lp3s.cyber-guard.me Open in urlscan Pro
2606:4700:3032::6815:1ae4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://citrix.cloud.cpitalone.com/
Effective URL:
https://lp3s.cyber-guard.me/?&utm_campaign=00687_test-best&cep=AKHOXAnTmTQn_fv4BdTLEyjboS8xvzTZolrGRBmZBlhLZqx7Lvkf8frFs_cZr...
Submission: On January 09 via api (January 9th 2022, 12:15:12 am UTC) from US — Scanned from DE

Summary HTTP 6 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3032::6815:1ae4, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp3s.cyber-guard.me.
TLS certificate: Issued by R3 on November 20th 2021. Valid for: 3 months.

This is the only time lp3s.cyber-guard.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	64.190.62.111 64.190.62.111	47846 (SEDO-AS) (SEDO-AS)
1	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	173.239.53.32 173.239.53.32	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2 2	2606:4700:303... 2606:4700:3035::6815:253b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::6815:1ae4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	5

4 64.190.62.111 (Germany) 2 redirects

ASN47846 (SEDO-AS, DE)

citrix.cloud.cpitalone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (United States) 1 redirects

ASN36057 (WEBAIR-INTERNET-MTL, US)

xml.sedodna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:253b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

track.sparta-tracking.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:1ae4 (United States)

ASN13335 (CLOUDFLARENET, US)

lp3s.cyber-guard.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	cpitalone.com 2 redirects citrix.cloud.cpitalone.com	3 KB
2	cyber-guard.me lp3s.cyber-guard.me	30 KB
2	sparta-tracking.xyz 2 redirects track.sparta-tracking.xyz — Cisco Umbrella Rank: 478698	3 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2146	22 KB
1	sedodna.com 1 redirects xml.sedodna.com — Cisco Umbrella Rank: 288337	418 B
1	sedoparking.com img.sedoparking.com — Cisco Umbrella Rank: 52101	5 KB
6	6

	Domain	Requested by
4	citrix.cloud.cpitalone.com	2 redirects citrix.cloud.cpitalone.com
2	lp3s.cyber-guard.me	citrix.cloud.cpitalone.com lp3s.cyber-guard.me
2	track.sparta-tracking.xyz	2 redirects
1	stackpath.bootstrapcdn.com	lp3s.cyber-guard.me
1	xml.sedodna.com	1 redirects
1	img.sedoparking.com	citrix.cloud.cpitalone.com
6	6

This site contains no links.

Subject Issuer	Validity	Valid
*.cyber-guard.me R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://lp3s.cyber-guard.me/?&utm_campaign=00687_test-best&cep=AKHOXAnTmTQn_fv4BdTLEyjboS8xvzTZolrGRBmZBlhLZqx7Lvkf8frFs_cZr9sDGYaAqPZAtMpmMxNwUaJVqu9iELOwLjTHMcfofpKq_H4zF08wJV9lURAuy1LdOjHubjJBpNWFNkghfRs7caLwoK2_JDaoy0FoOjJASzeYnc-kBsLX9RLtnUwiBqqKAN4DhkeJpMPauwBui64PuNCaMBqu2mv_n40h4ODg58GB8QUSMBEn16qKOBXg0Ilyv7QkQIyIK62kKWjCDFbHAV7o8gksLNHoBRew9QXzOZ-oZvgfuVPLh5Jh0TW67fqvP9UaN_frfBd3YKs58px2mbeSuc-EkeMpG_NO_b0j2JgX8kIvcu8WI04FlEFcr3pottTc-lV1xC3fPjF8gFJ2st-OsVO8Wac1mI9oGzYHGNQNqUoKDMq5xrzhFOCX-eMXhA2owHO6HoZXwjW2liLVT0L8qerLQ0Nscamp1jHYY0pfnsz31CKkDNKLlb3drwJPoS66i3LNs0W6yiFC5rhSbcoIRHmqAipdHVCcGaJw-4hA23yL4c3N0IuEI0wHxrtLTrJBlAer8g8R8NsOvw5wB_5XtskmwukCMf_0QFTVXVBG7h8&lptoken=167741c36895918f086b&pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keyword=*&campaign_id=773006&state=&ip=217.64.151.8&banner=5259938&bid=0.001&conversion=ZRakH6fZ87M
Frame ID: B61C2FEDAD70F61FD5CBC5470062F4D2
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyber Guard

