urlscan.io logo urlscan.io
SecurityTrails logo

lp9s.stop-ads.xyz Open in urlscan Pro
2606:4700:3033::6815:11b6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://viacombcbs.careers/
Effective URL: https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=uUW_qa66Cwj6in8ypAhQMr-mKOTLXPs0NG2nstURp8wBGnoIsVnR...
Submission: On November 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3033::6815:11b6, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp9s.stop-ads.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 4th 2021. Valid for: a year.
This is the only time lp9s.stop-ads.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 162.222.213.198 8100 (ASN-QUADR...)
2 2 173.192.101.24 36351 (SOFTLAYER)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 213.227.132.155 60781 (LEASEWEB-...)
6 4
2    162.222.213.198 (United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
viacombcbs.careers
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p185689.mybetterdl.com
2    2606:4700:3035::6815:253b (United States)

ASN13335 (CLOUDFLARENET, US)
track.sparta-tracking.xyz
4    2606:4700:3033::6815:11b6 (United States)

ASN13335 (CLOUDFLARENET, US)
lp9s.stop-ads.xyz
1    213.227.132.155 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
tracking.prtrackings.com
Domain Requested by
4 lp9s.stop-ads.xyz viacombcbs.careers
lp9s.stop-ads.xyz
2 track.sparta-tracking.xyz 2 redirects
2 viacombcbs.careers 1 redirects
1 tracking.prtrackings.com lp9s.stop-ads.xyz
1 p185689.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
6 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-04 -
2022-01-03		 a year crt.sh
tracking.prtrackings.com
Sectigo RSA Domain Validation Secure Server CA		 2019-12-25 -
2021-12-24		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=uUW_qa66Cwj6in8ypAhQMr-mKOTLXPs0NG2nstURp8wBGnoIsVnRP2kzVlutaBWStoYnImmtdLq7e8-tX8tUX1KVC1p7ymy8Ov6F6tKV8mUTksTOTlmPiN10vUz6_VBOgd6SHADx9jb3rTsLfrvuoyc5cTw3MQ7jXGJnzIKhrNTATIJgo0YQ64eK7gO5AsP6-xjYb-B8KyDS1vZY_ldqZ9MjoNUro5flvNtlOA1QfZ5mDGMlmgEVTH2QRT_y26D9zzCrD_hB1Hno9xrLHvIxKB0X20FRhewgpIe9iGtfGqEPutcN6dtbyybenuX7MdmHMuRkHdkb_L6B41Yr-VQnGt27177s3wIgCu1stM5CK-qrzCqqeqK4f4w4OcgbmEnXrNliCxDBiw6ybjhVAIJO2mZ6gYVucMXSw3IjhuIy74oR-QYD-NBXS0_C-fWKMPnwMaMSbsuR0Y4xjrGn5_yqADhXiiJqjc32unemznmB9aidYThiN1cCu9dOXMJi9W41mh-OY6udpoHTo5NAMtaVSZGrYGy3smVPZxrg95qkgCY&lptoken=165336ff668750376169&keyword=viacombcbs&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=438584271&bid=0.002034&clickid=87529266475
Frame ID: 757DFDF5336E03A864EE1BB7C9EBA81F
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Laden Sie die bereite AdBlocker and Privacy Protector Browsererweiterung herunter

Page URL History Show full URLs

  1. http://viacombcbs.careers/ Page URL
  2. http://viacombcbs.careers/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNjY... HTTP 302
    https://mybetterdl.com/aS/feedclick?s=EUEFNSLDhHsKg2DaWTq2KI8uDhK_8R6jDLzWMB6sYJbicX8KFcsYvdIA0GX5u... HTTP 302
    https://p185689.mybetterdl.com/adServe/domainClick?ai=IMh5EoW_2OqMaMm9W8tmTu6U6lDt_vq2IDoxNUj8LWXn4DIaHYDcZ... HTTP 302
    http://track.sparta-tracking.xyz/57730d73-c197-46d0-ba68-56cb980d2001?keyword=viacombcbs&geo=DE&campaignname=... HTTP 301
    https://track.sparta-tracking.xyz/57730d73-c197-46d0-ba68-56cb980d2001?keyword=viacombcbs&geo=DE&campaignname=... HTTP 302
    https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=uUW_qa66Cwj6in8ypAhQMr-mKOTLXPs0... Page URL

