delivery-jobs-21621.bond
185.53.179.142 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
http://delivery-jobs-21621.bond/ 7mo old
Submission: On January 10 via api (January 10th 2026, 2:17:55 pm UTC) from GB — Scanned from DE

Summary HTTP 21 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 185.53.179.142, located in Germany and belongs to TEAMINTERNET-AS Team Internet AG, DE. The main domain is delivery-jobs-21621.bond. 7mo old

This is the only time delivery-jobs-21621.bond was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	185.53.179.142 185.53.179.142	61969 (TEAMINTER...) (TEAMINTERNET-AS Team Internet AG)
1	13.35.58.37 13.35.58.37	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
4	3.248.162.96 3.248.162.96	16509 (AMAZON-02) (AMAZON-02)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
4	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
2	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
21	8

5 185.53.179.142 (Germany)

ASN61969 (TEAMINTERNET-AS Team Internet AG, DE)

delivery-jobs-21621.bond 7mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.35.58.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-37.fra60.r.cloudfront.net

euob.youstarsbuilding.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 3.248.162.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-162-96.eu-west-1.compute.amazonaws.com

obseu.youstarsbuilding.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

partner.googleadservices.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f14.1e100.net

syndicatedsearch.goog 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

afs.googleusercontent.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
5	youstarsbuilding.com euob.youstarsbuilding.com — Cisco Umbrella Rank: 87697 2yr old obseu.youstarsbuilding.com — Cisco Umbrella Rank: 97359 2yr old	46 KB
5	delivery-jobs-21621.bond delivery-jobs-21621.bond 7mo old	9 KB
4	syndicatedsearch.goog syndicatedsearch.goog — Cisco Umbrella Rank: 3721 3yr old	53 KB
2	googleusercontent.com afs.googleusercontent.com — Cisco Umbrella Rank: 15529 9yr old	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 6130 9yr old	270 B
1	google.com www.google.com — Cisco Umbrella Rank: 2 56yr old	48 KB
0	cloudfront.net Failed d1t9jheyiyj1h6.cloudfront.net Failed 4yr old
21	7

	Domain	Requested by
5	delivery-jobs-21621.bond	delivery-jobs-21621.bond
4	syndicatedsearch.goog	www.google.com syndicatedsearch.goog delivery-jobs-21621.bond
4	obseu.youstarsbuilding.com	euob.youstarsbuilding.com delivery-jobs-21621.bond
2	afs.googleusercontent.com	delivery-jobs-21621.bond
1	partner.googleadservices.com	www.google.com
1	www.google.com	delivery-jobs-21621.bond
1	euob.youstarsbuilding.com	delivery-jobs-21621.bond
0	d1t9jheyiyj1h6.cloudfront.net Failed	delivery-jobs-21621.bond
21	8

This site contains links to these domains. Also see Links.

Domain
delivery-jobs-21621.bond

Subject Issuer	Validity	Valid
*.youstarsbuilding.com Amazon RSA 2048 M04	`2025-05-18` - `2026-06-16`	1yr	crt.sh
*.googleadservices.com WE2	`2025-12-03` - `2026-02-25`	3mo	crt.sh
syndicatedsearch.goog WE2	`2025-12-03` - `2026-02-25`	3mo	crt.sh
*.googleusercontent.com WE2	`2025-12-03` - `2026-02-25`	3mo	crt.sh

This page contains 2 frames:

Primary Page: http://delivery-jobs-21621.bond/
Frame ID: 96824DE11F7D53A4AE45EA2C36FFC747
Requests: 17 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?sjk=5OAFAeL%2FRFmjpg86f4e7Qg%3D%3D&adtest=off&psid=8721831397&pcsa=false&channel=000001%2Cbucket009&client=dp-teaminternet01&r=m&hl=de&ivt=0&rpbu=http%3A%2F%2Fdelivery-jobs-21621.bond%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Y-1Dt9LZxOJP67jmy9ziFIfww54AX3QOJyPtitf0OsgFfNkovvpZcA.Bho4EgFinMLzF9OHcHuOSw.yDyCcvP205wVJPGH0vb0XkROjEylNtRMXMShmAyej_HEKd0FHPBidbOX6qed9ZwtTDJqX_8SLktyRflgvodLSPiEPGXdiNvIJrAXE96tuY9Va-Um5K17FZgWCzTENGLny6Tz98zG-ZZ8JzExzspw3n3Mu9o7DOoWEeYcGdtI2UhxREzR73me0saPMZVeUn6pVbAVqZC-7d1IakzzWclVx7rU4AbS3uk3WDLWUEBgSZb1p2betEOA8G9L1JO_2Wi6iUTM9cntTrhgtDfSbX9YxQm7HDu0Gg5YyrR5oDupB1dWcuenAqX6zexcCWeMebwzT7KKng_R8ynwPiiXB5aCEWlKBGRsDUKe1rqvL7waVFqUZw0jLWHg-Da55R9RlZibBsCSYQkUeHiBSKESeJGLqHmPx-pUJLaM7KobJ_ULaqujcrrndG6hjvS-mHMaVcVO4UVAkklRsgNflS4bsNOhsx2LzdqaimuQIZaBvuLB3jZVxdhlYPC0U_LlX2VNgBEjwruPA7TYXctdFlQYp9CIx9LXxCHqGK2k0nUMT9baLeE1Ffb5ZflZeg8vDIFzljVJ43rAZ4Ik3nNvYCf9WSKU7g.iXSYm7Cgu0wMmHme79485Q&type=3&swp=as-drid-oo-1808423912321928&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301266%2C72717107%2C17301544&format=r3&nocache=5181768054678718&num=0&output=afd_ads&domain_name=delivery-jobs-21621.bond&v=3&bsl=8&pac=2&u_his=2&u_tz=60&dt=1768054678720&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=920&frm=0&uio=-&cont=tc&drt=0&jsid=caf&nfp=1&jsv=842209568&rurl=http%3A%2F%2Fdelivery-jobs-21621.bond%2F
Frame ID: E183571C10B688A2E898F2371A4A6664
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

delivery-jobs-21621.bond

Page URL History Show full URLs

http://delivery-jobs-21621.bond/ HTTP 307
https://delivery-jobs-21621.bond/ HTTP 307
http://delivery-jobs-21621.bond/ Page URL