Page URL History Show full URLs

http://citrix.cloud.cpitalone.com/ Page URL
http://citrix.cloud.cpitalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ddjh%2Af384p... HTTP 302
http://citrix.cloud.cpitalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ddjh%2Af384p... HTTP 302
http://xml.sedodna.com/click?i=djh*f384p5g_0 HTTP 302
http://track.sparta-tracking.xyz/9abff502-1365-4276-8031-5839a561be8d?pubfeed=95356&subid=240934_270055&sourc... HTTP 301
https://track.sparta-tracking.xyz/9abff502-1365-4276-8031-5839a561be8d?pubfeed=95356&subid=240934_270055&sourc... HTTP 302
https://lp3s.cyber-guard.me/?&utm_campaign=00687_test-best&cep=AKHOXAnTmTQn_fv4BdTLEyjboS8xvzTZolrGRBmZB... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

6
Requests

50 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

59 kB
Transfer

207 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://citrix.cloud.cpitalone.com/ Page URL
http://citrix.cloud.cpitalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ddjh%2Af384p5g_0&v=MzIxMmVhYjNjM2ExNzBiZjUzYWE4YTNjYjZmZjhlZjEJMQljaXRyaXguY2xvdWQuY3BpdGFsb25lLmNvbTYxZGEyOTBiMjlkMDI3LjQwMDc0MTIwCWNpdHJpeC5jbG91ZC5jcGl0YWxvbmUuY29tNjFkYTI5MGIyOWQzMDQuMDkyMTg4MTAJMTY0MTY4NzMwOAlhZF82M18w&l=OAk1ODEzODc1ZDY0OTkzMzZjZjRlMjVhOTQ2NTU0NWFmNAkwCTMJMAkzYzJjMzJiZjdhOTYzZmZhNDU2MDBlZWM1OGZhOTJmMQkzNjM3ODQzNDQJY3BpdGFsb25lCTAJNjMJNDcJNzcJMTY0MTY4NzMwOAkwLjAwMDY5CU4JMAkxCTgzMAkxMjA1CTM1MTE4NjI4MwkyMTcuNjQuMTUxLjgJMA%3D%3D HTTP 302
http://citrix.cloud.cpitalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ddjh%2Af384p5g_0&v=MzIxMmVhYjNjM2ExNzBiZjUzYWE4YTNjYjZmZjhlZjEJMQljaXRyaXguY2xvdWQuY3BpdGFsb25lLmNvbTYxZGEyOTBiMjlkMDI3LjQwMDc0MTIwCWNpdHJpeC5jbG91ZC5jcGl0YWxvbmUuY29tNjFkYTI5MGIyOWQzMDQuMDkyMTg4MTAJMTY0MTY4NzMwOAlhZF82M18w&l=OAk1ODEzODc1ZDY0OTkzMzZjZjRlMjVhOTQ2NTU0NWFmNAkwCTMJMAkzYzJjMzJiZjdhOTYzZmZhNDU2MDBlZWM1OGZhOTJmMQkzNjM3ODQzNDQJY3BpdGFsb25lCTAJNjMJNDcJNzcJMTY0MTY4NzMwOAkwLjAwMDY5CU4JMAkxCTgzMAkxMjA1CTM1MTE4NjI4MwkyMTcuNjQuMTUxLjgJMA%3D%3D HTTP 302
http://xml.sedodna.com/click?i=djh*f384p5g_0 HTTP 302
http://track.sparta-tracking.xyz/9abff502-1365-4276-8031-5839a561be8d?pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keyword=*&campaign_id=773006&state=&ip=217.64.151.8&banner=5259938&bid=0.001&conversion=ZRakH6fZ87M HTTP 301
https://track.sparta-tracking.xyz/9abff502-1365-4276-8031-5839a561be8d?pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keyword=*&campaign_id=773006&state=&ip=217.64.151.8&banner=5259938&bid=0.001&conversion=ZRakH6fZ87M HTTP 302