Page Statistics

6
Requests

83 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

66 kB
Transfer

77 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://viacombcbs.careers/ Page URL
  2. http://viacombcbs.careers/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNjY3MDQyOSwiaWF0IjoxNjM2NjYzMjI5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycXI5aDI5bWlrbjhlcDM4ZW8wa2RyY2EiLCJuYmYiOjE2MzY2NjMyMjksInRzIjoxNjM2NjYzMjI5Njg5MzcyfQ.Psd6mQtRauSZyc_ftIxKWqoUCdS-MsxJsZSlL3UOwNo&sid=9bb95342-432f-11ec-9bc0-4bb0dc02f7b7 HTTP 302
    https://mybetterdl.com/aS/feedclick?s=EUEFNSLDhHsKg2DaWTq2KI8uDhK_8R6jDLzWMB6sYJbicX8KFcsYvdIA0GX5uBAhWj8LQHqdt3gdK7X5QIc3n0hfs9IVa7UGgGUtnOtrdEShwgPSYDeeRhYRq2NAfQ6SiUnMKG1xv31r6HPqc5_T5XfmENYXbWzNNl6RGTsBSknRP7mLdAU_N_WpAQO6qnd215MljBnOgvZX5XoPiw7x7y66axd7Viu-vWbqTbu0p1hK6PxuBVWMZWm9ZyU-8Je-nGjTbqMR3L5gDHvts1_KUNuhjM-wQd0g6P4qns7hzmucz6ezwCMv3jX0K8ie_KKkwX00u3uzXwxK03UlqMAml0hYSCFyzdL17NhdB8-exJU5OWRJ7jQXfJRqygV2gyQ7lAPuy6tq1WedBlUJ425E8Kalxa6MsQX0xO2e3-a6a7iBWFAqUiW7WB_41eUU9P-gLwaYnPMHPRAMMC-i-6olwPJeR1NFyi3bNOTbuNhwLHerzFuF7tIgSq4Vc02xlrS5S_j9WkAxEl2AsVOTMBJL2G1Ew_SaALAD0sAk_r89C-nCAUkA7pZ1e23fn7w2LRixQ04Xkt6s92M2Pr8vr3tvM-Rao8rBlk_DZRs8c30CoFexiHHXK_MlgDpPHcZCjeTS6BpV6t8j3qnuWpEIwhL8R1IW-PESELH-oZtO-DWrhPLgk-ZF_RkLFvt_0FNiVS473lhzwAjGpu8V2Es81zr_TaOLMD3heBSc63_it0jweyh89GEh3GRWxivisRILrIx5vtTEMiDt4acwqUYLEjQqPvjsnFXlcb3Y7q-ZoeqED3vLUcs8n0lTjzjTP6teEESceSwZDhybe1Vw1G9DYTI1SbUOKoM97KXG_J8eWQBAHKx90D4PnnwwPOsswmnrHx1ipqp-K9wykWP8oRIug5ydVdqrGcY8-P3_JaeWMxsJu54bhIQsYRBBFRcpkts0s5B-4fEd43ekEDgVlFdz_qhtADEenYNa2v1l5-AyGh2A3GejrQnXbBUaWnPxx2uDbUn9tbGqDhJJgpJRmV8YJoUdyDc_kFNLUHsY0tbI00g3b8Y05wRuii6IcMqle7RE0e3D_qNWt4B42WtRlVsrHllsCunO6Ig06cQ2kDncvirW3HfvmKrJF4pkQi-6HqhJkCym6vSGmOi2MSGVjHS4VWfm-Z-fVWLeVex-mnX7DCNCqt4Lu4ZMhasMgTWxta8M5_ibDTxgTd7EEbEq48B-TWWRRpSx1yeChO3_nPSADmjSSdB1opJmaahLRP-HXKLVtCsxmySSUPJ-axXbUo5BDCljk79xhQ18tUvlg2LPAfjiDZTfKcPlQ5sGLoeHC30Bgho9Q9KbjF-Hzg3ulOpQ7f76tpKVN05GRi9KJTu6AXYz7K6mLu-BPhHHsoCMdUjOM95hTQGQ7tYjQDZVdm6RApPhvurMsikZo5XnOKRwYy5oJYoFwedbak_fsoQnCIq4l1T5C11g9iu4NIjdAM6fo_EBoQ HTTP 302
    https://p185689.mybetterdl.com/adServe/domainClick?ai=IMh5EoW_2OqMaMm9W8tmTu6U6lDt_vq2IDoxNUj8LWXn4DIaHYDcZ6OtCddsFRpac_HHa4NtSf3mDZvg1ahaujj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgWxkh5z_jZJVWRp1iEJSpnLdibmKkat3avr4nvPsKvQNOYwwqJPWDKzulOpQ7f76tiD9mLDS6_n5PEJgX-VB28gsXWBKOMKw9oeHC30Bgho9DV1sag91outrXZ7fy64Z_MSDPhdk_SCbAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gLLZsb0cHVa65kygdpabC421p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0jH4o0AoxkN58ZOgDk8SzkuFmexGHmlcYcS33aYyBWDD&ui=EUEFNSLDhHsKg2DaWTq2KPbWwvziNp_1xLgNeF8Zj-gKNJ4Emsktksf0SD-4pdpEtBguURdZ1rACT3tWq_Q98wnzIxdG0DhfC51Wktks_pkZ0J-9_-MyZg&si=1&oref=00ec557509f93d8b278e1c44440a6627&optunit=pi7vgT4Rx7JnCEM2JHQHoFi29PkGSGHT&rb=C_lrX6SYBKQ&rr=4&abtg=0 HTTP 302
    http://track.sparta-tracking.xyz/57730d73-c197-46d0-ba68-56cb980d2001?keyword=viacombcbs&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=438584271&bid=0.002034&clickid=87529266475 HTTP 301
    https://track.sparta-tracking.xyz/57730d73-c197-46d0-ba68-56cb980d2001?keyword=viacombcbs&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=438584271&bid=0.002034&clickid=87529266475 HTTP 302
