urlscan.io logo urlscan.io
SecurityTrails logo

lp3s.cyber-guard.me Open in urlscan Pro
104.21.26.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://capitalonefinancial.ltd/
Effective URL: https://lp3s.cyber-guard.me/?&utm_campaign=00642_test-best&cep=hvnBPZgANCRtKxcHkI5SME7Kf66DSITynchTKsW7VyBkOPg90rsT1AJ1dwVPT...
Submission: On October 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 5 HTTP transactions. The main IP is 104.21.26.228, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp3s.cyber-guard.me.
TLS certificate: Issued by R3 on September 22nd 2021. Valid for: 3 months.
This is the only time lp3s.cyber-guard.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 72.52.178.23 32244 (LIQUIDWEB)
2 2 173.192.101.24 36351 (SOFTLAYER)
2 2 172.67.205.1 13335 (CLOUDFLAR...)
2 104.21.26.228 13335 (CLOUDFLAR...)
1 104.18.11.207 13335 (CLOUDFLAR...)
5 4
2    72.52.178.23 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
capitalonefinancial.ltd
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p237996.mybetterdl.com
2    172.67.205.1 (United States)

ASN13335 (CLOUDFLARENET, US)
track.sparta-tracking.xyz
2    104.21.26.228 (United States)

ASN13335 (CLOUDFLARENET, US)
lp3s.cyber-guard.me
1    104.18.11.207 (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
Domain Requested by
2 lp3s.cyber-guard.me capitalonefinancial.ltd
lp3s.cyber-guard.me
2 track.sparta-tracking.xyz 2 redirects
2 capitalonefinancial.ltd capitalonefinancial.ltd
1 stackpath.bootstrapcdn.com lp3s.cyber-guard.me
1 p237996.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
5 6

This site contains no links.

Subject Issuer Validity Valid
*.cyber-guard.me
R3		 2021-09-22 -
2021-12-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://lp3s.cyber-guard.me/?&utm_campaign=00642_test-best&cep=hvnBPZgANCRtKxcHkI5SME7Kf66DSITynchTKsW7VyBkOPg90rsT1AJ1dwVPT6wLJZ6nEew7J8wSn7AfGv9CQqIibjo8NuY1z6mAeZ_WxVGoAVheMFVweU6j_MxTpAEuPoGGT38IifcRryP8_TNpU-kyJ64xIqmaxuAGmeOBU_K251lQYFOrtgJSUf3cYXM8EQzczpXlwRb0HcYnyNW4AQeoNFzioanFYxFgV0RDfRzT7zx2jTz4ZpYufqyjAgjx3xQIr_8mT_EMlaSG6JkKvKXrXs4Qjr5BTz0mgfT5xbnBJ_7Zi8FEI4Y2iRntg9dISboMOmVUDs0Rr5RHK5szM_ncqIKE-dTC2Sj7QgMAozicrhOO9ZsTl4rhM2jjBWvRl2Sg0CVNS48qe2rldhdpx8arYA448lpXi3U9SBMSCOiAvVH5pvu8KEL235jcf6sIybUyxZLSUwTQ_pz9famdFypZxYJwxPElCr1WY7gtFgo7pQcO1PHIKGOzS8HzbACZP-kvKWyeQqC0BDwGPZ9VF9s6VlLE84YlX9fF9AAu8qXvC7G8jtgM4f74rb2rfsnL&lptoken=1629352f408b27d679dd&keyword=capitalonefinancial.ltd&geo=DE&campaignname=00642&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=439984702&bid=0.002034&clickid=87422756712
Frame ID: 533C6C79849B97065542F2586BF81A5E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cyber Guard

Page URL History Show full URLs

  1. http://capitalonefinancial.ltd/ Page URL
  2. http://capitalonefinancial.ltd/page/bouncy.php?&bpae=GbhGcLHmitZqj%2FMXkVlf45R9OcMG4pT3pcBXnnlRE4RZYra%2BLY... Page URL
  3. https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6SvGWrAugP5-o1VpE8xQwJ6A_YjlGP5_xKt3Q5wgRfquaZIqEQ8y... HTTP 302
    https://p237996.mybetterdl.com/adServe/domainClick?ai=IMh5EoW_2OoN5jhHISAFXdKId4yj9-6uvOzAKApABbhweqimAJDiN... HTTP 302
    http://track.sparta-tracking.xyz/34218920-8f91-45b7-9832-ce93ba48812c?keyword=capitalonefinancial.ltd&geo=DE&... HTTP 301
    https://track.sparta-tracking.xyz/34218920-8f91-45b7-9832-ce93ba48812c?keyword=capitalonefinancial.ltd&geo=DE&... HTTP 302
    https://lp3s.cyber-guard.me/?&utm_campaign=00642_test-best&cep=hvnBPZgANCRtKxcHkI5SME7Kf66DSITynchTKsW7V... Page URL

