urlscan.io logo urlscan.io
SecurityTrails logo

lp1s.stop-ads.xyz Open in urlscan Pro
2606:4700:3034::ac43:b1c2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hotailo.com/
Effective URL: https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=zkpLYZLb3xCQPM3PcFv6NEsmsKqRTjztlZHdxVeuLK_xm0mh6L6a7MB7jttkr...
Submission: On December 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3034::ac43:b1c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp1s.stop-ads.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 4th 2021. Valid for: a year.
This is the only time lp1s.stop-ads.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 74.206.228.78 27257 (WEBAIR-IN...)
2 2 173.192.101.30 36351 (SOFTLAYER)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 5
2    74.206.228.78 (United States)

ASN27257 (WEBAIR-INTERNET, US)
hotailo.com
2    173.192.101.30 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 1e.65.c0ad.ip4.static.sl-reverse.com
mybestdl.com
p226681.mybestdl.com
2    2606:4700:3035::6815:253b (United States)

ASN13335 (CLOUDFLARENET, US)
track.sparta-tracking.xyz
2    2606:4700:3034::ac43:b1c2 (United States)

ASN13335 (CLOUDFLARENET, US)
lp1s.stop-ads.xyz
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
2 fonts.gstatic.com fonts.googleapis.com
2 lp1s.stop-ads.xyz hotailo.com
lp1s.stop-ads.xyz
2 track.sparta-tracking.xyz 2 redirects
2 hotailo.com
1 fonts.googleapis.com lp1s.stop-ads.xyz
1 p226681.mybestdl.com 1 redirects
1 mybestdl.com 1 redirects
7 7

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-04 -
2022-12-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=zkpLYZLb3xCQPM3PcFv6NEsmsKqRTjztlZHdxVeuLK_xm0mh6L6a7MB7jttkrJvSDP6TNH6cBNBnctqQZ0Yt86EnPu8UQp1RiZ42hWGqEMCtbejYBEhwOW6_Dj11pJ0yEzEOzYsCMythN_WX5OA_-cfIItLyhAxdXivbtaj-59TzBAETwvJeuIfQAPVzuIRcX5NgYrbPz6rf0E98fT7eVijj6MAq-U_6fjEHf_75tScNmLnV2pB939_aGu4qHUU9WCMOjdjf1s21UDxQq3froIzWEZuoKMahEFXcHiR1s4KwKlgWq4Z7W_uPnsHPrcbOTvWFPq7FtQkH4Hj2HqlzUMXtdE_lQApNBzYqNbDTevo-S50Pg_8QbuqUGSYBXGNMlwO4XAvTfdDpb2QVuBavxuv6XmYqbz6aP9hAbG_zDZrd2wK5r8Pm1iA-eMzJH74cl-4ELYhamjE8_k-5SYbat8TOt3iYnosNDrYadoSUP1oCZFRk_7vmzl8C0s6q32JaRb_fTqW6Bjxnpx4qL2gtKopMegXtPIYzq6NzwWmkHE0&lptoken=16ad399e79f7115b12ee&keyword=hotailo.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440514653&bid=0.006334&clickid=87784004389
Frame ID: 979CACFDFC07FEC9D5FEDC038FDC5405
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AdBlocker and Privacy Protector

Page URL History Show full URLs

  1. http://hotailo.com/ Page URL
  2. http://hotailo.com/ Page URL
  3. https://mybestdl.com/aS/feedclick?s=Un8YNmzNixpndAYfZXLGLVc8RMlCrR9kjTr2aHMUJLVKhuV_szM-pIr2tDB7Y... HTTP 302
    https://p226681.mybestdl.com/adServe/domainClick?ai=IMh5EoW_2OqsOIqecBMktR7-5erJvz6KnvLvpxFj3Hp8ZxTLpvqm1... HTTP 302
    http://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=hotailo.com&geo=DE&campaignname... HTTP 301
    https://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=hotailo.com&geo=DE&campaignname... HTTP 302
    https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=zkpLYZLb3xCQPM3PcFv6NEsmsKqRTjztlZHdxVeuL... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