https://lp3s.cyber-guard.me/?&utm_campaign=00687_test-best&cep=AKHOXAnTmTQn_fv4BdTLEyjboS8xvzTZolrGRBmZBlhLZqx7Lvkf8frFs_cZr9sDGYaAqPZAtMpmMxNwUaJVqu9iELOwLjTHMcfofpKq_H4zF08wJV9lURAuy1LdOjHubjJBpNWFNkghfRs7caLwoK2_JDaoy0FoOjJASzeYnc-kBsLX9RLtnUwiBqqKAN4DhkeJpMPauwBui64PuNCaMBqu2mv_n40h4ODg58GB8QUSMBEn16qKOBXg0Ilyv7QkQIyIK62kKWjCDFbHAV7o8gksLNHoBRew9QXzOZ-oZvgfuVPLh5Jh0TW67fqvP9UaN_frfBd3YKs58px2mbeSuc-EkeMpG_NO_b0j2JgX8kIvcu8WI04FlEFcr3pottTc-lV1xC3fPjF8gFJ2st-OsVO8Wac1mI9oGzYHGNQNqUoKDMq5xrzhFOCX-eMXhA2owHO6HoZXwjW2liLVT0L8qerLQ0Nscamp1jHYY0pfnsz31CKkDNKLlb3drwJPoS66i3LNs0W6yiFC5rhSbcoIRHmqAipdHVCcGaJw-4hA23yL4c3N0IuEI0wHxrtLTrJBlAer8g8R8NsOvw5wB_5XtskmwukCMf_0QFTVXVBG7h8&lptoken=167741c36895918f086b&pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keyword=*&campaign_id=773006&state=&ip=217.64.151.8&banner=5259938&bid=0.001&conversion=ZRakH6fZ87M Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
citrix.cloud.cpitalone.com/ 2 KB
2 KB 1047ms
1030ms Document
text/html 64.190.62.111
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.cloud.cpitalone.com/
Protocol: HTTP/1.1
Server: 64.190.62.111 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: NginX /
Resource Hash: a6a5275ab6871be6a5e3ef7e0c840d8b7f4ce6258807251b887ca3432a2338e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 09 Jan 2022 00:15:08 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_ya1sAHlyoo/27qcByEvckCnRhKNSa8SG/l2QWV8Slr+d5hBm3iw4X3akCT2T08T8VDR3k3WZpFl++i3XmByIHA==
last-modified: Sun, 09 Jan 2022 00:15:07 GMT
x-cache-miss-from: parking-78bc4f798d-ddl6d
server: NginX
content-encoding: gzip

GET
H/1.1 200
OK js_preloader.gif
img.sedoparking.com/images/ 4 KB
5 KB 50ms
25ms Image
image/gif 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.sedoparking.com/images/js_preloader.gif
Requested by: Host: citrix.cloud.cpitalone.com
URL: http://citrix.cloud.cpitalone.com/
Protocol: HTTP/1.1
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://citrix.cloud.cpitalone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 09 Jan 2022 00:15:08 GMT
X-CF3: H
CF4ttl: 31536000.000
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CF1: 11696:dB.waw1:cf:cacheN.waw1-01:D
Connection: keep-alive
Content-Length: 4254
x-cf-tsc: 1625580575
X-CF2: H
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
Server: CFS 0215
X-CFF: B
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
CF4Age: 14642946
Accept-Ranges: bytes
x-cf-rand: 35.632
Expires: Sun, 16 Jan 2022 00:15:08 GMT