Page Statistics

5
Requests

60 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

1
Countries

65 kB
Transfer

214 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://capitalonefinancial.ltd/ Page URL
  2. http://capitalonefinancial.ltd/page/bouncy.php?&bpae=GbhGcLHmitZqj%2FMXkVlf45R9OcMG4pT3pcBXnnlRE4RZYra%2BLY3aiDolMDer44CkJsJWVgCIgiyH4386xigUugitFle9IXXJK3nusLFFsxxBmkrSEgU5EDqnoqVNor4YVFgv3OJUvFxZGFrFrt33pBxcndvkm0956Vf3UNxbnP%2BrV4%2BKQTWAh%2BGTkrvAGbCTzEhk%2Bzo5qGWVTjpUVHFBmBUVAa%2BInD0Yebo904eyI9s8rm8%2BFdyEQlvTgeuK6U%2FpHFv04%2FJ4ZbiCZviEzXAmRKGYJLyIgEabQ1Ll8i36HXSGCPp6Dl07%2F0ktXPJhXnRiB1qPaPcfEi5VhF%2Fs6DH9IE2UysF2ajNPFwphzpPD0QvuYsF8%2Fr0Y%2FwJbLNefhETZYlofquQ4NAOVU7V3N6oQGNgbqePsA%2B9YVghlw%2BNF7%2FqLFsoytQrkYHsGDUM3V7wGkXzEZcj7niMYglFIGdm6xmFxHLLxlCGMSSSeP5A9PNSZ8lOChwhNzdjgCgvIBZQmjBvhs6S6SKP36Bl15silVL%2FKp1Wvi74Z98hwFNY23OBvQvcb8mbl%2FjthLPruwwhbJqezCOh53mDThZRPcdFs27SbBeBF5Ei52M9xSblhGoTs9zAQ4unW6US0nFxktbSPdU%2FN6aYUX%2Bzhc1%2BQtVRKSxj0H5dCHC3ALhoI98aWwsrqROslbhSpJakUp42U0ipOH0Ahfc7dlwexknxs%2FQuSLwhyLJ%2FvbUOdZtri0DHS5%2FGGEcaCU03nm3DHOjV1YPjo0OmErAJkl7ddpglM9fg4eynDo0rNhxQtYsiXs1VExPfeZHLRUeCLVx01Rg%2BVCvWIiNDiFirEIFLmeTqGfi4tf4%2FxByJIVpmYKfUoJdylwByWYujZfT0Qux6zLNXp9NF8fXlK8bb5W5OFBBOYoLI9WoyWfs6nKODDt7RtlDAvMqq6rFJvwdq7IjN74J9SLyuM5fCzLAbZGVVrsbCkR015owMKy1zhw%2BTAHike66%2FieBo%2Bx5BOi1qGbwT4aBs5qQNfT4L0Ah9FzXbuTGFstpxfSF6tWEVe9X4JjogR%2FqSPpcwdKAGL3fK2%2B5wqAH0PCzajEYECf%2Fr6BbSCg056cyN0Y0ijLLSsp8ZgMXH8VmKXvVgU30fG1OVRp0OneHKYFsrxUTjk58%2FE6L1ZKzGTbdA0vOReLt2MNyFlG1X2yVi11jhB1F4GtNvJZj1cFeuYRfTZWMKmuL0HPics8zEq%2BJo9%2FShgWnW03%2FWZX4lEQd117boI3JZPXK43S3Td8SZ5EZZOjVynRgNP8KVf%2FdbjACF%2B72OWuMXkDHKy%2FADvIH9xnulvF8HAB6%2FoKD40B15OIHcQwj5TcILUt8tiYP10XKWMBh2tk9svH4sl07H5w%2BL50rXqTZlGljx%2BrSnDU3O8wXuymzixbI3MkqM1J7irbIdsetC1xTqd4zymNGg65Kh19Cu14G9W0wd4Mfe%2BOGUE9AGydfjUvNacRcWL6%2BvQEnwsW%2B7ZI8XbKsttZPpYqSY%2FwVaVCRzC7e%2Fxfr%2Bv5xMZLXegY%2FDqGEJFn4X%2BURlWJN2EgEtkQkPEvgjNhSJZp7pRvX%2Bb2vYKq4x7h%2F4S%2BvdPAiuPApvl%2BHaYGtxGgBqHGCjRvbLFupnbsvrSdM8XDGcuThyQumGWjyPZQGpWk6IASLBYps%2BsvMl65NeJ2cs%2FpCt5V%2BxhKcZQvGmKbjjiT2Z5nxWyE%2BQL3NVRDNp6iUmDE1RhKQFz2G2LINwxzCsXC81wBp5qdxpJT4Ah1qRilVYr90w9IDHtIoCfzJ8AIR4ywDu5ARYwor%2BlYbq4qop7U97tNyNl%2B1ErHtsQ2yMaxweCFOjsiCiCMdmgMxGymlEB6I7j1EE88AmPtdZvcnf4jc6mYcGKdQeRZcQ%2B3T8X0do29Zss9qEaEso7AYNDCqWyWyr5STpwaxd%2BrVTLmoycmjjXpaXJ9DYT%2FFiK64N%2BP9HZ0OCfqEHYtBb6vMx8Yqlfrcq13BkkFD3RMGnHOSh4Nr45iWWRAK8jrwTQXjDpXOzNZWc61KFo7xJoiH0WugkEkIMAuLWpXXyrMCLlSni6f4oz2m1Vkry7QOCNMOr0fJwAcqDAQZWDmbSUkpna%2BjB6N6Pasdfg%2B7LOqz%2FfveIGgVsuGqnN0Miw9T3XjAWeI%2BgsoU8%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6SvGWrAugP5-o1VpE8xQwJ6A_YjlGP5_xKt3Q5wgRfquaZIqEQ8yXMFY_iD5bFykKi_84eTTfdYjpFGL3HNM2iZpLSZmparWHXlxh5tJot7LxmPiRLDedU-EaetGzMqHz6mGf_HQGXBODC3pBZX1rE6XwY0YatoKShSsF6rU8upGOAdLLKq_XdPFM0HaZl-OePzqPS-DCA3Kas_xbWLN0Z8ejEGT0Ywy5ZIQJP1bvDEen6u81OJ9UXonn-UXA1LwDOXw1CaGytPMge1owqoxMBSz3oJeZp2vV2xnB5NR1A3MAtMP1RH5WWeRA8YOabobFEfOjYTTmcvXfV0uYUbw-v3_K7bmG6zEdEA-IncDRQ2Vg6wKcvF6-TZCOY1fFotjfuQvv4eMNUSzL03nS0_a0MCva81KH90HUd6Cj0OGR0eOWng0C8uA_GAdWV33m7Nd-FbBYsceD75ow-LBcCaCnXPLtK4vcES-He7HgCypaNImM_dhweRv8f5-cqVyvd99z-XdgM2Q2f0hJQoKiBUXU4QUw7mipQS1EETgH7M7C7wiAJw586yayRPnVBiixAHrx6XelKrRcYqZOImUwvYefTCxtrHzb6Vr71fN0TBvjdjxOARRNuxzuKVswLzptJifnElLrhHmwibrw65tVYat8c5SmLForMF3nG1RDnAoZtcRVnibV3lLi4erOtH7NLsRcmbhUi7TIU4mb7XrVLnQNBRlgZVp2b_ZgfOy5v76FtzqA832qbr525FDFOS2vD4NdpUcZQEfDMMp2JgGLpLcKicKlNc5wKMo8MB2_MNOyJg-6SRK2BUSvc7XfhJyCOMwJn_rxqo0kPUbuH7tpazjwy9tWxdvjE0sDBYktjs6C-kTXdAK5zmsukobiigQPeebR2JEBdfOiqa6vJD_AaPhS7Tayi9qfiUusOA-ls14rCUBgEvXMXo7C9VosM3g6WpGTc0SiG65w0_M8ZEJrpIDEmU929fobtex4TXvmE1RTnrYSbx_wAa977lVOSPDNC6TSEB0bCfrfaCW7t8k9-mum5-SrMsOVSOrFIeiwedU8j0yfxLlP4ALE8iConAvNPtliur2_ziSF5h5bBAst-ermLWoDXqZsuykngVk6B0VDEHXUNesDsrkGQbeDBEanPsRxxcTQtRPdux7U1T1CZWUCX4yGyWDkl85uKiI8MZMtHi2v37-fJM7zOJjONx3LVFhnyk-iH4-ghlFw3epIYMNcYs3sd27cPOx2gKeHxRP85ce_ym3PMbblisfsMFmROnY0sSjcuh0QzVBSokh2MQt3IQ6vExwgzEZnwN3qSGDDXGLNYx560WzupUHDWlEAUuBem6tKsy5hPHe91OXZdn0TGZZMuBZFPOrbuNpa33FjAfb5GRP_IPeB86kcFJ6qPtQbTl7nCdGyEmim4EjD0JEazm0CLaMujeP5W2-Sdn899TCuoDY0iB2-hP3W5EGk5tcYCjc-iF9ZFlJFHiZfw875wqapujaSpqFmWjIQ6n-5BK5pgOlsGUApHMNYB477JKY1X8PA4l0XWYyXFx2CB0EXCR-qq9RztRGSc1gHjvskpjVfw8DiXRdZjJgQqTeP8j7G7mxAP9FmTJiuBybpyqSvYhJU4PapLLBconlk05N14WZmWSQsQHXjql HTTP 302
    https://p237996.mybetterdl.com/adServe/domainClick?ai=IMh5EoW_2OoN5jhHISAFXdKId4yj9-6uvOzAKApABbhweqimAJDiNdCJYvrpjOSFth2dMggydW1yQCHMr_xmMkxoLKOTM2ClK1PRhu0fhaI_RFaBcwr6-p1LGVWYVlTz_tvSyZhB3Zme2-kMvWtZh04izcTTY_t9Aw6qO82XnYQcNaUQBS4F6bq0qzLmE8d75xj3YlPQEcMBSCF4qMtDorAIyiLGumliQs-GBVXI8D5kxSGcrzprYmeRLLAxlMZsO_Q7McWmjiIq5vGgITBNrbGK5IyCYVhz2WJ-1TOxFEipTNp5iFKPCjjDN7hxoakO8B0PF81k4VXFZ8E78-CR_0uP2HF_RImTS1V9Rt9xcBTZ2BGyX9whJ2HNq8kR-jp6x5WrgZj24V0RITLTjXCCEysCBXZHi5sjKH7xdaNgjm5djg8_LRNR2VWQdFTAZXOx7j-HGqYGJ1nfj8RQEHtPdbkcEcAYjxpLzaW7ekQCApit3Q5wgRfqucSpXKgY1Of-L6aWSeREqRE&ui=w_Wj54-Mm6SvGWrAugP5-o7xmaA_n3I25BqBrDJxXOEmW6eTrkkzFBp0jcaTJMe5imJPZWUv9YP_Egkh4HmVfuB7DsYBRisRr_IGVAgpuFB-QpsVcNKqXA&si=1&oref=8f3047a64f961a96e255f0bc25763fb5&optunit=o3PohfWRZSRR4mX8PO-cKqnSWsAVwlNn&rb=O6baiaLhyk4&rr=1&abtg=0 HTTP 302
    http://track.sparta-tracking.xyz/34218920-8f91-45b7-9832-ce93ba48812c?keyword=capitalonefinancial.ltd&geo=DE&campaignname=00642&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=439984702&bid=0.002034&clickid=87422756712 HTTP 301
    https://track.sparta-tracking.xyz/34218920-8f91-45b7-9832-ce93ba48812c?keyword=capitalonefinancial.ltd&geo=DE&campaignname=00642&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=439984702&bid=0.002034&clickid=87422756712 HTTP 302
    https://lp3s.cyber-guard.me/?&utm_campaign=00642_test-best&cep=hvnBPZgANCRtKxcHkI5SME7Kf66DSITynchTKsW7VyBkOPg90rsT1AJ1dwVPT6wLJZ6nEew7J8wSn7AfGv9CQqIibjo8NuY1z6mAeZ_WxVGoAVheMFVweU6j_MxTpAEuPoGGT38IifcRryP8_TNpU-kyJ64xIqmaxuAGmeOBU_K251lQYFOrtgJSUf3cYXM8EQzczpXlwRb0HcYnyNW4AQeoNFzioanFYxFgV0RDfRzT7zx2jTz4ZpYufqyjAgjx3xQIr_8mT_EMlaSG6JkKvKXrXs4Qjr5BTz0mgfT5xbnBJ_7Zi8FEI4Y2iRntg9dISboMOmVUDs0Rr5RHK5szM_ncqIKE-dTC2Sj7QgMAozicrhOO9ZsTl4rhM2jjBWvRl2Sg0CVNS48qe2rldhdpx8arYA448lpXi3U9SBMSCOiAvVH5pvu8KEL235jcf6sIybUyxZLSUwTQ_pz9famdFypZxYJwxPElCr1WY7gtFgo7pQcO1PHIKGOzS8HzbACZP-kvKWyeQqC0BDwGPZ9VF9s6VlLE84YlX9fF9AAu8qXvC7G8jtgM4f74rb2rfsnL&lptoken=1629352f408b27d679dd&keyword=capitalonefinancial.ltd&geo=DE&campaignname=00642&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=439984702&bid=0.002034&clickid=87422756712 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