Page Statistics

21
Requests

57 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

157 kB
Transfer

415 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://delivery-jobs-21621.bond/?ts=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Y-1Dt9LZxOJP67jmy9ziFIfww54AX3QOJyPtitf0OsgFfNkovvpZcA.Bho4EgFinMLzF9OHcHuOSw.yDyCcvP205wVJPGH0vb0XkROjEylNtRMXMShmAyej_HEKd0FHPBidbOX6qed9ZwtTDJqX_8SLktyRflgvodLSPiEPGXdiNvIJrAXE96tuY9Va-Um5K17FZgWCzTENGLny6Tz98zG-ZZ8JzExzspw3n3Mu9o7DOoWEeYcGdtI2UhxREzR73me0saPMZVeUn6pVbAVqZC-7d1IakzzWclVx7rU4AbS3uk3WDLWUEBgSZb1p2betEOA8G9L1JO_2Wi6iUTM9cntTrhgtDfSbX9YxQm7HDu0Gg5YyrR5oDupB1dWcuenAqX6zexcCWeMebwzT7KKng_R8ynwPiiXB5aCEWlKBGRsDUKe1rqvL7waVFqUZw0jLWHg-Da55R9RlZibBsCSYQkUeHiBSKESeJGLqHmPx-pUJLaM7KobJ_ULaqujcrrndG6hjvS-mHMaVcVO4UVAkklRsgNflS4bsNOhsx2LzdqaimuQIZaBvuLB3jZVxdhlYPC0U_LlX2VNgBEjwruPA7TYXctdFlQYp9CIx9LXxCHqGK2k0nUMT9baLeE1Ffb5ZflZeg8vDIFzljVJ43rAZ4Ik3nNvYCf9WSKU7g.iXSYm7Cgu0wMmHme79485Q&query=Fahrer+Jobs+Klasse+B&afdToken=ChMIjf3I-JSBkgMVOEHxAx1degIHEnUBlLqpj6FA8o5rhOs58SQQuCS7tGMHjXee5OaOLQMNx8nPKilaH_hVmnE_JVfY_QuzeT1YWwD5NWY6XFYf7I6EZu__0lNpTpqwC2J-jDPWuPBX1vAOFWi9PCkx2t9vKLSlZZYny9b1XRluxKoSe1Fq-DQV-W0gATI1AbFSVKoPFd8I2eyLNp-DeT3TEmoP-oQaE47SjdmBLw0HOQuq4Jmus__gkLP70ji6YW_r4JQ&pcsa=false&nb=0
Title: Fahrer Jobs Klasse B

Search URL Search Domain Scan URL

URL: http://delivery-jobs-21621.bond/?ts=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Y-1Dt9LZxOJP67jmy9ziFIfww54AX3QOJyPtitf0OsgFfNkovvpZcA.Bho4EgFinMLzF9OHcHuOSw.yDyCcvP205wVJPGH0vb0XkROjEylNtRMXMShmAyej_HEKd0FHPBidbOX6qed9ZwtTDJqX_8SLktyRflgvodLSPiEPGXdiNvIJrAXE96tuY9Va-Um5K17FZgWCzTENGLny6Tz98zG-ZZ8JzExzspw3n3Mu9o7DOoWEeYcGdtI2UhxREzR73me0saPMZVeUn6pVbAVqZC-7d1IakzzWclVx7rU4AbS3uk3WDLWUEBgSZb1p2betEOA8G9L1JO_2Wi6iUTM9cntTrhgtDfSbX9YxQm7HDu0Gg5YyrR5oDupB1dWcuenAqX6zexcCWeMebwzT7KKng_R8ynwPiiXB5aCEWlKBGRsDUKe1rqvL7waVFqUZw0jLWHg-Da55R9RlZibBsCSYQkUeHiBSKESeJGLqHmPx-pUJLaM7KobJ_ULaqujcrrndG6hjvS-mHMaVcVO4UVAkklRsgNflS4bsNOhsx2LzdqaimuQIZaBvuLB3jZVxdhlYPC0U_LlX2VNgBEjwruPA7TYXctdFlQYp9CIx9LXxCHqGK2k0nUMT9baLeE1Ffb5ZflZeg8vDIFzljVJ43rAZ4Ik3nNvYCf9WSKU7g.iXSYm7Cgu0wMmHme79485Q&query=Driver+Jobs+Near+Me+Part+Time&afdToken=ChMIjf3I-JSBkgMVOEHxAx1degIHEnYBlLqpjx_wP6Yp-2XP7t9mibbn8omyNtU06m-MTa29I5qJAKD6aP0NlpIFdpHqjy8L_A7VM-fkUgnihhpl2Q1_Dk4oqaoMBiPjNh3UKni_MfY7h3gQ-AojCD0If5MevFb9vxpGbO-ZAbBUAvdlKyMTA2zSAdFyIAEyNQGxUlSqvMEyr0FumMPY3VdxcBcy-xGFi2ejklBSPD62_8pbQqf2K6Y0bKDKiIjToayOvxU9&pcsa=false&nb=0
Title: Driver Jobs Near Me Part Time

Search URL Search Domain Scan URL

URL: http://delivery-jobs-21621.bond/?ts=eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Y-1Dt9LZxOJP67jmy9ziFIfww54AX3QOJyPtitf0OsgFfNkovvpZcA.Bho4EgFinMLzF9OHcHuOSw.yDyCcvP205wVJPGH0vb0XkROjEylNtRMXMShmAyej_HEKd0FHPBidbOX6qed9ZwtTDJqX_8SLktyRflgvodLSPiEPGXdiNvIJrAXE96tuY9Va-Um5K17FZgWCzTENGLny6Tz98zG-ZZ8JzExzspw3n3Mu9o7DOoWEeYcGdtI2UhxREzR73me0saPMZVeUn6pVbAVqZC-7d1IakzzWclVx7rU4AbS3uk3WDLWUEBgSZb1p2betEOA8G9L1JO_2Wi6iUTM9cntTrhgtDfSbX9YxQm7HDu0Gg5YyrR5oDupB1dWcuenAqX6zexcCWeMebwzT7KKng_R8ynwPiiXB5aCEWlKBGRsDUKe1rqvL7waVFqUZw0jLWHg-Da55R9RlZibBsCSYQkUeHiBSKESeJGLqHmPx-pUJLaM7KobJ_ULaqujcrrndG6hjvS-mHMaVcVO4UVAkklRsgNflS4bsNOhsx2LzdqaimuQIZaBvuLB3jZVxdhlYPC0U_LlX2VNgBEjwruPA7TYXctdFlQYp9CIx9LXxCHqGK2k0nUMT9baLeE1Ffb5ZflZeg8vDIFzljVJ43rAZ4Ik3nNvYCf9WSKU7g.iXSYm7Cgu0wMmHme79485Q&query=Part+Time+Delivery+Driver&afdToken=ChMIjf3I-JSBkgMVOEHxAx1degIHEnYBlLqpj3D2uWM_PYz6D0nK-3mC1HrCTfx0hie4HjaMRFY5PjINhJyz33E5ua0wwd1xKSYl5wjcVeud0xQnMpHbsG27KTqfLq8kpHSLLng0reqC6sptcQuCn8_Br72pSfY-BEnbqMJVjNwudWjWGWl0kEFFZ0PTIAEyNQGxUlSqOYEJQYHEikksChDrXKlJFTZHGxdV8OtCF0QELtDnYlLZXsnPOSGZJAXxStBw0WPu&pcsa=false&nb=0
Title: Part Time Delivery Driver

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://delivery-jobs-21621.bond/ HTTP 307
https://delivery-jobs-21621.bond/ HTTP 307
http://delivery-jobs-21621.bond/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://d1t9jheyiyj1h6.cloudfront.net/themes/MobileCleanBlack_e01968e1/bg-inv.jpg HTTP 307
https://d1t9jheyiyj1h6.cloudfront.net/themes/MobileCleanBlack_e01968e1/bg-inv.jpg