    https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=uUW_qa66Cwj6in8ypAhQMr-mKOTLXPs0NG2nstURp8wBGnoIsVnRP2kzVlutaBWStoYnImmtdLq7e8-tX8tUX1KVC1p7ymy8Ov6F6tKV8mUTksTOTlmPiN10vUz6_VBOgd6SHADx9jb3rTsLfrvuoyc5cTw3MQ7jXGJnzIKhrNTATIJgo0YQ64eK7gO5AsP6-xjYb-B8KyDS1vZY_ldqZ9MjoNUro5flvNtlOA1QfZ5mDGMlmgEVTH2QRT_y26D9zzCrD_hB1Hno9xrLHvIxKB0X20FRhewgpIe9iGtfGqEPutcN6dtbyybenuX7MdmHMuRkHdkb_L6B41Yr-VQnGt27177s3wIgCu1stM5CK-qrzCqqeqK4f4w4OcgbmEnXrNliCxDBiw6ybjhVAIJO2mZ6gYVucMXSw3IjhuIy74oR-QYD-NBXS0_C-fWKMPnwMaMSbsuR0Y4xjrGn5_yqADhXiiJqjc32unemznmB9aidYThiN1cCu9dOXMJi9W41mh-OY6udpoHTo5NAMtaVSZGrYGy3smVPZxrg95qkgCY&lptoken=165336ff668750376169&keyword=viacombcbs&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=438584271&bid=0.002034&clickid=87529266475 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
viacombcbs.careers/ 		474 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
http://viacombcbs.careers/
Protocol
HTTP/1.1
Server
162.222.213.198 , United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
474
content-type
text/html; charset=utf-8
date
Thu, 11 Nov 2021 20:40:28 GMT
server
nginx
Primary Request /
lp9s.stop-ads.xyz/
Redirect Chain
  • http://viacombcbs.careers/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNjY3MDQyOSwiaWF0IjoxNjM2NjYzMjI5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycXI5aDI5bWlrbjhlcDM4ZW8wa2...
  • https://mybetterdl.com/aS/feedclick?s=EUEFNSLDhHsKg2DaWTq2KI8uDhK_8R6jDLzWMB6sYJbicX8KFcsYvdIA0GX5uBAhWj8LQHqdt3gdK7X5QIc3n0hfs9IVa7UGgGUtnOtrdEShwgPSYDeeRhYRq2NAfQ6SiUnMKG1xv31r6HPqc5_T5XfmENYXbWz...
  • https://p185689.mybetterdl.com/adServe/domainClick?ai=IMh5EoW_2OqMaMm9W8tmTu6U6lDt_vq2IDoxNUj8LWXn4DIaHYDcZ6OtCddsFRpac_HHa4NtSf3mDZvg1ahaujj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgWxkh5z_jZJVWRp1iEJSpnLdibm...
  • http://track.sparta-tracking.xyz/57730d73-c197-46d0-ba68-56cb980d2001?keyword=viacombcbs&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=438584271&bi...
  • https://track.sparta-tracking.xyz/57730d73-c197-46d0-ba68-56cb980d2001?keyword=viacombcbs&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=438584271&b...
  • https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=uUW_qa66Cwj6in8ypAhQMr-mKOTLXPs0NG2nstURp8wBGnoIsVnRP2kzVlutaBWStoYnImmtdLq7e8-tX8tUX1KVC1p7ymy8Ov6F6tKV8mUTksTOTlmPiN10vUz6_VB...
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=uUW_qa66Cwj6in8ypAhQMr-mKOTLXPs0NG2nstURp8wBGnoIsVnRP2kzVlutaBWStoYnImmtdLq7e8-tX8tUX1KVC1p7ymy8Ov6F6tKV8mUTksTOTlmPiN10vUz6_VBOgd6SHADx9jb3rTsLfrvuoyc5cTw3MQ7jXGJnzIKhrNTATIJgo0YQ64eK7gO5AsP6-xjYb-B8KyDS1vZY_ldqZ9MjoNUro5flvNtlOA1QfZ5mDGMlmgEVTH2QRT_y26D9zzCrD_hB1Hno9xrLHvIxKB0X20FRhewgpIe9iGtfGqEPutcN6dtbyybenuX7MdmHMuRkHdkb_L6B41Yr-VQnGt27177s3wIgCu1stM5CK-qrzCqqeqK4f4w4OcgbmEnXrNliCxDBiw6ybjhVAIJO2mZ6gYVucMXSw3IjhuIy74oR-QYD-NBXS0_C-fWKMPnwMaMSbsuR0Y4xjrGn5_yqADhXiiJqjc32unemznmB9aidYThiN1cCu9dOXMJi9W41mh-OY6udpoHTo5NAMtaVSZGrYGy3smVPZxrg95qkgCY&lptoken=165336ff668750376169&keyword=viacombcbs&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=438584271&bid=0.002034&clickid=87529266475
Requested by
Host: viacombcbs.careers
URL: http://viacombcbs.careers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:11b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
421449e44de8fec608f5fce17d3e639a578c882c774f972e587881c04aac354a
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://viacombcbs.careers/