capitalonefinancial.ltd/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://capitalonefinancial.ltd/
Protocol
HTTP/1.1
Server
72.52.178.23 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 28 Oct 2021 06:02:58 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
Keep-Alive
timeout=5, max=97
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
bouncy.php
capitalonefinancial.ltd/page/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://capitalonefinancial.ltd/page/bouncy.php?&bpae=GbhGcLHmitZqj%2FMXkVlf45R9OcMG4pT3pcBXnnlRE4RZYra%2BLY3aiDolMDer44CkJsJWVgCIgiyH4386xigUugitFle9IXXJK3nusLFFsxxBmkrSEgU5EDqnoqVNor4YVFgv3OJUvFxZGFrFrt33pBxcndvkm0956Vf3UNxbnP%2BrV4%2BKQTWAh%2BGTkrvAGbCTzEhk%2Bzo5qGWVTjpUVHFBmBUVAa%2BInD0Yebo904eyI9s8rm8%2BFdyEQlvTgeuK6U%2FpHFv04%2FJ4ZbiCZviEzXAmRKGYJLyIgEabQ1Ll8i36HXSGCPp6Dl07%2F0ktXPJhXnRiB1qPaPcfEi5VhF%2Fs6DH9IE2UysF2ajNPFwphzpPD0QvuYsF8%2Fr0Y%2FwJbLNefhETZYlofquQ4NAOVU7V3N6oQGNgbqePsA%2B9YVghlw%2BNF7%2FqLFsoytQrkYHsGDUM3V7wGkXzEZcj7niMYglFIGdm6xmFxHLLxlCGMSSSeP5A9PNSZ8lOChwhNzdjgCgvIBZQmjBvhs6S6SKP36Bl15silVL%2FKp1Wvi74Z98hwFNY23OBvQvcb8mbl%2FjthLPruwwhbJqezCOh53mDThZRPcdFs27SbBeBF5Ei52M9xSblhGoTs9zAQ4unW6US0nFxktbSPdU%2FN6aYUX%2Bzhc1%2BQtVRKSxj0H5dCHC3ALhoI98aWwsrqROslbhSpJakUp42U0ipOH0Ahfc7dlwexknxs%2FQuSLwhyLJ%2FvbUOdZtri0DHS5%2FGGEcaCU03nm3DHOjV1YPjo0OmErAJkl7ddpglM9fg4eynDo0rNhxQtYsiXs1VExPfeZHLRUeCLVx01Rg%2BVCvWIiNDiFirEIFLmeTqGfi4tf4%2FxByJIVpmYKfUoJdylwByWYujZfT0Qux6zLNXp9NF8fXlK8bb5W5OFBBOYoLI9WoyWfs6nKODDt7RtlDAvMqq6rFJvwdq7IjN74J9SLyuM5fCzLAbZGVVrsbCkR015owMKy1zhw%2BTAHike66%2FieBo%2Bx5BOi1qGbwT4aBs5qQNfT4L0Ah9FzXbuTGFstpxfSF6tWEVe9X4JjogR%2FqSPpcwdKAGL3fK2%2B5wqAH0PCzajEYECf%2Fr6BbSCg056cyN0Y0ijLLSsp8ZgMXH8VmKXvVgU30fG1OVRp0OneHKYFsrxUTjk58%2FE6L1ZKzGTbdA0vOReLt2MNyFlG1X2yVi11jhB1F4GtNvJZj1cFeuYRfTZWMKmuL0HPics8zEq%2BJo9%2FShgWnW03%2FWZX4lEQd117boI3JZPXK43S3Td8SZ5EZZOjVynRgNP8KVf%2FdbjACF%2B72OWuMXkDHKy%2FADvIH9xnulvF8HAB6%2FoKD40B15OIHcQwj5TcILUt8tiYP10XKWMBh2tk9svH4sl07H5w%2BL50rXqTZlGljx%2BrSnDU3O8wXuymzixbI3MkqM1J7irbIdsetC1xTqd4zymNGg65Kh19Cu14G9W0wd4Mfe%2BOGUE9AGydfjUvNacRcWL6%2BvQEnwsW%2B7ZI8XbKsttZPpYqSY%2FwVaVCRzC7e%2Fxfr%2Bv5xMZLXegY%2FDqGEJFn4X%2BURlWJN2EgEtkQkPEvgjNhSJZp7pRvX%2Bb2vYKq4x7h%2F4S%2BvdPAiuPApvl%2BHaYGtxGgBqHGCjRvbLFupnbsvrSdM8XDGcuThyQumGWjyPZQGpWk6IASLBYps%2BsvMl65NeJ2cs%2FpCt5V%2BxhKcZQvGmKbjjiT2Z5nxWyE%2BQL3NVRDNp6iUmDE1RhKQFz2G2LINwxzCsXC81wBp5qdxpJT4Ah1qRilVYr90w9IDHtIoCfzJ8AIR4ywDu5ARYwor%2BlYbq4qop7U97tNyNl%2B1ErHtsQ2yMaxweCFOjsiCiCMdmgMxGymlEB6I7j1EE88AmPtdZvcnf4jc6mYcGKdQeRZcQ%2B3T8X0do29Zss9qEaEso7AYNDCqWyWyr5STpwaxd%2BrVTLmoycmjjXpaXJ9DYT%2FFiK64N%2BP9HZ0OCfqEHYtBb6vMx8Yqlfrcq13BkkFD3RMGnHOSh4Nr45iWWRAK8jrwTQXjDpXOzNZWc61KFo7xJoiH0WugkEkIMAuLWpXXyrMCLlSni6f4oz2m1Vkry7QOCNMOr0fJwAcqDAQZWDmbSUkpna%2BjB6N6Pasdfg%2B7LOqz%2FfveIGgVsuGqnN0Miw9T3XjAWeI%2BgsoU8%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: capitalonefinancial.ltd
URL: http://capitalonefinancial.ltd/
Protocol
HTTP/1.1
Server
72.52.178.23 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://capitalonefinancial.ltd/

