_0 HTTP 302
http://track.sparta-tracking.xyz/9abff502-1365-4276-8031-5839a561be8d?pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keyword=*&campaign_id=773006&state=&ip=217.64.151.8&banner=5259938&bid=0.001&conversion=ZRakH6fZ87M HTTP 301
https://track.sparta-tracking.xyz/9abff502-1365-4276-8031-5839a561be8d?pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keyword=*&campaign_id=773006&state=&ip=217.64.151.8&banner=5259938&bid=0.001&conversion=ZRakH6fZ87M HTTP 302
https://lp3s.cyber-guard.me/?&utm_campaign=00687_test-best&cep=AKHOXAnTmTQn_fv4BdTLEyjboS8xvzTZolrGRBmZBlhLZqx7Lvkf8frFs_cZr9sDGYaAqPZAtMpmMxNwUaJVqu9iELOwLjTHMcfofpKq_H4zF08wJV9lURAuy1LdOjHubjJBpNWFNkghfRs7caLwoK2_JDaoy0FoOjJASzeYnc-kBsLX9RLtnUwiBqqKAN4DhkeJpMPauwBui64PuNCaMBqu2mv_n40h4ODg58GB8QUSMBEn16qKOBXg0Ilyv7QkQIyIK62kKWjCDFbHAV7o8gksLNHoBRew9QXzOZ-oZvgfuVPLh5Jh0TW67fqvP9UaN_frfBd3YKs58px2mbeSuc-EkeMpG_NO_b0j2JgX8kIvcu8WI04FlEFcr3pottTc-lV1xC3fPjF8gFJ2st-OsVO8Wac1mI9oGzYHGNQNqUoKDMq5xrzhFOCX-eMXhA2owHO6HoZXwjW2liLVT0L8qerLQ0Nscamp1jHYY0pfnsz31CKkDNKLlb3drwJPoS66i3LNs0W6yiFC5rhSbcoIRHmqAipdHVCcGaJw-4hA23yL4c3N0IuEI0wHxrtLTrJBlAer8g8R8NsOvw5wB_5XtskmwukCMf_0QFTVXVBG7h8&lptoken=167741c36895918f086b&pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keyword=*&campaign_id=773006&state=&ip=217.64.151.8&banner=5259938&bid=0.001&conversion=ZRakH6fZ87M Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
citrix.cloud.cpitalone.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_preloader.gif
img.sedoparking.com/images/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tsc.php
citrix.cloud.cpitalone.com/search/ |
0 175 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
lp3s.cyber-guard.me/ Redirect Chain
|
46 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ |
138 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
lp3s.cyber-guard.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
12 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
492 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onsecuritypolicyviolation object| onslotchange2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.track.sparta-tracking.xyz/ | Name: 9abff502-1365-4276-8031-5839a561be8d-v4 Value: vpPoSedCbaF5MWDolWcKR6CSqVsbVuOziHUSOqdMsgg |
|
.track.sparta-tracking.xyz/ | Name: cep-v4 Value: Bfp7T14C8iCwou9hnMIXRvfc1yqLH0B8LspsgaYy3XiM7ijXLUfXofHkK6zsu1uMNrMHi1l81sLyeDd-DVjS7dlNAh5Ex9rnJIgvOjj-4v10UIFIoqwY4-wroDcjnFfdGkTJVGrqN-eTD_cbEmUa3pui8E5m8u-RlnixMCwfw-1XEXHLh9C3vAhNh_AxyQtjdyY6CY_PrVI0ReZWuKVDcNWmj7mwI4mAmoYbk24JFUF16pO3o5I8sXqjCa8Nf6S0GKIEvbCwK4FZtAJWHHmLmQDdFPclR9ZpcOSqQzc5GoQ5agG2G9NpHG9C5JAS2N0TvZq6rjqkiMNFhfCEtKRJj70aXQBoqWwy0x5mLPj3tFFtmDEQQJJc_fPqIQlT-1kIzud-Sp13DHB7b56JMULqA_tK-vSKmIhCMMsKnM1-80hhxpQ4zDZh8ROLJHKFHIPziUFkmXsLf84Z1tVq8nlYJcT0k34GpE-jJoi_zjfrtnnyMrPYbHa_EKE2j-KjkCmEtT20vcNfkfgo6zY0OgkTFjztPtzqw72VlRKuBKSestU9g2PyfZUVBo53FC3LVs_C6Ro_TLZIB5-5lU7PzX-oo-k4f5JLrHY2RFlbBcOfh5M |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
citrix.cloud.cpitalone.com
img.sedoparking.com
lp3s.cyber-guard.me
stackpath.bootstrapcdn.com
track.sparta-tracking.xyz
xml.sedodna.com
173.239.53.32
205.234.175.175
2606:4700:3032::6815:1ae4
2606:4700:3035::6815:253b
2606:4700::6812:acf
64.190.62.111
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
32cbabcc9e41fa2129708a6001ab15a55a0a6a97b1880691666fa45ef13edac4
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
a6a5275ab6871be6a5e3ef7e0c840d8b7f4ce6258807251b887ca3432a2338e8
af62d4d5b3c78b221cdf4ce81f7dcebf4e673c913fc39c78e51042696f7539e1
d3c217d1f0c67f0dcf30dee0b0196f0560e58df7b7eb18e838783c7e72a3bc18