Request Chain 4

http://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true HTTP 307
https://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
delivery-jobs-21621.bond/
Redirect Chain

http://delivery-jobs-21621.bond/
https://delivery-jobs-21621.bond/
http://delivery-jobs-21621.bond/

16 KB
7 KB

43ms
43ms

Document
text/html

185.53.179.142
TEAMINTERNET-AS T...

General

Check archive.org

Download Go to

Full URL: http://delivery-jobs-21621.bond/
Protocol: HTTP/1.1
Server: 185.53.179.142 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 55c0842cd95f78ebdd9b1ab4334559f86de6e3cea40539cf947ea55d55202ef6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Accept-Ch: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-Ch-Lifetime: 30
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 10 Jan 2026 14:17:58 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 0.0 Caddy
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_r85BEhCIBaUwnUkIeAbjJzTD8aGFl0Uo2PMjzrYtpb2Hqh691+Z7tT0iEwaij4FHlEgVqpbGLqafX80HzDQJTg==
X-Buckets: bucket009
X-Domain: delivery-jobs-21621.bond
X-Language: german
X-Pcrew-Blocked-Reason: hosting network
X-Pcrew-Ip-Organization: ProtonVPN
X-Subdomain
X-Template: tpl_MobileCleanBlack_twoclick

Redirect headers

Location: http://delivery-jobs-21621.bond/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 c4601e5f6cdd73216cafdd5af209201c.js Show response
euob.youstarsbuilding.com/sxp/i/ 118 KB
44 KB 53ms
15ms Script
text/javascript 13.35.58.37
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://euob.youstarsbuilding.com/sxp/i/c4601e5f6cdd73216cafdd5af209201c.js
Requested by: Host: delivery-jobs-21621.bond
URL: http://delivery-jobs-21621.bond/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-37.fra60.r.cloudfront.net
Software: Caddy /
Resource Hash: 5e40698cbb95aeef1569139580a58b0b03de6928cff3a05a8355a4bf456f17d5

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: http://delivery-jobs-21621.bond/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "1d632-xdKqBa42eGjBDr9/TD4K/JdKiEI"
age: 434
via: 1.1 f741e5a55bc5bd136ac1f5406bb11d88.cloudfront.net (CloudFront)
expires: Sun, 11 Jan 2026 02:10:44 GMT
x-cache: Hit from cloudfront
content-length: 44482
x-amz-cf-id: zoblefEqKEvmxlzYR7PKtr3GNtBHooILrUsd0eaaoEHsZj63SKZPFg==
date: Sat, 10 Jan 2026 14:17:58 GMT
content-type: text/javascript; charset=utf-8
vary: accept-encoding
server: Caddy
x-amz-cf-pop: FRA60-P10

GET
H/1.1 200
OK browserjs Show response
delivery-jobs-21621.bond/munin/a/tr/ 0
537 B 19ms
18ms XHR
text/html 185.53.179.142
TEAMINTERNET-AS T...

General

Check archive.org

Download Go to

Full URL: http://delivery-jobs-21621.bond/munin/a/tr/browserjs?domain=delivery-jobs-21621.bond&toggle=browserjs&uid=MTc2ODA1NDY3OC40ODgyOmIwNmM3NDY0OTBjMTAyYTVjZGVkYmFhMjI3YTVlM2JjMDQ0MjJkZmRjMzVmOTdlNjY5N2M1NTAxMWM4NGI1MDU6Njk2MjVmOTY3NzJlNg%3D%3D
Requested by: Host: delivery-jobs-21621.bond
URL: http://delivery-jobs-21621.bond/
Protocol: HTTP/1.1
Server: 185.53.179.142 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: http://delivery-jobs-21621.bond/

Response headers

Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Connection: keep-alive
Via: 0.0 Caddy
Accept-Ch-Lifetime: 30
X-Custom-Track: browserjs
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Sat, 10 Jan 2026 14:17:58 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx

GET

bg-inv.jpg
d1t9jheyiyj1h6.cloudfront.net/themes/MobileCleanBlack_e01968e1/
Redirect Chain

http://d1t9jheyiyj1h6.cloudfront.net/themes/MobileCleanBlack_e01968e1/bg-inv.jpg
https://d1t9jheyiyj1h6.cloudfront.net/themes/MobileCleanBlack_e01968e1/bg-inv.jpg

0
0

GET
H/1.1 201
Created ls Show response
delivery-jobs-21621.bond/munin/a/ 0
273 B 15ms
15ms XHR
text/plain 185.53.179.142
TEAMINTERNET-AS T...

General

Check archive.org

Download Go to

Full URL: http://delivery-jobs-21621.bond/munin/a/ls?t=69625f96&token=50d9dcebff1ae8d839c21d67c6a7f5ed0e3179b4
Requested by: Host: delivery-jobs-21621.bond
URL: http://delivery-jobs-21621.bond/
Protocol: HTTP/1.1
Server: 185.53.179.142 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: http://delivery-jobs-21621.bond/

Response headers

Access-Control-Max-Age: 86400
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Log-Success: 69625f9649915190eb999937
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Sat, 10 Jan 2026 14:17:58 GMT
Server: nginx

GET
H3

200

caf.js Show response
www.google.com/adsense/domains/
Redirect Chain

http://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true
https://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true

131 KB
48 KB

39ms
20ms

Script
text/javascript

142.250.185.164
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true

Requested by

Host: delivery-jobs-21621.bond
URL: http://delivery-jobs-21621.bond/

Protocol

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

sffe /

Resource Hash

bba0ca8e575e5ffe85c74ce7095312e1277a4ca2e67869f0adb5d7c7cff509b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: http://delivery-jobs-21621.bond/

Response headers

content-encoding: gzip
etag: "6734918961694859105"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options: nosniff
expires: Sat, 10 Jan 2026 14:17:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 10 Jan 2026 14:17:58 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
link: <https://syndicatedsearch.goog>; rel="preconnect"
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-xss-protection: 0
server: sffe

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true
Non-Authoritative-Reason: DNS