Response headers

Date
Thu, 28 Oct 2021 06:02:58 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request /
lp3s.cyber-guard.me/
Redirect Chain
  • https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6SvGWrAugP5-o1VpE8xQwJ6A_YjlGP5_xKt3Q5wgRfquaZIqEQ8yXMFY_iD5bFykKi_84eTTfdYjpFGL3HNM2iZpLSZmparWHXlxh5tJot7LxmPiRLDedU-EaetGzMqHz6mGf_HQGXBODC3pBZX1rE...
  • https://p237996.mybetterdl.com/adServe/domainClick?ai=IMh5EoW_2OoN5jhHISAFXdKId4yj9-6uvOzAKApABbhweqimAJDiNdCJYvrpjOSFth2dMggydW1yQCHMr_xmMkxoLKOTM2ClK1PRhu0fhaI_RFaBcwr6-p1LGVWYVlTz_tvSyZhB3Zme2-k...
  • http://track.sparta-tracking.xyz/34218920-8f91-45b7-9832-ce93ba48812c?keyword=capitalonefinancial.ltd&geo=DE&campaignname=00642&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source...
  • https://track.sparta-tracking.xyz/34218920-8f91-45b7-9832-ce93ba48812c?keyword=capitalonefinancial.ltd&geo=DE&campaignname=00642&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&sourc...
  • https://lp3s.cyber-guard.me/?&utm_campaign=00642_test-best&cep=hvnBPZgANCRtKxcHkI5SME7Kf66DSITynchTKsW7VyBkOPg90rsT1AJ1dwVPT6wLJZ6nEew7J8wSn7AfGv9CQqIibjo8NuY1z6mAeZ_WxVGoAVheMFVweU6j_MxTpAEuPoGGT3...
46 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp3s.cyber-guard.me/?&utm_campaign=00642_test-best&cep=hvnBPZgANCRtKxcHkI5SME7Kf66DSITynchTKsW7VyBkOPg90rsT1AJ1dwVPT6wLJZ6nEew7J8wSn7AfGv9CQqIibjo8NuY1z6mAeZ_WxVGoAVheMFVweU6j_MxTpAEuPoGGT38IifcRryP8_TNpU-kyJ64xIqmaxuAGmeOBU_K251lQYFOrtgJSUf3cYXM8EQzczpXlwRb0HcYnyNW4AQeoNFzioanFYxFgV0RDfRzT7zx2jTz4ZpYufqyjAgjx3xQIr_8mT_EMlaSG6JkKvKXrXs4Qjr5BTz0mgfT5xbnBJ_7Zi8FEI4Y2iRntg9dISboMOmVUDs0Rr5RHK5szM_ncqIKE-dTC2Sj7QgMAozicrhOO9ZsTl4rhM2jjBWvRl2Sg0CVNS48qe2rldhdpx8arYA448lpXi3U9SBMSCOiAvVH5pvu8KEL235jcf6sIybUyxZLSUwTQ_pz9famdFypZxYJwxPElCr1WY7gtFgo7pQcO1PHIKGOzS8HzbACZP-kvKWyeQqC0BDwGPZ9VF9s6VlLE84YlX9fF9AAu8qXvC7G8jtgM4f74rb2rfsnL&lptoken=1629352f408b27d679dd&keyword=capitalonefinancial.ltd&geo=DE&campaignname=00642&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=439984702&bid=0.002034&clickid=87422756712
Requested by
Host: capitalonefinancial.ltd
URL: http://capitalonefinancial.ltd/page/bouncy.php?&bpae=GbhGcLHmitZqj%2FMXkVlf45R9OcMG4pT3pcBXnnlRE4RZYra%2BLY3aiDolMDer44CkJsJWVgCIgiyH4386xigUugitFle9IXXJK3nusLFFsxxBmkrSEgU5EDqnoqVNor4YVFgv3OJUvFxZGFrFrt33pBxcndvkm0956Vf3UNxbnP%2BrV4%2BKQTWAh%2BGTkrvAGbCTzEhk%2Bzo5qGWVTjpUVHFBmBUVAa%2BInD0Yebo904eyI9s8rm8%2BFdyEQlvTgeuK6U%2FpHFv04%2FJ4ZbiCZviEzXAmRKGYJLyIgEabQ1Ll8i36HXSGCPp6Dl07%2F0ktXPJhXnRiB1qPaPcfEi5VhF%2Fs6DH9IE2UysF2ajNPFwphzpPD0QvuYsF8%2Fr0Y%2FwJbLNefhETZYlofquQ4NAOVU7V3N6oQGNgbqePsA%2B9YVghlw%2BNF7%2FqLFsoytQrkYHsGDUM3V7wGkXzEZcj7niMYglFIGdm6xmFxHLLxlCGMSSSeP5A9PNSZ8lOChwhNzdjgCgvIBZQmjBvhs6S6SKP36Bl15silVL%2FKp1Wvi74Z98hwFNY23OBvQvcb8mbl%2FjthLPruwwhbJqezCOh53mDThZRPcdFs27SbBeBF5Ei52M9xSblhGoTs9zAQ4unW6US0nFxktbSPdU%2FN6aYUX%2Bzhc1%2BQtVRKSxj0H5dCHC3ALhoI98aWwsrqROslbhSpJakUp42U0ipOH0Ahfc7dlwexknxs%2FQuSLwhyLJ%2FvbUOdZtri0DHS5%2FGGEcaCU03nm3DHOjV1YPjo0OmErAJkl7ddpglM9fg4eynDo0rNhxQtYsiXs1VExPfeZHLRUeCLVx01Rg%2BVCvWIiNDiFirEIFLmeTqGfi4tf4%2FxByJIVpmYKfUoJdylwByWYujZfT0Qux6zLNXp9NF8fXlK8bb5W5OFBBOYoLI9WoyWfs6nKODDt7RtlDAvMqq6rFJvwdq7IjN74J9SLyuM5fCzLAbZGVVrsbCkR015owMKy1zhw%2BTAHike66%2FieBo%2Bx5BOi1qGbwT4aBs5qQNfT4L0Ah9FzXbuTGFstpxfSF6tWEVe9X4JjogR%2FqSPpcwdKAGL3fK2%2B5wqAH0PCzajEYECf%2Fr6BbSCg056cyN0Y0ijLLSsp8ZgMXH8VmKXvVgU30fG1OVRp0OneHKYFsrxUTjk58%2FE6L1ZKzGTbdA0vOReLt2MNyFlG1X2yVi11jhB1F4GtNvJZj1cFeuYRfTZWMKmuL0HPics8zEq%2BJo9%2FShgWnW03%2FWZX4lEQd117boI3JZPXK43S3Td8SZ5EZZOjVynRgNP8KVf%2FdbjACF%2B72OWuMXkDHKy%2FADvIH9xnulvF8HAB6%2FoKD40B15OIHcQwj5TcILUt8tiYP10XKWMBh2tk9svH4sl07H5w%2BL50rXqTZlGljx%2BrSnDU3O8wXuymzixbI3MkqM1J7irbIdsetC1xTqd4zymNGg65Kh19Cu14G9W0wd4Mfe%2BOGUE9AGydfjUvNacRcWL6%2BvQEnwsW%2B7ZI8XbKsttZPpYqSY%2FwVaVCRzC7e%2Fxfr%2Bv5xMZLXegY%2FDqGEJFn4X%2BURlWJN2EgEtkQkPEvgjNhSJZp7pRvX%2Bb2vYKq4x7h%2F4S%2BvdPAiuPApvl%2BHaYGtxGgBqHGCjRvbLFupnbsvrSdM8XDGcuThyQumGWjyPZQGpWk6IASLBYps%2BsvMl65NeJ2cs%2FpCt5V%2BxhKcZQvGmKbjjiT2Z5nxWyE%2BQL3NVRDNp6iUmDE1RhKQFz2G2LINwxzCsXC81wBp5qdxpJT4Ah1qRilVYr90w9IDHtIoCfzJ8AIR4ywDu5ARYwor%2BlYbq4qop7U97tNyNl%2B1ErHtsQ2yMaxweCFOjsiCiCMdmgMxGymlEB6I7j1EE88AmPtdZvcnf4jc6mYcGKdQeRZcQ%2B3T8X0do29Zss9qEaEso7AYNDCqWyWyr5STpwaxd%2BrVTLmoycmjjXpaXJ9DYT%2FFiK64N%2BP9HZ0OCfqEHYtBb6vMx8Yqlfrcq13BkkFD3RMGnHOSh4Nr45iWWRAK8jrwTQXjDpXOzNZWc61KFo7xJoiH0WugkEkIMAuLWpXXyrMCLlSni6f4oz2m1Vkry7QOCNMOr0fJwAcqDAQZWDmbSUkpna%2BjB6N6Pasdfg%2B7LOqz%2FfveIGgVsuGqnN0Miw9T3XjAWeI%2BgsoU8%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.26.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0a4fa82507b83c2757203dd368525e91679a8361a8a0f24b3e48eb594b70731
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://capitalonefinancial.ltd/page/bouncy.php?&bpae=GbhGcLHmitZqj%2FMXkVlf45R9OcMG4pT3pcBXnnlRE4RZYra%2BLY3aiDolMDer44CkJsJWVgCIgiyH4386xigUugitFle9IXXJK3nusLFFsxxBmkrSEgU5EDqnoqVNor4YVFgv3OJUvFxZGFrFrt33pBxcndvkm0956Vf3UNxbnP%2BrV4%2BKQTWAh%2BGTkrvAGbCTzEhk%2Bzo5qGWVTjpUVHFBmBUVAa%2BInD0Yebo904eyI9s8rm8%2BFdyEQlvTgeuK6U%2FpHFv04%2FJ4ZbiCZviEzXAmRKGYJLyIgEabQ1Ll8i36HXSGCPp6Dl07%2F0ktXPJhXnRiB1qPaPcfEi5VhF%2Fs6DH9IE2UysF2ajNPFwphzpPD0QvuYsF8%2Fr0Y%2FwJbLNefhETZYlofquQ4NAOVU7V3N6oQGNgbqePsA%2B9YVghlw%2BNF7%2FqLFsoytQrkYHsGDUM3V7wGkXzEZcj7niMYglFIGdm6xmFxHLLxlCGMSSSeP5A9PNSZ8lOChwhNzdjgCgvIBZQmjBvhs6S6SKP36Bl15silVL%2FKp1Wvi74Z98hwFNY23OBvQvcb8mbl%2FjthLPruwwhbJqezCOh53mDThZRPcdFs27SbBeBF5Ei52M9xSblhGoTs9zAQ4unW6US0nFxktbSPdU%2FN6aYUX%2Bzhc1%2BQtVRKSxj0H5dCHC3ALhoI98aWwsrqROslbhSpJakUp42U0ipOH0Ahfc7dlwexknxs%2FQuSLwhyLJ%2FvbUOdZtri0DHS5%2FGGEcaCU03nm3DHOjV1YPjo0OmErAJkl7ddpglM9fg4eynDo0rNhxQtYsiXs1VExPfeZHLRUeCLVx01Rg%2BVCvWIiNDiFirEIFLmeTqGfi4tf4%2FxByJIVpmYKfUoJdylwByWYujZfT0Qux6zLNXp9NF8fXlK8bb5W5OFBBOYoLI9WoyWfs6nKODDt7RtlDAvMqq6rFJvwdq7IjN74J9SLyuM5fCzLAbZGVVrsbCkR015owMKy1zhw%2BTAHike66%2FieBo%2Bx5BOi1qGbwT4aBs5qQNfT4L0Ah9FzXbuTGFstpxfSF6tWEVe9X4JjogR%2FqSPpcwdKAGL3fK2%2B5wqAH0PCzajEYECf%2Fr6BbSCg056cyN0Y0ijLLSsp8ZgMXH8VmKXvVgU30fG1OVRp0OneHKYFsrxUTjk58%2FE6L1ZKzGTbdA0vOReLt2MNyFlG1X2yVi11jhB1F4GtNvJZj1cFeuYRfTZWMKmuL0HPics8zEq%2BJo9%2FShgWnW03%2FWZX4lEQd117boI3JZPXK43S3Td8SZ5EZZOjVynRgNP8KVf%2FdbjACF%2B72OWuMXkDHKy%2FADvIH9xnulvF8HAB6%2FoKD40B15OIHcQwj5TcILUt8tiYP10XKWMBh2tk9svH4sl07H5w%2BL50rXqTZlGljx%2BrSnDU3O8wXuymzixbI3MkqM1J7irbIdsetC1xTqd4zymNGg65Kh19Cu14G9W0wd4Mfe%2BOGUE9AGydfjUvNacRcWL6%2BvQEnwsW%2B7ZI8XbKsttZPpYqSY%2FwVaVCRzC7e%2Fxfr%2Bv5xMZLXegY%2FDqGEJFn4X%2BURlWJN2EgEtkQkPEvgjNhSJZp7pRvX%2Bb2vYKq4x7h%2F4S%2BvdPAiuPApvl%2BHaYGtxGgBqHGCjRvbLFupnbsvrSdM8XDGcuThyQumGWjyPZQGpWk6IASLBYps%2BsvMl65NeJ2cs%2FpCt5V%2BxhKcZQvGmKbjjiT2Z5nxWyE%2BQL3NVRDNp6iUmDE1RhKQFz2G2LINwxzCsXC81wBp5qdxpJT4Ah1qRilVYr90w9IDHtIoCfzJ8AIR4ywDu5ARYwor%2BlYbq4qop7U97tNyNl%2B1ErHtsQ2yMaxweCFOjsiCiCMdmgMxGymlEB6I7j1EE88AmPtdZvcnf4jc6mYcGKdQeRZcQ%2B3T8X0do29Zss9qEaEso7AYNDCqWyWyr5STpwaxd%2BrVTLmoycmjjXpaXJ9DYT%2FFiK64N%2BP9HZ0OCfqEHYtBb6vMx8Yqlfrcq13BkkFD3RMGnHOSh4Nr45iWWRAK8jrwTQXjDpXOzNZWc61KFo7xJoiH0WugkEkIMAuLWpXXyrMCLlSni6f4oz2m1Vkry7QOCNMOr0fJwAcqDAQZWDmbSUkpna%2BjB6N6Pasdfg%2B7LOqz%2FfveIGgVsuGqnN0Miw9T3XjAWeI%2BgsoU8%3D&redirectType=js&inIframe=false&inPopUp=false