GET
H/1.1 200
OK tsc.php
citrix.cloud.cpitalone.com/search/ 0
175 B 20ms
20ms XHR
text/html 64.190.62.111
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.cloud.cpitalone.com/search/tsc.php?200=MzYzNzg0MzQ0&21=MjE3LjY0LjE1MS44&681=MTY0MTY4NzMwODliZTkyMzFmYzM1ZGEzYTI5NWYyMmMyZTlhOWJiOGVi&crc=139826314c11a7189dcf98ae56cc3c9c19429f36&cv=1
Requested by: Host: citrix.cloud.cpitalone.com
URL: http://citrix.cloud.cpitalone.com/
Protocol: HTTP/1.1
Server: 64.190.62.111 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: NginX /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://citrix.cloud.cpitalone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 00:15:08 GMT
x-cache-miss-from: parking-78bc4f798d-76xls
server: NginX
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

Primary Request / Show response
lp3s.cyber-guard.me/
Redirect Chain

http://citrix.cloud.cpitalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ddjh%2Af384p5g_0&v=MzIxMmVhYjNjM2ExNzBiZjUzYWE4YTNjYjZmZjhlZjEJMQljaXRyaXguY2xvdWQuY3BpdGFsb25lLmNv...
http://citrix.cloud.cpitalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ddjh%2Af384p5g_0&v=MzIxMmVhYjNjM2ExNzBiZjUzYWE4YTNjYjZmZjhlZjEJMQljaXRyaXguY2xvdWQuY3BpdGFsb25lLmNv...
http://xml.sedodna.com/click?i=djh*f384p5g_0
http://track.sparta-tracking.xyz/9abff502-1365-4276-8031-5839a561be8d?pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keywor...
https://track.sparta-tracking.xyz/9abff502-1365-4276-8031-5839a561be8d?pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keywo...
https://lp3s.cyber-guard.me/?&utm_campaign=00687_test-best&cep=AKHOXAnTmTQn_fv4BdTLEyjboS8xvzTZolrGRBmZBlhLZqx7Lvkf8frFs_cZr9sDGYaAqPZAtMpmMxNwUaJVqu9iELOwLjTHMcfofpKq_H4zF08wJV9lURAuy1LdOjHubjJBpN...

46 KB
29 KB

144ms
88ms

Document
text/html

2606:4700:3032::6815:1ae4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp3s.cyber-guard.me/?&utm_campaign=00687_test-best&cep=AKHOXAnTmTQn_fv4BdTLEyjboS8xvzTZolrGRBmZBlhLZqx7Lvkf8frFs_cZr9sDGYaAqPZAtMpmMxNwUaJVqu9iELOwLjTHMcfofpKq_H4zF08wJV9lURAuy1LdOjHubjJBpNWFNkghfRs7caLwoK2_JDaoy0FoOjJASzeYnc-kBsLX9RLtnUwiBqqKAN4DhkeJpMPauwBui64PuNCaMBqu2mv_n40h4ODg58GB8QUSMBEn16qKOBXg0Ilyv7QkQIyIK62kKWjCDFbHAV7o8gksLNHoBRew9QXzOZ-oZvgfuVPLh5Jh0TW67fqvP9UaN_frfBd3YKs58px2mbeSuc-EkeMpG_NO_b0j2JgX8kIvcu8WI04FlEFcr3pottTc-lV1xC3fPjF8gFJ2st-OsVO8Wac1mI9oGzYHGNQNqUoKDMq5xrzhFOCX-eMXhA2owHO6HoZXwjW2liLVT0L8qerLQ0Nscamp1jHYY0pfnsz31CKkDNKLlb3drwJPoS66i3LNs0W6yiFC5rhSbcoIRHmqAipdHVCcGaJw-4hA23yL4c3N0IuEI0wHxrtLTrJBlAer8g8R8NsOvw5wB_5XtskmwukCMf_0QFTVXVBG7h8&lptoken=167741c36895918f086b&pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keyword=*&campaign_id=773006&state=&ip=217.64.151.8&banner=5259938&bid=0.001&conversion=ZRakH6fZ87M