GET
H2 200 ct Show response
obseu.youstarsbuilding.com/ 3 KB
1 KB 160ms
75ms Script
text/javascript 3.248.162.96
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://obseu.youstarsbuilding.com/ct?id=77721&url=http%3A%2F%2Fdelivery-jobs-21621.bond%2F&sf=0&tpi=&ch=AdsDeli%20-%20referral%20-%20landingpage&uvid=50d9dcebff1ae8d839c21d67c6a7f5ed0e3179b4&tsf=0&tsfmi=&tsfu=&cb=1768054678705&hl=2&op=0&ag=1124057979&rand=94271600221105160128052658999795928209300098089418065119915188191170757598127660010026805959&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDMyMzVdLFsiYWJuY2giLDMyXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTUsIi0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstNDYsIjAiXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcImludGVsIGluYy5cIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMCAob3BlbmdsIGVzIGdsc2wgZXMgMS4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wIChvcGVuZ2wgZXMgMi4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJiZW5cIjo4LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MTkzMDgyMDI3OSxcInNlY1wiOlwiXCJ9Il0sWy0xLCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W119Il0sWy0xMywiLSJdLFstMjMsIisiXSxbLTM3LCItMTA5LTY2LTcwLSJdLFstNDIsIjg4MzM5OTAxNiJdLFstNDQsIjAsMCwwLDUiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUW9KQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZGJYQmtSVVUxTlNVb0RGaFpjVEZaYkYwQldURXBOV0V0S1cweFFWVjFRVjE0WFdsWlVGa3BCU1JaUUZsb05Ed2tJWEF4ZkQxcGRYUTRLQ3dnUFdsaGZYVjBNV0Y4TENRQUxDUWhhRjFOS0F3Z0RBUWdLREFzUUZWaE5HVXNaRVZGTlRVbEtBeFlXWEV4V1d4ZEFWa3hLVFZoTFNsdE1VRlZkVUZkZUYxcFdWQlpLUVVrV1VCWmFEUThKQ0Z3TVh3OWFYVjBPQ2dzSUQxcFlYMTFkREE9PSJdLFstMTgsIlswLDAsMCwxXSJdLFstMjcsIlswLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy02MiwiODAiXSxbLTQsIjxodG1sIGRhdGEtYWRibG9ja2tleT1cIk1Gd3dEUVlKS29aSWh2Y05BUUVCQlFBRFN3QXdTQUpCQUxxdURGRVRYUm4wSHIwNWZVUDdFSlQ3N3hZblBtUmJwTXk0dms4S1lpSG5rTnBlZG5qT0FOSmNhWERYY0tRSk4wblhLWkpMN1RjaUpEOEFvSFhLMTU4Q0F3RUFBUT09X3I4NUJFaENJQmFVd25Va0llQWJqSnpURDhhR0ZsMFVvMlBNanpyWXRwYjJIcWg2OTErWjd0VDBpRXdhaWo0RkhsRWdWcXBiR0xxYWZYODBIekRRSlRnPT1cIiB4bWxucz1cImh0dHA6Ly93d3cudzMub3JnLzE5OTkveGh0bWxcIiBsYW5nPVwiZGVcIj48aGVhZD5cbiAgICA8bWV0YSBodHRwLWVxdWl2PVwiQ29udGVudC1UeXBlXCIgY29udGVudD1cInRleHQvaHRtbDsgY2hhcnNldD11dGYtOFwiPlxuICAgIDxtZXRhIG5hbWU9XCJ2aWV3cG9ydFwiIGNvbnRlbnQ9XCJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSwgc2hyaW5rLXRvLWZpdD1ub1wiPlxuICAgIDx0aXRsZT5kZWxpdmVyeS1qb2JzLTIxNjIxLmJvbmQ8L3RpdGxlPlxuICAgICAgICA8c3R5bGUgbWVkaWE9XCJzY3JlZW5cIj5cbi5hc3NldF9zdGFyMCB7XG5cdGJhY2tncm91bmQ6IHVybCgnLy9kMXQ5amhleWl5ajFoNi5jbG91ZGZyb250Lm5ldC90aGVtZXMvYXNzZXRzL3N0YXIwLmdpZicpIG5vLXJlcGVhdCBjZW50ZXI7XG5cdHdpZHRoOiAxM3B4O1xuXHRoZWlnaHQ6IDEycHg7XG5cdGRpc3BsYXk6IGlubGluZS1ibG9jaztcbn1cblxuLmFzc2V0X3N0YXIxIHtcblx0YmFja2dyb3VuZDogdXJsKCcvL2QxdDlqaGV5aXlqMWg2LmNsb3VkZnJvbnQubmV0L3RoZW1lcy9hc3NldHMvc3RhcjEuZ2lmJykgbm8tcmVwZWF0IGNlbnRlcjtcblx0d2lkdGg6IDEzcHg7XG5cdGhlaWdodDogMTJweDtcblx0ZGlzcGxheTogaW5saW5lLWJsb2NrO1xufVxuXG4uYXNzZXRfc3Rhckgge1xuXHRiYWNrZ3JvdW5kOiB1cmwoJy8vZDF0OWpoZXlpeWoxaDYuY2xvdWRmcm9udC5uZXQvdGhlbWVzL2Fzc2V0cy9zdGFySC5naWYnKSBuby1yZXBlYXQgY2VudGVyO1xuXHR3aWR0aDogMTNweDtcblx0aGVpZ2h0OiAxMnB4O1xuXHRkaXNwbGF5OiBpbmxpbmUtYmxvY2s7XG59XG5cbi5zaXRlbGluayB7XG5cdHBhZGRpbmctcmlnaHQ6IDE2cHg7XG59XG5cbi5zZWxsZXJSYXRpbmdzIGE6bGluayxcbi5zZWxsZXJSYXRpbmdzIGE6dmlzaXRlZCxcbi5zZWxsZXJSYXRpbmdzIGE6aG92ZXIsXG4uc2VsbGVyUmF0aW5ncyBhOmFjdGl2ZSB7XG5cdHRleHQtZGVjb3JhdGlvbjogbm9uZTtcblx0Y3Vyc29yOiB0ZXh0O1xufVxuXG4uc2VsbGVyUmF0aW5ncyB7XG5cdG1hcmdpbjowIDAgM3B4IDIwcHg7XG59XG5cbi5zaXRlbGlua0hvbGRlciB7XG5cdG1hcmdpbjotMTVweCAwIDE1cHggMzVweDtcbn1cblxuI2FqYXhsb2FkZXJIb2xkZXIge1xuXHRkaXNwbGF5OiBibG9jaztcblx0d2lkdGg6IDI0cHg7XG5cdGhlaWdodDogMjRweDtcblx0YmFja2dyb3VuZDogI2ZmZjtcblx0cGFkZGluZzogOHB4IDAgMCA4cHg7XG5cdG1hcmdpbjoxMHB4IGF1dG87XG5cdC13ZWJraXQtYm9yZGVyLXJhZGl1czogNHB4O1xuXHQtbW96LWJvcmRlci1yYWRpdXM6IDRweDtcblx0Ym9yZGVyLXJhZGl1czogNHB4O1xufTwvc3R5bGU%2BICAgIDxzdHlsZSBtZWRpYT1cInNjcmVlblwiPlxuKiB7XG4gIG1hcmdpbjogMDtcbiAgYm94LXNpemluZzogY29udGVudC1ib3g7XG59XG5cbmJvZHkge1xuICB0ZXh0LWFsaWduOiBjZW50ZXI7XG4gIGZvbnQtZmFtaWx5OiBzYW5zLXNlcmlmO1xuICBiYWNrZ3JvdW5kOiAjMTAxYzM2O1xuICBjb2xvcjogIzYyNjU3NDtcbn1cblxuXG4uYmdIb2xkZXIge1xuICAgIGJhY2tncm91bmQ6IzEwMWMzNjtcbiAgICBiYWNrZ3JvdW5kLWltYWdlOiB1cmwoJy8vZDF0OWpoZXlpeWoxaDYuY2xvdWRmcm9udC5uZXQvdGhlbWVzL01vYmlsZUNsZWFuQmxhY2tfZTAxOTY4ZTEvYmctaW52LmpwZycpO1xuICAgIGJhY2tncm91bmQtcmVwZWF0OiBuby1yZXBlYXQ7XG4gICAgYmFja2dyb3VuZC1wb3NpdGlvbjogdG9wIGNlbnRlcjtcbiAgICBiYWNrZ3JvdW5kLWJsZW5kLW1vZGU6IHNjcmVlbjtcbiAgICBjb2xvcjogIzMyMzYzNDtcbiAgICBwYWRkaW5nOiAzcmVtIDA7XG4gICAgbWluLWhlaWdodDogNzEwcHg7XG59XG5cbmgxIHtcbiAgY29sb3I6ICM5YTlkYWQ7XG4gIG1hcmdpbi1ib3R0b206IDNyZW07XG59XG5cbiJdLFstMTQsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzIsIjIiXSxbLTYxLCItIl0sWy03MSwiYTAxMDAxMDExMDAxMDAxMDEwMDAxMDEwMDExMTExMDEwMDAwMTAiXSxbLTczLCJFaFE9Il0sWy0yLCI2LE5JU0FJSmhBNEpIUlVFUWNHQ0JRczJiRnl4ZTBWVUVDelk4SXFpWENzaUZ4VkZ4UUtpVjBHUW9paWlLTDBtb1JNZ1FNcVQ1R21uek14dS85K2FjODZUa3hCQS9OejM4OTczUDUiXSxbLTYsIntcIndcIjpbXCIxXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstMTIsIm51bGwiXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTI0LCJbXSJdLFstMjYsIntcInRqaHNcIjoxMDAwMDAwMCxcInVqaHNcIjoxMDAwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zNCwiLSJdLFstNDAsIjMzIl0sWy01OCwiLSJdLFstNjMsIjEiXSxbLTY2LCJnZW9sb2NhdGlvbixjaHVhZnVsbHZlcnNpb25saXN0LGNyb3Nzb3JpZ2luaXNvbGF0ZWQsc2NyZWVud2FrZWxvY2ssb25kZXZpY2VzcGVlY2hyZWNvZ25pdGlvbix0cmFuc2xhdG9yLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LHNoYXJlZHN0b3JhZ2VzZWxlY3R1cmwsY2h1YWFyY2gsY29tcHV0ZXByZXNzdXJlLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksZGVmZXJyZWRmZXRjaCx1c2IsY2hzYXZlZGF0YSxwdWJsaWNrZXljcmVkZW50aWFsc2NyZWF0ZSxzaGFyZWRzdG9yYWdlLGRlZmVycmVkZmV0Y2htaW5pbWFsLHJ1bmFkYXVjdGlvbixjaGRvd25saW5rLGNodWFmb3JtZmFjdG9ycyxvdHBjcmVkZW50aWFscyxwYXltZW50LGNodWEsY2h1YW1vZGVsLGNoZWN0LGF1dG9wbGF5LGNhbWVyYSxsYW5ndWFnZWRldGVjdG9yLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsZGlnaXRhbGNyZWRlbnRpYWxzZ2V0LGFjY2VsZXJvbWV0ZXIsY2h1YXBsYXRmb3JtdmVyc2lvbixpZGxlZGV0ZWN0aW9uLHByaXZhdGVhZ2dyZWdhdGlvbixpbnRlcmVzdGNvaG9ydCxjaHZpZXdwb3J0aGVpZ2h0LGNhcHR1cmVkc3VyZmFjZWNvbnRyb2wsbG9jYWxmb250cyxjaHVhcGxhdGZvcm0sbWlkaSxjaHVhZnVsbHZlcnNpb24seHJzcGF0aWFsdHJhY2tpbmcsY2xpcGJvYXJkcmVhZCxnYW1lcGFkLGRpc3BsYXljYXB0dXJlLGtleWJvYXJkbWFwLGpvaW5hZGludGVyZXN0Z3JvdXAsYXJpYW5vdGlmeSxjaHdpZHRoLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24sYnJvd3Npbmd0b3BpY3MsZW5jcnlwdGVkbWVkaWEsbG9jYWxuZXR3b3JrYWNjZXNzLGd5cm9zY29wZSxzZXJpYWwsY2hydHQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LHVubG9hZCxjaGRwcixjaHByZWZlcnNjb2xvcnNjaGVtZSxjaHVhd293NjQsYXR0cmlidXRpb25yZXBvcnRpbmcsZnVsbHNjcmVlbixpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixoaWQsc3VtbWFyaXplcixjaHVhYml0bmVzcyxzdG9yYWdlYWNjZXNzLHN5bmN4aHIsY2hkZXZpY2VtZW1vcnksY2h2aWV3cG9ydHdpZHRoLHBpY3R1cmVpbnBpY3R1cmUsbWFnbmV0b21ldGVyLGNsaXBib2FyZHdyaXRlLG1pY3JvcGhvbmUiXSxbLTc0LCIwLDAiXSxbLTM4LCJpLC0xLC0xLDMwMTYsMCwwLDAsMCwwLDQ3LC0xLDAsMzEyNCwzMTI0LDMyMTAsMzIxMCJdLFstMzUsIlsxNzY4MDU0Njc4NjcwLC0xXSJdLFstNTIsIi0iXSxbLTU1LCIwIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWy0xNywiMTAiXSxbLTI1LCItIl0sWy0yOSwiLSJdLFstNDEsIi0iXSxbLTUwLCItIl0sWy01NCwie1wiaFwiOltcIjMyOTk3Mjg0NTJcIixcIjgyMjgyMzExOVwiLFwiXzNcIixcIjE0NDEzNzAxMzJcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzBcIixcIjI2NDYwMzg4MlwiXSxcInNcIjoxfSJdLFstNTksImRlbmllZCJdLFstNzIsIkV4VT0iXSxbLTEwLCItIl0sWy0zMywiLSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy02NCwiLSJdLFstNzAsIi0iXSxbLTE5LCJbMTE3MCwxNTcwLDExNzAsMTU3MCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTI4NSwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDAsbnVsbF0iXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAwMTEwMTEwMTAwMTEwMTAwMDAwMTAxMTAiXSxbLTQ3LCJFdXJvcGUvQmVybGluLGRlLGxhdG4sZ3JlZ29yeSJdLFstNjcsIi0iXSxbImJuY2giLDk3XSxbLTcsIi0iXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2UsZmFsc2UsdHJ1ZV0iXSxbLTQ1LCI2MjAsNjc3LDAsMCwwLDU2MiwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00OCwiW1wiLVwiLFwiLVwiLFwiLVwiLFwiLVwiLFwiLVwiXSJdLFstNDksIi0iXSxbLTUxLCItIl0sWy01MywiMDAxIl0sWy02MCwyMDhdLFstNjUsIi0iXSxbLTY4LCItIl0sWy02OSwiTGludXggeDg2XzY0fEdvb2dsZSBJbmMufHwxMHwtfC0iXSxbImRkYiIsIjAsNiwwLDEsMSwxLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMyw3LDAsOSwxLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCw3LDAsMCwxLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDEsMSwxLDAsMCwxMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwxLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDUsMSwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl1d&dep=0&pre=0&sdd=&cri=kRX0Iet4tq&pto=3248&ver=65&gac=-&mei=&ap=&fe=1&duid=1.1768054678.HdsJIYn3HpoldIJJ&suid=1.1768054678.wgq2sP1hKc4conZh&tuid=1.1768054678.CbZXKdVK54dg0Ge1&fbc=-&gtm=-&it=8%2C3066%2C61&fbcl=-&gacl=-&gacsd=-&rtic=-&rtict=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D
Requested by: Host: euob.youstarsbuilding.com
URL: https://euob.youstarsbuilding.com/sxp/i/c4601e5f6cdd73216cafdd5af209201c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 3.248.162.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-162-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5db65efdc24d445dffacf399f5a983aafe2fe8fc8cb69d4b763bd7ef0e053029