Response headers

date
Thu, 28 Oct 2021 06:02:59 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
ALLOWALL
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Authorization
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8j%2FLvmODcLnbJNOTXMwig9H0lSUJMmeG3iTFuv%2FYYpWAYBqvKlOhEObfcpc8%2FYVJjN6nq%2BMh3Z%2Fr1PW%2BY6%2BcZFOPkP%2BE3CjwZZL%2B01O2nj1qZiYvpEk%2FKj4WPnjxetjzcnQt%2Bp1%2B"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a51f559aae068d6-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Thu, 28 Oct 2021 06:02:59 GMT
content-length
0
cache-control
no-store, no-cache, pre-check=0, post-check=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://lp3s.cyber-guard.me/?&utm_campaign=00642_test-best&cep=hvnBPZgANCRtKxcHkI5SME7Kf66DSITynchTKsW7VyBkOPg90rsT1AJ1dwVPT6wLJZ6nEew7J8wSn7AfGv9CQqIibjo8NuY1z6mAeZ_WxVGoAVheMFVweU6j_MxTpAEuPoGGT38IifcRryP8_TNpU-kyJ64xIqmaxuAGmeOBU_K251lQYFOrtgJSUf3cYXM8EQzczpXlwRb0HcYnyNW4AQeoNFzioanFYxFgV0RDfRzT7zx2jTz4ZpYufqyjAgjx3xQIr_8mT_EMlaSG6JkKvKXrXs4Qjr5BTz0mgfT5xbnBJ_7Zi8FEI4Y2iRntg9dISboMOmVUDs0Rr5RHK5szM_ncqIKE-dTC2Sj7QgMAozicrhOO9ZsTl4rhM2jjBWvRl2Sg0CVNS48qe2rldhdpx8arYA448lpXi3U9SBMSCOiAvVH5pvu8KEL235jcf6sIybUyxZLSUwTQ_pz9famdFypZxYJwxPElCr1WY7gtFgo7pQcO1PHIKGOzS8HzbACZP-kvKWyeQqC0BDwGPZ9VF9s6VlLE84YlX9fF9AAu8qXvC7G8jtgM4f74rb2rfsnL&lptoken=1629352f408b27d679dd&keyword=capitalonefinancial.ltd&geo=DE&campaignname=00642&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=439984702&bid=0.002034&clickid=87422756712
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSonIajnhpiSkm3gtaZvWK11bufWriR7wx7%2BTmY9chVxt2xrrbPte0%2BZjfsutD6Y%2F4LHVENdOavMcKOHMnjr6GeIfp2JdLrIDQi4jpz%2F6AOAgMW6ZELlUPRv6WOg%2BShDs%2By296hK03OZd34N"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a51f558da1f3a99-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: lp3s.cyber-guard.me
URL: https://lp3s.cyber-guard.me/?&utm_campaign=00642_test-best&cep=hvnBPZgANCRtKxcHkI5SME7Kf66DSITynchTKsW7VyBkOPg90rsT1AJ1dwVPT6wLJZ6nEew7J8wSn7AfGv9CQqIibjo8NuY1z6mAeZ_WxVGoAVheMFVweU6j_MxTpAEuPoGGT38IifcRryP8_TNpU-kyJ64xIqmaxuAGmeOBU_K251lQYFOrtgJSUf3cYXM8EQzczpXlwRb0HcYnyNW4AQeoNFzioanFYxFgV0RDfRzT7zx2jTz4ZpYufqyjAgjx3xQIr_8mT_EMlaSG6JkKvKXrXs4Qjr5BTz0mgfT5xbnBJ_7Zi8FEI4Y2iRntg9dISboMOmVUDs0Rr5RHK5szM_ncqIKE-dTC2Sj7QgMAozicrhOO9ZsTl4rhM2jjBWvRl2Sg0CVNS48qe2rldhdpx8arYA448lpXi3U9SBMSCOiAvVH5pvu8KEL235jcf6sIybUyxZLSUwTQ_pz9famdFypZxYJwxPElCr1WY7gtFgo7pQcO1PHIKGOzS8HzbACZP-kvKWyeQqC0BDwGPZ9VF9s6VlLE84YlX9fF9AAu8qXvC7G8jtgM4f74rb2rfsnL&lptoken=1629352f408b27d679dd&keyword=capitalonefinancial.ltd&geo=DE&campaignname=00642&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=439984702&bid=0.002034&clickid=87422756712
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lp3s.cyber-guard.me/
Origin
https://lp3s.cyber-guard.me
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 06:02:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752, 617, 617
age
8518272
cdn-cachedat
2021-07-17 11:05:20
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
4a53e2650f2f584f152bee5e3fed4412
cf-ray
6a51f55aaeb7215d-DUS
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
email-decode.min.js
lp3s.cyber-guard.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp3s.cyber-guard.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: lp3s.cyber-guard.me
URL: https://lp3s.cyber-guard.me/?&utm_campaign=00642_test-best&cep=hvnBPZgANCRtKxcHkI5SME7Kf66DSITynchTKsW7VyBkOPg90rsT1AJ1dwVPT6wLJZ6nEew7J8wSn7AfGv9CQqIibjo8NuY1z6mAeZ_WxVGoAVheMFVweU6j_MxTpAEuPoGGT38IifcRryP8_TNpU-kyJ64xIqmaxuAGmeOBU_K251lQYFOrtgJSUf3cYXM8EQzczpXlwRb0HcYnyNW4AQeoNFzioanFYxFgV0RDfRzT7zx2jTz4ZpYufqyjAgjx3xQIr_8mT_EMlaSG6JkKvKXrXs4Qjr5BTz0mgfT5xbnBJ_7Zi8FEI4Y2iRntg9dISboMOmVUDs0Rr5RHK5szM_ncqIKE-dTC2Sj7QgMAozicrhOO9ZsTl4rhM2jjBWvRl2Sg0CVNS48qe2rldhdpx8arYA448lpXi3U9SBMSCOiAvVH5pvu8KEL235jcf6sIybUyxZLSUwTQ_pz9famdFypZxYJwxPElCr1WY7gtFgo7pQcO1PHIKGOzS8HzbACZP-kvKWyeQqC0BDwGPZ9VF9s6VlLE84YlX9fF9AAu8qXvC7G8jtgM4f74rb2rfsnL&lptoken=1629352f408b27d679dd&keyword=capitalonefinancial.ltd&geo=DE&campaignname=00642&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=439984702&bid=0.002034&clickid=87422756712
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.26.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp3s.cyber-guard.me/?&utm_campaign=00642_test-best&cep=hvnBPZgANCRtKxcHkI5SME7Kf66DSITynchTKsW7VyBkOPg90rsT1AJ1dwVPT6wLJZ6nEew7J8wSn7AfGv9CQqIibjo8NuY1z6mAeZ_WxVGoAVheMFVweU6j_MxTpAEuPoGGT38IifcRryP8_TNpU-kyJ64xIqmaxuAGmeOBU_K251lQYFOrtgJSUf3cYXM8EQzczpXlwRb0HcYnyNW4AQeoNFzioanFYxFgV0RDfRzT7zx2jTz4ZpYufqyjAgjx3xQIr_8mT_EMlaSG6JkKvKXrXs4Qjr5BTz0mgfT5xbnBJ_7Zi8FEI4Y2iRntg9dISboMOmVUDs0Rr5RHK5szM_ncqIKE-dTC2Sj7QgMAozicrhOO9ZsTl4rhM2jjBWvRl2Sg0CVNS48qe2rldhdpx8arYA448lpXi3U9SBMSCOiAvVH5pvu8KEL235jcf6sIybUyxZLSUwTQ_pz9famdFypZxYJwxPElCr1WY7gtFgo7pQcO1PHIKGOzS8HzbACZP-kvKWyeQqC0BDwGPZ9VF9s6VlLE84YlX9fF9AAu8qXvC7G8jtgM4f74rb2rfsnL&lptoken=1629352f408b27d679dd&keyword=capitalonefinancial.ltd&geo=DE&campaignname=00642&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=439984702&bid=0.002034&clickid=87422756712
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 06:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:26:29 GMT
server
cloudflare
etag
W/"616eb975-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbGaaYI8B%2ByVjHWVpn2SdXIhdJ6V1k8cf9kQkEMCj15k5IfFRGHqTz6XhJwRJelMKP5QX2nQxP%2BTXLx01v0Ry6iD4D7ujC9NKFlneSGzzgP7NGXXmSp5wS%2FPqFovSbT8kcu2Jysc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a51f55a7afe68d6-CDG
vary
Accept-Encoding
expires
Sat, 30 Oct 2021 06:02:59 GMT
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af62d4d5b3c78b221cdf4ce81f7dcebf4e673c913fc39c78e51042696f7539e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		492 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32cbabcc9e41fa2129708a6001ab15a55a0a6a97b1880691666fa45ef13edac4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