Response headers

date
Thu, 11 Nov 2021 20:41:01 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
ALLOWALL
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Authorization
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yh%2FNxYoird4FpJh3wsIh%2B94bDakSc1G3TAWYNMVdQjVAyKFer2NDrEBLGErQqk%2FIB6XHo2sWsL%2BrzBQT3FJ9P8NaZYejnVCbWJ17bmJvHKSWO37hINQgDSLU1cgl2SGHnTap%2FrKaS6MIE8hjZzXrzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6aca56c9bd895b38-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Thu, 11 Nov 2021 20:41:01 GMT
content-length
0
cache-control
no-store, no-cache, pre-check=0, post-check=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=uUW_qa66Cwj6in8ypAhQMr-mKOTLXPs0NG2nstURp8wBGnoIsVnRP2kzVlutaBWStoYnImmtdLq7e8-tX8tUX1KVC1p7ymy8Ov6F6tKV8mUTksTOTlmPiN10vUz6_VBOgd6SHADx9jb3rTsLfrvuoyc5cTw3MQ7jXGJnzIKhrNTATIJgo0YQ64eK7gO5AsP6-xjYb-B8KyDS1vZY_ldqZ9MjoNUro5flvNtlOA1QfZ5mDGMlmgEVTH2QRT_y26D9zzCrD_hB1Hno9xrLHvIxKB0X20FRhewgpIe9iGtfGqEPutcN6dtbyybenuX7MdmHMuRkHdkb_L6B41Yr-VQnGt27177s3wIgCu1stM5CK-qrzCqqeqK4f4w4OcgbmEnXrNliCxDBiw6ybjhVAIJO2mZ6gYVucMXSw3IjhuIy74oR-QYD-NBXS0_C-fWKMPnwMaMSbsuR0Y4xjrGn5_yqADhXiiJqjc32unemznmB9aidYThiN1cCu9dOXMJi9W41mh-OY6udpoHTo5NAMtaVSZGrYGy3smVPZxrg95qkgCY&lptoken=165336ff668750376169&keyword=viacombcbs&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=438584271&bid=0.002034&clickid=87529266475
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lsdXwpPLtPcovRRX7LYtbcM6PEqXSgvPifUaALNDdOcbYFg2kVE9D3sI08Gijrk7Qy7xQf9Pi%2BC74p63xLkLae2z4McN9mYtPVTuHTyep9GLuB79N9hIwZEFItxWdy6C4Q%2BdA8ryfwC5%2F8RMnos%2FCeqXqdEd0PI"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6aca56c94a535c0e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ChromeWebStore_Badge_v2_206x58.png
lp9s.stop-ads.xyz/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp9s.stop-ads.xyz/ChromeWebStore_Badge_v2_206x58.png
Requested by
Host: lp9s.stop-ads.xyz
URL: https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=uUW_qa66Cwj6in8ypAhQMr-mKOTLXPs0NG2nstURp8wBGnoIsVnRP2kzVlutaBWStoYnImmtdLq7e8-tX8tUX1KVC1p7ymy8Ov6F6tKV8mUTksTOTlmPiN10vUz6_VBOgd6SHADx9jb3rTsLfrvuoyc5cTw3MQ7jXGJnzIKhrNTATIJgo0YQ64eK7gO5AsP6-xjYb-B8KyDS1vZY_ldqZ9MjoNUro5flvNtlOA1QfZ5mDGMlmgEVTH2QRT_y26D9zzCrD_hB1Hno9xrLHvIxKB0X20FRhewgpIe9iGtfGqEPutcN6dtbyybenuX7MdmHMuRkHdkb_L6B41Yr-VQnGt27177s3wIgCu1stM5CK-qrzCqqeqK4f4w4OcgbmEnXrNliCxDBiw6ybjhVAIJO2mZ6gYVucMXSw3IjhuIy74oR-QYD-NBXS0_C-fWKMPnwMaMSbsuR0Y4xjrGn5_yqADhXiiJqjc32unemznmB9aidYThiN1cCu9dOXMJi9W41mh-OY6udpoHTo5NAMtaVSZGrYGy3smVPZxrg95qkgCY&lptoken=165336ff668750376169&keyword=viacombcbs&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=438584271&bid=0.002034&clickid=87529266475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:11b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 20:41:01 GMT
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 13:27:30 GMT
server
cloudflare
etag