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: http://delivery-jobs-21621.bond/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: http://delivery-jobs-21621.bond
content-encoding: gzip
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 1165
date: Sat, 10 Jan 2026 14:17:58 GMT
content-type: text/javascript

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 402 B
270 B 36ms
18ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=delivery-jobs-21621.bond&client=dp-teaminternet01&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

2e4a6df0647b36674abaf06c20b50c443254e6e9338c9830b8de53e680d0fab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: http://delivery-jobs-21621.bond/

Response headers

timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 249
date: Sat, 10 Jan 2026 14:17:58 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 ads Show response
syndicatedsearch.goog/afs/ Frame E183 16 KB
4 KB 182ms
154ms Document
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://syndicatedsearch.goog/afs/ads?sjk=5OAFAeL%2FRFmjpg86f4e7Qg%3D%3D&adtest=off&psid=8721831397&pcsa=false&channel=000001%2Cbucket009&client=dp-teaminternet01&r=m&hl=de&ivt=0&rpbu=http%3A%2F%2Fdelivery-jobs-21621.bond%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Y-1Dt9LZxOJP67jmy9ziFIfww54AX3QOJyPtitf0OsgFfNkovvpZcA.Bho4EgFinMLzF9OHcHuOSw.yDyCcvP205wVJPGH0vb0XkROjEylNtRMXMShmAyej_HEKd0FHPBidbOX6qed9ZwtTDJqX_8SLktyRflgvodLSPiEPGXdiNvIJrAXE96tuY9Va-Um5K17FZgWCzTENGLny6Tz98zG-ZZ8JzExzspw3n3Mu9o7DOoWEeYcGdtI2UhxREzR73me0saPMZVeUn6pVbAVqZC-7d1IakzzWclVx7rU4AbS3uk3WDLWUEBgSZb1p2betEOA8G9L1JO_2Wi6iUTM9cntTrhgtDfSbX9YxQm7HDu0Gg5YyrR5oDupB1dWcuenAqX6zexcCWeMebwzT7KKng_R8ynwPiiXB5aCEWlKBGRsDUKe1rqvL7waVFqUZw0jLWHg-Da55R9RlZibBsCSYQkUeHiBSKESeJGLqHmPx-pUJLaM7KobJ_ULaqujcrrndG6hjvS-mHMaVcVO4UVAkklRsgNflS4bsNOhsx2LzdqaimuQIZaBvuLB3jZVxdhlYPC0U_LlX2VNgBEjwruPA7TYXctdFlQYp9CIx9LXxCHqGK2k0nUMT9baLeE1Ffb5ZflZeg8vDIFzljVJ43rAZ4Ik3nNvYCf9WSKU7g.iXSYm7Cgu0wMmHme79485Q&type=3&swp=as-drid-oo-1808423912321928&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301266%2C72717107%2C17301544&format=r3&nocache=5181768054678718&num=0&output=afd_ads&domain_name=delivery-jobs-21621.bond&v=3&bsl=8&pac=2&u_his=2&u_tz=60&dt=1768054678720&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=920&frm=0&uio=-&cont=tc&drt=0&jsid=caf&nfp=1&jsv=842209568&rurl=http%3A%2F%2Fdelivery-jobs-21621.bond%2F

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

gws /

Resource Hash

a74d56e74498ecbe2f75a38129ec3be30765aea2126631768de8af6d3659eacf

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-cXMDY2I1PO21qLcwEiqUaw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: http://delivery-jobs-21621.bond/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ch: Downlink RTT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 3306
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-cXMDY2I1PO21qLcwEiqUaw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
date: Sat, 10 Jan 2026 14:17:58 GMT
expires: Sat, 10 Jan 2026 14:17:58 GMT
server: gws
x-xss-protection: 0

GET 50a1c980-0a5c-4b84-bf2f-4a0fe616b152
http://delivery-jobs-21621.bond/ 0
0

GET
H2 200 tc_imp.gif
obseu.youstarsbuilding.com/tracker/ 43 B
79 B 55ms
55ms Image
image/gif 3.248.162.96
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://obseu.youstarsbuilding.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126ce6c730ee418d959225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d59168a6f2617071a10acf9f29f674f85848c0e2a6d48f8712551866edb6a910c64002ac75a055c360d59ceeb6d4d77be26bb25cb43e29232f44c6eae0b337b16dd4dee41ec8bc59a7ee46a56a82b9eec47679c796e092818c5871d61eb72bffeaaba130af5429fc667bc638532904084052bbe4e78e465440429ae503ed79ffca8328828bf7d8557ec4b7274a7d43169230121e118f58109ac5d6ead83c6771e217dcf965d78c9df014b3545700115a79029687902bafb487d9cd6aa7cc9bc0e627e7dfdf7e7cd8772bddac059ed488e442c2098a988bfe436c188e469c56658d6fecf2e1c44f7636ea0941666bcdeaa20dc07fd15e4d618d053d9912ad63236919824d0798297aaaf9de5f1416eb26fbca4e57d0468e59536d2fd5fe91a1442ca5f5b83d2d084c1f18936856a9edeb38f38b62c3574947f2885999d0e7f81b928e541e6d315d651883d0c0b548c6eec439cd0ad3fe0d076870ce08bdbcb7789490435bd1e5a137f433e9fec40b254f2cb892fe7d127ed9728dd92f9fd73cdffa55165728ee25241c9b40c5d42baacee37e263cdbb18b6bf70a076b26f874fc64386db609e4f79a0d7c674352d7d1136190a45d9bdd5398c46ce115c493be5a653cdda441ef4d3dcb9b570c3ede4ff81e4aeed564c3bf25b9bb75a66ee5f774f923a096366e47ab1771ec4e3c1668e66d02d95d3788ec274f0250c59605d2047e5ba9ec9206916df411187d9cbbaaecb540396b0b87990c87b659f85533e2a9990812d72b374da01f542f12389569e9147eab020e38589d59e4f62eae43d648a68d5dfdac36dc80a4f1301c03f4327e4a24d93fe568acf89c23fa09b95714a6e55b43db717fe04f6d015c96112651865231db40dd7de6d47b36ddcb5a1609bdd478f777ab3033c71cefadb0b46fc31a8db52c80d320343a0296cdfedc562cb4b2cc5c640f0cdd7fe9c50851e067757e07d2651958c1e03f96fa5eccb2d93c1b558086ea86b3c1a558c055ae499e71911937e6391d3de07dbdee48a057ea622e2441316be127c2c8e895a1699dcb587bef146ac&cri=kRX0Iet4tq&ts=173&cb=1768054678878
Requested by: Host: delivery-jobs-21621.bond
URL: http://delivery-jobs-21621.bond/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 3.248.162.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-162-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: http://delivery-jobs-21621.bond/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Sat, 10 Jan 2026 14:17:58 GMT
pragma: no-cache
content-type: image/gif