4 Cookies

Domain/Path Name / Value
.mybetterdl.com/ Name: rhid
Value: 79980360087
.mybetterdl.com/ Name: loi
Value: ad_1126340_off_570907_aff_8203_cid_237996-CAPITALONEFINANCIAL.LTD_ts_1635400979
.track.sparta-tracking.xyz/ Name: 34218920-8f91-45b7-9832-ce93ba48812c-v4
Value: WyDSWASnjq5wJh9y4lTqAs9cnTd6O1QEGr3i7dFJCnU
.track.sparta-tracking.xyz/ Name: cep-v4
Value: NYcfUPyd7QGe1ya3bm-EHqV2mWiCJ2hrjGtJAU6rnH_AaqG7czDLFQyALC0IPespsXXKwFY7B4Y4cBe6D3pKpnpNkNJec4ZoJkVmoU5Rj5uMnzp-myF2sXPwknL7-4nWNEIDEt7r44u3topy-4paKCvsGRui9DIRZqpOqVkvd9UFy2Ttx2RUYPpc4Lvpe4V_WqjMooiKeFmr2QlNhTTFt8Q1jAGrTU9FHBXLt_eEnNyt_XcIAMWf0dW4G0Kg0flYFxkJc7u7ec5mBlSQ9--6eeQ8tNv6VIXD9c_Cf_MXn2y61gJrDs3G1SIIf3kVaD38fwRUcREdzOKAs_PatSvCYCSyaXqp9VPaa1k5q1W2BiNlyVCPnsDTBeG65wiRk1iqICxfGKYx6S6WWach5PPmEopImhyz9Nzbq0kd7Z-ccCxZs0HNBpaDNBaF8iSjt-xf61NyGWs3Q9UA1fzxQoJZkHaMCYn0HNDjgvbwvlhHAfDJyRQsf_ngC0R6W9w95Oi7ft3lC2TUZTX2SujDbe3jbi-EatgwXemWAiEZCzLSyy1veVPFAcvYtznUb7tm6Zny