W/"61701942-d6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOWALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqPHA6WnVEHPxAC6%2Bzr0uZ106j9ATAg30XA6A83F3wgFQzF6p5YjvU4fv0vJV7xi0rvSG%2F8ZvtwImLW7ZGHePoR8Nbs8GMnHKyL%2FwI8PKeZa%2BkYeEzcMsoLlaQVe13o0OGtxnhDmfI%2F6D3uEtw0cwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6aca56ca4ec55b38-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Authorization
preland.js
tracking.prtrackings.com/ 		1 KB
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.prtrackings.com/preland.js
Requested by
Host: lp9s.stop-ads.xyz
URL: https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=uUW_qa66Cwj6in8ypAhQMr-mKOTLXPs0NG2nstURp8wBGnoIsVnRP2kzVlutaBWStoYnImmtdLq7e8-tX8tUX1KVC1p7ymy8Ov6F6tKV8mUTksTOTlmPiN10vUz6_VBOgd6SHADx9jb3rTsLfrvuoyc5cTw3MQ7jXGJnzIKhrNTATIJgo0YQ64eK7gO5AsP6-xjYb-B8KyDS1vZY_ldqZ9MjoNUro5flvNtlOA1QfZ5mDGMlmgEVTH2QRT_y26D9zzCrD_hB1Hno9xrLHvIxKB0X20FRhewgpIe9iGtfGqEPutcN6dtbyybenuX7MdmHMuRkHdkb_L6B41Yr-VQnGt27177s3wIgCu1stM5CK-qrzCqqeqK4f4w4OcgbmEnXrNliCxDBiw6ybjhVAIJO2mZ6gYVucMXSw3IjhuIy74oR-QYD-NBXS0_C-fWKMPnwMaMSbsuR0Y4xjrGn5_yqADhXiiJqjc32unemznmB9aidYThiN1cCu9dOXMJi9W41mh-OY6udpoHTo5NAMtaVSZGrYGy3smVPZxrg95qkgCY&lptoken=165336ff668750376169&keyword=viacombcbs&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=438584271&bid=0.002034&clickid=87529266475
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.132.155 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
2e898095bacd02d29dacf21f6ecb896a313a8cbc002ce7e87d491699cc404c58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 20:41:01 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
email-decode.min.js
lp9s.stop-ads.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp9s.stop-ads.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: lp9s.stop-ads.xyz
URL: https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=uUW_qa66Cwj6in8ypAhQMr-mKOTLXPs0NG2nstURp8wBGnoIsVnRP2kzVlutaBWStoYnImmtdLq7e8-tX8tUX1KVC1p7ymy8Ov6F6tKV8mUTksTOTlmPiN10vUz6_VBOgd6SHADx9jb3rTsLfrvuoyc5cTw3MQ7jXGJnzIKhrNTATIJgo0YQ64eK7gO5AsP6-xjYb-B8KyDS1vZY_ldqZ9MjoNUro5flvNtlOA1QfZ5mDGMlmgEVTH2QRT_y26D9zzCrD_hB1Hno9xrLHvIxKB0X20FRhewgpIe9iGtfGqEPutcN6dtbyybenuX7MdmHMuRkHdkb_L6B41Yr-VQnGt27177s3wIgCu1stM5CK-qrzCqqeqK4f4w4OcgbmEnXrNliCxDBiw6ybjhVAIJO2mZ6gYVucMXSw3IjhuIy74oR-QYD-NBXS0_C-fWKMPnwMaMSbsuR0Y4xjrGn5_yqADhXiiJqjc32unemznmB9aidYThiN1cCu9dOXMJi9W41mh-OY6udpoHTo5NAMtaVSZGrYGy3smVPZxrg95qkgCY&lptoken=165336ff668750376169&keyword=viacombcbs&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=438584271&bid=0.002034&clickid=87529266475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:11b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 20:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Nov 2021 15:43:33 GMT
server
cloudflare
etag