GET 1f4ab520-168a-48d5-89ef-0956d27c77ac
http://delivery-jobs-21621.bond/ 0
0

GET
H2 200 caf.js Show response
syndicatedsearch.goog/adsense/domains/ Frame E183 131 KB
49 KB 20ms
19ms Script
text/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://syndicatedsearch.goog/adsense/domains/caf.js?pac=2

Requested by

Host: syndicatedsearch.goog
URL: https://syndicatedsearch.goog/afs/ads?sjk=5OAFAeL%2FRFmjpg86f4e7Qg%3D%3D&adtest=off&psid=8721831397&pcsa=false&channel=000001%2Cbucket009&client=dp-teaminternet01&r=m&hl=de&ivt=0&rpbu=http%3A%2F%2Fdelivery-jobs-21621.bond%2F%3Fts%3DeyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.Y-1Dt9LZxOJP67jmy9ziFIfww54AX3QOJyPtitf0OsgFfNkovvpZcA.Bho4EgFinMLzF9OHcHuOSw.yDyCcvP205wVJPGH0vb0XkROjEylNtRMXMShmAyej_HEKd0FHPBidbOX6qed9ZwtTDJqX_8SLktyRflgvodLSPiEPGXdiNvIJrAXE96tuY9Va-Um5K17FZgWCzTENGLny6Tz98zG-ZZ8JzExzspw3n3Mu9o7DOoWEeYcGdtI2UhxREzR73me0saPMZVeUn6pVbAVqZC-7d1IakzzWclVx7rU4AbS3uk3WDLWUEBgSZb1p2betEOA8G9L1JO_2Wi6iUTM9cntTrhgtDfSbX9YxQm7HDu0Gg5YyrR5oDupB1dWcuenAqX6zexcCWeMebwzT7KKng_R8ynwPiiXB5aCEWlKBGRsDUKe1rqvL7waVFqUZw0jLWHg-Da55R9RlZibBsCSYQkUeHiBSKESeJGLqHmPx-pUJLaM7KobJ_ULaqujcrrndG6hjvS-mHMaVcVO4UVAkklRsgNflS4bsNOhsx2LzdqaimuQIZaBvuLB3jZVxdhlYPC0U_LlX2VNgBEjwruPA7TYXctdFlQYp9CIx9LXxCHqGK2k0nUMT9baLeE1Ffb5ZflZeg8vDIFzljVJ43rAZ4Ik3nNvYCf9WSKU7g.iXSYm7Cgu0wMmHme79485Q&type=3&swp=as-drid-oo-1808423912321928&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301266%2C72717107%2C17301544&format=r3&nocache=5181768054678718&num=0&output=afd_ads&domain_name=delivery-jobs-21621.bond&v=3&bsl=8&pac=2&u_his=2&u_tz=60&dt=1768054678720&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=920&frm=0&uio=-&cont=tc&drt=0&jsid=caf&nfp=1&jsv=842209568&rurl=http%3A%2F%2Fdelivery-jobs-21621.bond%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

sffe /

Resource Hash

d487126f9d1693af90f9f32215dc61fc1fa835e4b1d93746abc70d50ef2305af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://syndicatedsearch.goog/

Response headers

content-encoding: gzip
etag: "13662037234159212717"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options: nosniff
expires: Sat, 10 Jan 2026 14:17:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 10 Jan 2026 14:17:58 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
link: <https://syndicatedsearch.goog>; rel="preconnect"
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK yes Show response
delivery-jobs-21621.bond/munin/a/tr/answercheck/ 0
539 B 19ms
18ms XHR
text/html 185.53.179.142
TEAMINTERNET-AS T...

General

Check archive.org

Download Go to

Full URL: http://delivery-jobs-21621.bond/munin/a/tr/answercheck/yes?domain=delivery-jobs-21621.bond&caf=1&toggle=answercheck&answer=yes&uid=MTc2ODA1NDY3OC40ODgyOmIwNmM3NDY0OTBjMTAyYTVjZGVkYmFhMjI3YTVlM2JjMDQ0MjJkZmRjMzVmOTdlNjY5N2M1NTAxMWM4NGI1MDU6Njk2MjVmOTY3NzJlNg%3D%3D
Requested by: Host: delivery-jobs-21621.bond
URL: http://delivery-jobs-21621.bond/
Protocol: HTTP/1.1
Server: 185.53.179.142 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: http://delivery-jobs-21621.bond/

Response headers

Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Connection: keep-alive
Via: 0.0 Caddy
Accept-Ch-Lifetime: 30
X-Custom-Track: answercheck
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Sat, 10 Jan 2026 14:17:58 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx

GET
H/1.1 200
OK adloaded Show response
delivery-jobs-21621.bond/munin/a/tr/ 0
536 B 18ms
18ms XHR
text/html 185.53.179.142
TEAMINTERNET-AS T...

General

Check archive.org

Download Go to

Full URL: http://delivery-jobs-21621.bond/munin/a/tr/adloaded?toggle=adloaded&uid=MTc2ODA1NDY3OC40ODgyOmIwNmM3NDY0OTBjMTAyYTVjZGVkYmFhMjI3YTVlM2JjMDQ0MjJkZmRjMzVmOTdlNjY5N2M1NTAxMWM4NGI1MDU6Njk2MjVmOTY3NzJlNg%3D%3D&domain=delivery-jobs-21621.bond&data=%7B%22containerName%22%3A%22tc%22%2C%22adsLoaded%22%3Atrue%2C%22callbackOptions%22%3A%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-teaminternet01%22%2C%22adult%22%3Afalse%7D%7D%2C%22terms%22%3A%22%22%7D
Requested by: Host: delivery-jobs-21621.bond
URL: http://delivery-jobs-21621.bond/
Protocol: HTTP/1.1
Server: 185.53.179.142 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: http://delivery-jobs-21621.bond/

Response headers

Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Connection: keep-alive
Via: 0.0 Caddy
Accept-Ch-Lifetime: 30
X-Custom-Track: adloaded
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Sat, 10 Jan 2026 14:17:59 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx

GET
H2 200 search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame E183 391 B
383 B 50ms
16ms Image
image/svg+xml 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff

Requested by

Host: delivery-jobs-21621.bond
URL: http://delivery-jobs-21621.bond/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://syndicatedsearch.goog/

Response headers

content-encoding: gzip
age: 9446
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
x-content-type-options: nosniff
expires: Sun, 11 Jan 2026 10:40:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 10 Jan 2026 11:40:33 GMT
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cache-control: public, max-age=82800
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
accept-ranges: bytes
content-length: 270
x-xss-protection: 0
server: sffe