Requested by

Host: citrix.cloud.cpitalone.com
URL: http://citrix.cloud.cpitalone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1ae4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3c217d1f0c67f0dcf30dee0b0196f0560e58df7b7eb18e838783c7e72a3bc18

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://citrix.cloud.cpitalone.com/

Response headers

date: Sun, 09 Jan 2022 00:15:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: ALLOWALL
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, Authorization
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7veSmIscUGzmy1EVhL3U3WJpFqtKs8jE7nHiQl8I5Q7uBXBczBYJAUYx6SImvNcoPeYaJ2GojGe0C2Jfe2ktUSd0Y2qMUqXxeaKeY72z6UXo4GWnah7Sk0G0XLPUFWLnkStmtIOCjB6B1lA52L%2FGbfR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ca9782f88625a19-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Sun, 09 Jan 2022 00:15:08 GMT
content-length: 0
location: https://lp3s.cyber-guard.me/?&utm_campaign=00687_test-best&cep=AKHOXAnTmTQn_fv4BdTLEyjboS8xvzTZolrGRBmZBlhLZqx7Lvkf8frFs_cZr9sDGYaAqPZAtMpmMxNwUaJVqu9iELOwLjTHMcfofpKq_H4zF08wJV9lURAuy1LdOjHubjJBpNWFNkghfRs7caLwoK2_JDaoy0FoOjJASzeYnc-kBsLX9RLtnUwiBqqKAN4DhkeJpMPauwBui64PuNCaMBqu2mv_n40h4ODg58GB8QUSMBEn16qKOBXg0Ilyv7QkQIyIK62kKWjCDFbHAV7o8gksLNHoBRew9QXzOZ-oZvgfuVPLh5Jh0TW67fqvP9UaN_frfBd3YKs58px2mbeSuc-EkeMpG_NO_b0j2JgX8kIvcu8WI04FlEFcr3pottTc-lV1xC3fPjF8gFJ2st-OsVO8Wac1mI9oGzYHGNQNqUoKDMq5xrzhFOCX-eMXhA2owHO6HoZXwjW2liLVT0L8qerLQ0Nscamp1jHYY0pfnsz31CKkDNKLlb3drwJPoS66i3LNs0W6yiFC5rhSbcoIRHmqAipdHVCcGaJw-4hA23yL4c3N0IuEI0wHxrtLTrJBlAer8g8R8NsOvw5wB_5XtskmwukCMf_0QFTVXVBG7h8&lptoken=167741c36895918f086b&pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keyword=*&campaign_id=773006&state=&ip=217.64.151.8&banner=5259938&bid=0.001&conversion=ZRakH6fZ87M
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0%2B40yBfgSZcEs4XmVYZV0TmAeWlZgR468A1CSXQbGtcR8%2F%2BlW2GTpWjq1loNvSOKezlLeclvsGiFa3FfIiVAu5lOsdR4twdYk%2BeV2hijn5QPc%2FbzBBX5%2FjQWr16qWbqPJ84nCWFR%2BlzHAvRoJKAvXx3jkuUyJng"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ca9782ec963374e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 69ms
29ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: lp3s.cyber-guard.me
URL: https://lp3s.cyber-guard.me/?&utm_campaign=00687_test-best&cep=AKHOXAnTmTQn_fv4BdTLEyjboS8xvzTZolrGRBmZBlhLZqx7Lvkf8frFs_cZr9sDGYaAqPZAtMpmMxNwUaJVqu9iELOwLjTHMcfofpKq_H4zF08wJV9lURAuy1LdOjHubjJBpNWFNkghfRs7caLwoK2_JDaoy0FoOjJASzeYnc-kBsLX9RLtnUwiBqqKAN4DhkeJpMPauwBui64PuNCaMBqu2mv_n40h4ODg58GB8QUSMBEn16qKOBXg0Ilyv7QkQIyIK62kKWjCDFbHAV7o8gksLNHoBRew9QXzOZ-oZvgfuVPLh5Jh0TW67fqvP9UaN_frfBd3YKs58px2mbeSuc-EkeMpG_NO_b0j2JgX8kIvcu8WI04FlEFcr3pottTc-lV1xC3fPjF8gFJ2st-OsVO8Wac1mI9oGzYHGNQNqUoKDMq5xrzhFOCX-eMXhA2owHO6HoZXwjW2liLVT0L8qerLQ0Nscamp1jHYY0pfnsz31CKkDNKLlb3drwJPoS66i3LNs0W6yiFC5rhSbcoIRHmqAipdHVCcGaJw-4hA23yL4c3N0IuEI0wHxrtLTrJBlAer8g8R8NsOvw5wB_5XtskmwukCMf_0QFTVXVBG7h8&lptoken=167741c36895918f086b&pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keyword=*&campaign_id=773006&state=&ip=217.64.151.8&banner=5259938&bid=0.001&conversion=ZRakH6fZ87M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp3s.cyber-guard.me/
Origin: https://lp3s.cyber-guard.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 00:15:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752, 617, 617
age: 989968
cdn-cachedat: 2021-07-17 11:05:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 4a53e2650f2f584f152bee5e3fed4412
cf-ray: 6ca978307f27375b-MXP
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 email-decode.min.js Show response
lp3s.cyber-guard.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 24ms
23ms Script
application/javascript 2606:4700:3032::6815:1ae4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp3s.cyber-guard.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:1ae4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp3s.cyber-guard.me/?&utm_campaign=00687_test-best&cep=AKHOXAnTmTQn_fv4BdTLEyjboS8xvzTZolrGRBmZBlhLZqx7Lvkf8frFs_cZr9sDGYaAqPZAtMpmMxNwUaJVqu9iELOwLjTHMcfofpKq_H4zF08wJV9lURAuy1LdOjHubjJBpNWFNkghfRs7caLwoK2_JDaoy0FoOjJASzeYnc-kBsLX9RLtnUwiBqqKAN4DhkeJpMPauwBui64PuNCaMBqu2mv_n40h4ODg58GB8QUSMBEn16qKOBXg0Ilyv7QkQIyIK62kKWjCDFbHAV7o8gksLNHoBRew9QXzOZ-oZvgfuVPLh5Jh0TW67fqvP9UaN_frfBd3YKs58px2mbeSuc-EkeMpG_NO_b0j2JgX8kIvcu8WI04FlEFcr3pottTc-lV1xC3fPjF8gFJ2st-OsVO8Wac1mI9oGzYHGNQNqUoKDMq5xrzhFOCX-eMXhA2owHO6HoZXwjW2liLVT0L8qerLQ0Nscamp1jHYY0pfnsz31CKkDNKLlb3drwJPoS66i3LNs0W6yiFC5rhSbcoIRHmqAipdHVCcGaJw-4hA23yL4c3N0IuEI0wHxrtLTrJBlAer8g8R8NsOvw5wB_5XtskmwukCMf_0QFTVXVBG7h8&lptoken=167741c36895918f086b&pubfeed=95356&subid=240934_270055&source_subid=270055&search_referrer_domain=citrix.cloud.cpitalone.com&carrier=M247+Ltd&keyword=*&campaign_id=773006&state=&ip=217.64.151.8&banner=5259938&bid=0.001&conversion=ZRakH6fZ87M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 00:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 05 Jan 2022 15:17:54 GMT
server: cloudflare
etag: W/"61d5b6a2-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWVcMmSx1FD8rxNsQGVPLlBISP26tlgoUQmz9Rt60h4%2BGpKJ%2FfCvQz4sj95Pl1o3CxE0rGxFfoijv2Ow07a3WQsbFrj07ycqJ%2BZG8znkjWhmherc5wTNKB%2BYkjw%2B4NuOp8RdMHeQCZfjNqACn4Q9dXSI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ca9783039d45a19-MXP
vary: Accept-Encoding
expires: Tue, 11 Jan 2022 00:15:08 GMT