W/"618945a5-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQllMKLHiaD%2BgRCLRrw0uDW1i4ayWMzTnPRTbizXwVN2VPF29L8%2F21lmDbTPfTpvd8jsIAp%2BHIQZy9tzNI8sPqfjpaGxpiDDLqasaNPIsmTaw8gvsHQemOC2a04QV24lC19DeKQSpGSeLetsZMuqnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6aca56ca4ec85b38-FRA
vary
Accept-Encoding
expires
Sat, 13 Nov 2021 20:41:01 GMT
movies1.jpg
lp9s.stop-ads.xyz/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp9s.stop-ads.xyz/movies1.jpg
Requested by
Host: lp9s.stop-ads.xyz
URL: https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=uUW_qa66Cwj6in8ypAhQMr-mKOTLXPs0NG2nstURp8wBGnoIsVnRP2kzVlutaBWStoYnImmtdLq7e8-tX8tUX1KVC1p7ymy8Ov6F6tKV8mUTksTOTlmPiN10vUz6_VBOgd6SHADx9jb3rTsLfrvuoyc5cTw3MQ7jXGJnzIKhrNTATIJgo0YQ64eK7gO5AsP6-xjYb-B8KyDS1vZY_ldqZ9MjoNUro5flvNtlOA1QfZ5mDGMlmgEVTH2QRT_y26D9zzCrD_hB1Hno9xrLHvIxKB0X20FRhewgpIe9iGtfGqEPutcN6dtbyybenuX7MdmHMuRkHdkb_L6B41Yr-VQnGt27177s3wIgCu1stM5CK-qrzCqqeqK4f4w4OcgbmEnXrNliCxDBiw6ybjhVAIJO2mZ6gYVucMXSw3IjhuIy74oR-QYD-NBXS0_C-fWKMPnwMaMSbsuR0Y4xjrGn5_yqADhXiiJqjc32unemznmB9aidYThiN1cCu9dOXMJi9W41mh-OY6udpoHTo5NAMtaVSZGrYGy3smVPZxrg95qkgCY&lptoken=165336ff668750376169&keyword=viacombcbs&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=438584271&bid=0.002034&clickid=87529266475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:11b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8111cdce17bec2d21f42ea5027bea1948eb0b75bfb8fe7e037054386e0b0d19
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=uUW_qa66Cwj6in8ypAhQMr-mKOTLXPs0NG2nstURp8wBGnoIsVnRP2kzVlutaBWStoYnImmtdLq7e8-tX8tUX1KVC1p7ymy8Ov6F6tKV8mUTksTOTlmPiN10vUz6_VBOgd6SHADx9jb3rTsLfrvuoyc5cTw3MQ7jXGJnzIKhrNTATIJgo0YQ64eK7gO5AsP6-xjYb-B8KyDS1vZY_ldqZ9MjoNUro5flvNtlOA1QfZ5mDGMlmgEVTH2QRT_y26D9zzCrD_hB1Hno9xrLHvIxKB0X20FRhewgpIe9iGtfGqEPutcN6dtbyybenuX7MdmHMuRkHdkb_L6B41Yr-VQnGt27177s3wIgCu1stM5CK-qrzCqqeqK4f4w4OcgbmEnXrNliCxDBiw6ybjhVAIJO2mZ6gYVucMXSw3IjhuIy74oR-QYD-NBXS0_C-fWKMPnwMaMSbsuR0Y4xjrGn5_yqADhXiiJqjc32unemznmB9aidYThiN1cCu9dOXMJi9W41mh-OY6udpoHTo5NAMtaVSZGrYGy3smVPZxrg95qkgCY&lptoken=165336ff668750376169&keyword=viacombcbs&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=438584271&bid=0.002034&clickid=87529266475
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 20:41:01 GMT
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53291
last-modified
Wed, 20 Oct 2021 13:27:30 GMT
server
cloudflare
x-frame-options
ALLOWALL
etag
"61701942-d02b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNMdyzHgnKkjjue5sw1ngWEA1e82iWBuCnYAi1X5XXYqa5BmUA%2Fc2RmteCvVNBFuoDDOtawUwNJ7ebrP7tbDGy7ppi4B1wWs82%2FpoW7hSJ%2FAkHv0bC4%2F1AQcvJOk2ySGihUcwItBpnzj4bmAOeDy0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6aca56ca4ec95b38-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Authorization
truncated
/ 		173 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e32d99e816a42958b9473f470a2600963602981007576d85220044e6137965b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| d string| to function| base64_decode function| getParameterByName