GET
H2 200 call_to_action_arrow.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame E183 444 B
804 B 45ms
12ms Image
image/svg+xml 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff

Requested by

Host: delivery-jobs-21621.bond
URL: http://delivery-jobs-21621.bond/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://syndicatedsearch.goog/

Response headers

content-encoding: gzip
age: 66154
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
x-content-type-options: nosniff
expires: Sat, 10 Jan 2026 18:55:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 09 Jan 2026 19:55:25 GMT
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cache-control: public, max-age=82800
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
accept-ranges: bytes
content-length: 278
x-xss-protection: 0
server: sffe

POST
H2 200 mon Show response
obseu.youstarsbuilding.com/ 0
153 B 64ms
61ms XHR
application/json 3.248.162.96
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://obseu.youstarsbuilding.com/mon
Requested by: Host: euob.youstarsbuilding.com
URL: https://euob.youstarsbuilding.com/sxp/i/c4601e5f6cdd73216cafdd5af209201c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 3.248.162.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-162-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: application/x-www-form-urlencoded
Referer: http://delivery-jobs-21621.bond/

Response headers

access-control-allow-origin: http://delivery-jobs-21621.bond
content-length: 0
date: Sat, 10 Jan 2026 14:17:59 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

GET
H2 204 gen_204
syndicatedsearch.goog/afs/ 0
357 B 51ms
29ms Image
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet01&output=uds_ads_only&zx=ib33k2roetsf&cd_fexp=72717107%2C17301544&aqid=ll9iaaiTMr29juwPttPLmAE&psid=8721831397&pbt=bs&adbx=467&adby=119&adbh=462&adbw=666&adbah=145%2C145%2C145&adbn=master-1&eawp=partner-dp-teaminternet01&errv=842209568&csala=5%7C0%7C197%7C33%7C40&lle=0&ifv=1&hpt=1

Requested by

Host: delivery-jobs-21621.bond
URL: http://delivery-jobs-21621.bond/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-P9AHgl3UQk30qREwSJGYsw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: http://delivery-jobs-21621.bond/

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-P9AHgl3UQk30qREwSJGYsw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 10 Jan 2026 14:18:00 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: gws
x-frame-options: SAMEORIGIN

GET
H2 204 gen_204
syndicatedsearch.goog/afs/ 0
209 B 55ms
34ms Image
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://syndicatedsearch.goog/afs/gen_204?client=dp-teaminternet01&output=uds_ads_only&zx=wdy8sikvkqng&cd_fexp=72717107%2C17301544&aqid=ll9iaaiTMr29juwPttPLmAE&psid=8721831397&pbt=bv&adbx=467&adby=119&adbh=462&adbw=666&adbah=145%2C145%2C145&adbn=master-1&eawp=partner-dp-teaminternet01&errv=842209568&csala=5%7C0%7C197%7C33%7C40&lle=0&ifv=1&hpt=1

Requested by

Host: delivery-jobs-21621.bond
URL: http://delivery-jobs-21621.bond/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-BAiuemMFVyuWU027eTdKYA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: http://delivery-jobs-21621.bond/

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-BAiuemMFVyuWU027eTdKYA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 10 Jan 2026 14:18:00 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: gws
x-frame-options: SAMEORIGIN

POST
H2 200 mon Show response
obseu.youstarsbuilding.com/ 0
39 B 61ms
57ms XHR
application/json 3.248.162.96
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://obseu.youstarsbuilding.com/mon
Requested by: Host: euob.youstarsbuilding.com
URL: https://euob.youstarsbuilding.com/sxp/i/c4601e5f6cdd73216cafdd5af209201c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 3.248.162.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-162-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: application/x-www-form-urlencoded
Referer: http://delivery-jobs-21621.bond/

Response headers

access-control-allow-origin: http://delivery-jobs-21621.bond
content-length: 0
date: Sat, 10 Jan 2026 14:18:01 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d1t9jheyiyj1h6.cloudfront.net
URL: https://d1t9jheyiyj1h6.cloudfront.net/themes/MobileCleanBlack_e01968e1/bg-inv.jpg

Domain: delivery-jobs-21621.bond
URL: blob:http://delivery-jobs-21621.bond/50a1c980-0a5c-4b84-bf2f-4a0fe616b152

Domain: delivery-jobs-21621.bond
URL: blob:http://delivery-jobs-21621.bond/1f4ab520-168a-48d5-89ef-0956d27c77ac

Verdicts & Comments Add Verdict or Comment

17 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.delivery-jobs-21621.bond/	1970-01-21 13:18:58	Name: _cq_duid Value: 1.1768054678.HdsJIYn3HpoldIJJ
.delivery-jobs-21621.bond/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1768054678.wgq2sP1hKc4conZh
.delivery-jobs-21621.bond/	1970-01-21 20:29:10	Name: __gsas Value: ID=b58fd100f2008efd:T=1768054678:RT=1768054678:S=ALNI_MZ3a51umDYz76X4onYHTutH63LeAA
obseu.youstarsbuilding.com/	1970-01-21 19:11:25	Name: cg_uuid Value: 677596bc69be1e48f8d59d8533968e62

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://delivery-jobs-21621.bond/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A05300C4190000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
worker	verbose	URL: blob:http://delivery-jobs-21621.bond/50a1c980-0a5c-4b84-bf2f-4a0fe616b152(Line 1) Message: Error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
d1t9jheyiyj1h6.cloudfront.net
delivery-jobs-21621.bond
euob.youstarsbuilding.com
obseu.youstarsbuilding.com
partner.googleadservices.com
syndicatedsearch.goog
www.google.com
d1t9jheyiyj1h6.cloudfront.net
delivery-jobs-21621.bond
13.35.58.37
142.250.185.161
142.250.185.164
185.53.179.142
216.58.206.34
216.58.206.46
3.248.162.96
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
2e4a6df0647b36674abaf06c20b50c443254e6e9338c9830b8de53e680d0fab1
5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e
55c0842cd95f78ebdd9b1ab4334559f86de6e3cea40539cf947ea55d55202ef6
5db65efdc24d445dffacf399f5a983aafe2fe8fc8cb69d4b763bd7ef0e053029
5e40698cbb95aeef1569139580a58b0b03de6928cff3a05a8355a4bf456f17d5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a74d56e74498ecbe2f75a38129ec3be30765aea2126631768de8af6d3659eacf
bba0ca8e575e5ffe85c74ce7095312e1277a4ca2e67869f0adb5d7c7cff509b8
d487126f9d1693af90f9f32215dc61fc1fa835e4b1d93746abc70d50ef2305af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

delivery-jobs-21621.bond 185.53.179.142 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

21 Requests

57 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

8 IPs

3 Countries

157 kBTransfer

415 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

17 JavaScript Window variables

4 Cookies

2 Console Messages

Indicators

delivery-jobs-21621.bond
185.53.179.142 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

21
Requests

57 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

157 kB
Transfer

415 kB
Size

4
Cookies

21 HTTP transactions
0 data transactions