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af62d4d5b3c78b221cdf4ce81f7dcebf4e673c913fc39c78e51042696f7539e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32cbabcc9e41fa2129708a6001ab15a55a0a6a97b1880691666fa45ef13edac4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.track.sparta-tracking.xyz/	1970-01-20 00:02:53	Name: 9abff502-1365-4276-8031-5839a561be8d-v4 Value: vpPoSedCbaF5MWDolWcKR6CSqVsbVuOziHUSOqdMsgg
			.track.sparta-tracking.xyz/	1970-01-20 00:02:53	Name: cep-v4 Value: Bfp7T14C8iCwou9hnMIXRvfc1yqLH0B8LspsgaYy3XiM7ijXLUfXofHkK6zsu1uMNrMHi1l81sLyeDd-DVjS7dlNAh5Ex9rnJIgvOjj-4v10UIFIoqwY4-wroDcjnFfdGkTJVGrqN-eTD_cbEmUa3pui8E5m8u-RlnixMCwfw-1XEXHLh9C3vAhNh_AxyQtjdyY6CY_PrVI0ReZWuKVDcNWmj7mwI4mAmoYbk24JFUF16pO3o5I8sXqjCa8Nf6S0GKIEvbCwK4FZtAJWHHmLmQDdFPclR9ZpcOSqQzc5GoQ5agG2G9NpHG9C5JAS2N0TvZq6rjqkiMNFhfCEtKRJj70aXQBoqWwy0x5mLPj3tFFtmDEQQJJc_fPqIQlT-1kIzud-Sp13DHB7b56JMULqA_tK-vSKmIhCMMsKnM1-80hhxpQ4zDZh8ROLJHKFHIPziUFkmXsLf84Z1tVq8nlYJcT0k34GpE-jJoi_zjfrtnnyMrPYbHa_EKE2j-KjkCmEtT20vcNfkfgo6zY0OgkTFjztPtzqw72VlRKuBKSestU9g2PyfZUVBo53FC3LVs_C6Ro_TLZIB5-5lU7PzX-oo-k4f5JLrHY2RFlbBcOfh5M

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

citrix.cloud.cpitalone.com
img.sedoparking.com
lp3s.cyber-guard.me
stackpath.bootstrapcdn.com
track.sparta-tracking.xyz
xml.sedodna.com
173.239.53.32
205.234.175.175
2606:4700:3032::6815:1ae4
2606:4700:3035::6815:253b
2606:4700::6812:acf
64.190.62.111
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
32cbabcc9e41fa2129708a6001ab15a55a0a6a97b1880691666fa45ef13edac4
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
a6a5275ab6871be6a5e3ef7e0c840d8b7f4ce6258807251b887ca3432a2338e8
af62d4d5b3c78b221cdf4ce81f7dcebf4e673c913fc39c78e51042696f7539e1
d3c217d1f0c67f0dcf30dee0b0196f0560e58df7b7eb18e838783c7e72a3bc18

lp3s.cyber-guard.me Open in urlscan Pro 2606:4700:3032::6815:1ae4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

50 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

59 kBTransfer

207 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Indicators

lp3s.cyber-guard.me Open in urlscan Pro
2606:4700:3032::6815:1ae4 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

50 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

59 kB
Transfer

207 kB
Size

2
Cookies

6 HTTP transactions
3 data transactions