5 Cookies

Domain/Path Name / Value
.viacombcbs.careers/ Name: sid
Value: 9bb95342-432f-11ec-9bc0-4bb0dc02f7b7
.mybetterdl.com/ Name: rhid
Value: 80083912673
.mybetterdl.com/ Name: loi
Value: ad_1126339_off_570906_aff_8203_cid_185689-VIACOMBCBS.CAREERS_ts_1636663261
.track.sparta-tracking.xyz/ Name: 57730d73-c197-46d0-ba68-56cb980d2001-v4
Value: CQhC3M7eJpzKFFCJ0qpsAZzpxY7dGEiSXi_k8MG0LMc
.track.sparta-tracking.xyz/ Name: cep-v4
Value: QyzuZ8BUBnR7wFUgDRhxou2t8VJgk9m1YFOBSdaYpwlsBFaHv5Um5jQxN7AGVWE00PsDJ3aIK7AK93thjKfU108TDaSQm14zaSa_OaGzP0-OHN2mN288Ka-400ATEnmw39y_mN4zKUqFC_sLBjBiYc9CLfMyZ2I-GrRL09RIzzCg7krpuOaVDSOGUvkJeeKneotmal68lPuBzQVDLhTSJRbywEPuYSUON8RHs45AhYy3YcZV6J0QF_PeZTKSTsU3gYg4lyUwIwkDkVclBsB3TeokbLbSE96NWF8HKcSGVboBLJVHN-31yp4vR0lPMH7DOSHKPLpmEM12AQUHTNGtZJ64-w9e8demRb7EMfaUetv-fo2T_oMSEZ14dOU9l25e5kNHDhK9CWnNsy_aUFm6z_3_6eBllrGaCvxiGdbkt7-yQDWvs_uJWbXJbPayfxJ9fxLh4FAqgJWuiszib-R4_y2rvgHvN-MTPD0D1CQHybjaf_en9i9oj_kpwuux4mrNApcJTJikekbgkx6BkHGoZ51UAelW7BqsLfz0QWr7xcc