7
Requests

71 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

50 kB
Transfer

89 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hotailo.com/ Page URL
  2. http://hotailo.com/ Page URL
  3. https://mybestdl.com/aS/feedclick?s=Un8YNmzNixpndAYfZXLGLVc8RMlCrR9kjTr2aHMUJLVKhuV_szM-pIr2tDB7YixDrtKGeLDN2bDp6O7CY8H5otvV17wkvfiSxVzUh4G27zBEILwODnH1BtwnGVlb7m4kgS41QDYTbhAEysjXg8JANJjEIILW_3V7XWOpnxryNlxP7XKGysDWNRRUAAirCM5YAi47qWIdI-92T-PI87eLbfY0y5xOq9sjy6DOGgrMoHf45uuUy9VwYg6QjQ-fYLiYovloyEEOKruTzbtP7Pzfif5sHddJHmkllwc8ShIRA2WQhjwHaCBKoNILLwMmYBA6Jbfy5cSUNdJaV3nEsbTh_PXx5uDjOgMBf0FDAvklwAeifVY9qUhPVExQ_4d7MHYFwziGYlxP9grCVnJ2zDc59XwmYFr3yImrYTi2_WhoWdc6QTAoBPZa6fwnKynRUBLyGGS3DJ2VXCQ4_dP5kUyqod7UGShm_gP7SjKe8nhEd7WKnMIzkTm5Q09UsqRE7V7IdApVoPw963_fCyxlBBeT_8q3OInmzd0sr49a_m6hjfcXuRIYndCTh99W1zAsQJ885SyOezC02GV1v2pjSew1TroMFETnMb3Tgw50QXq653CH1TkXwiSYsj-nJH_rfXUFnNcXVAC2o6GLBJcotNsVbAgGA7ZWmrpHl-h-3cVJi9lJAf1J0IEEmOr8nR0dmFv79UFQh4G_aBO9pCCM_QdgUWepPgdDvE-i64QUE7Jb80HdCCLKA6k8aZpswi-ffhQu0Va1VVGyCnn_uHS0ST0oQ-A-bZM_C18my560dQ0oB-Y0FBjLmvq3iqVMfXcTg2Dyscys1Wj6QkpHhffq24GwP5nEw3ztAXadbC7TkocrUen-RBioRpWg1vAr-KVHY2Z0AmrH2rvpR_QWBGl-WqKPf4Bg0x6IHLLbXqVLr8PdHCT5TdiRXAwtueHKCeSvjBOIqB6NUit6FEYLRbLirBn0pRRqtuLepC4vvSYRtiIxWw20av571A0kNA8rwUlscuiC9omthde0sMn2BAYqfI8ZNaCeAD1IvhNaP8sUppB90IhXvMYORdOEXp_FHNfEhKooIbr4ScI-uON36n1-VC-CuKifHwHvWXoIxb8tkShtl8myBJmW7EcHPTumAeTpY7x42mqi9EcDwDmFCjhA5kocz4dfzLroTowgOMWmM7434rq28Q4vrUMVei5vueY2JqP3hhRgl11k0YQUeZBwbSQFOtIzwAmKbkwqaW_71CtbnC2pyY2naJUH7aqbdNdaNpTQ2inStXbFNWata2TkZIOd7paY-FP3CVvaRx3gPpf0V8PMHnKoOrS1ubb5J2fz31MKj0IncEdlGhFQuPg7wo2hnx8MK1W3Ay9CUSPPu9YD0cMGO3eGH5Nb8rsah8d7fuNkFI1K2nWm-AroLihti-cAwJ4Xou6u6UkGrd0OcIEX6rkm7q-HeDFTTQ5RUDuR6cw8o-ZqOwQ7Uunmh6y2RNxf5w HTTP 302
    https://p226681.mybestdl.com/adServe/domainClick?ai=IMh5EoW_2OqsOIqecBMktR7-5erJvz6KnvLvpxFj3Hp8ZxTLpvqm1QHrxXYXZoLbhPpxjulGH-k_RFaBcwr6-p1LGVWYVlTz_tvSyZhB3Zme2-kMvWtZh04izcTTY_t9bubLPl7tr4p0rA4-rhfUibF7fDyzZydPN2aRlCqoFtQtYnhC53iWZnSsDj6uF9SJO_Q7McWmjiKna92SwvZm9EVihDlKu6ts9eKeKx3u6BqpTNp5iFKPCjjDN7hxoakO8B0PF81k4VXFZ8E78-CR_0uP2HF_RImTS1V9Rt9xcBTZ2BGyX9whJ2HNq8kR-jp6x5WrgZj24V0RITLTjXCCEysCBXZHi5sjKH7xdaNgjm51UP3SZS6lflWQdFTAZXOx7j-HGqYGJ1nfj8RQEHtPdbkcEcAYjxpLzaW7ekQCApit3Q5wgRfqucSpXKgY1Of-L6aWSeREqRE&ui=Un8YNmzNixpndAYfZXLGLQ2PDc-S0YhkIaIc3yOo5HK58PNbCMZ5m9sSvsXWWrX4kC7Vfl4p57mo4hIAsOVgsiOd0_tc80NmDUL0ZOz-TQWjMmqdCp5ovw&si=1&oref=06b42445a5c968e35058fb9928d7ac88&optunit=HwwrVbcDL0LomJ5wtw7vIA&rb=4Y2ZFUJ9pe8&rr=1&abtg=0 HTTP 302
    http://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=hotailo.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440514653&bid=0.006334&clickid=87784004389 HTTP 301
    https://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=hotailo.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440514653&bid=0.006334&clickid=87784004389 HTTP 302
    https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=zkpLYZLb3xCQPM3PcFv6NEsmsKqRTjztlZHdxVeuLK_xm0mh6L6a7MB7jttkrJvSDP6TNH6cBNBnctqQZ0Yt86EnPu8UQp1RiZ42hWGqEMCtbejYBEhwOW6_Dj11pJ0yEzEOzYsCMythN_WX5OA_-cfIItLyhAxdXivbtaj-59TzBAETwvJeuIfQAPVzuIRcX5NgYrbPz6rf0E98fT7eVijj6MAq-U_6fjEHf_75tScNmLnV2pB939_aGu4qHUU9WCMOjdjf1s21UDxQq3froIzWEZuoKMahEFXcHiR1s4KwKlgWq4Z7W_uPnsHPrcbOTvWFPq7FtQkH4Hj2HqlzUMXtdE_lQApNBzYqNbDTevo-S50Pg_8QbuqUGSYBXGNMlwO4XAvTfdDpb2QVuBavxuv6XmYqbz6aP9hAbG_zDZrd2wK5r8Pm1iA-eMzJH74cl-4ELYhamjE8_k-5SYbat8TOt3iYnosNDrYadoSUP1oCZFRk_7vmzl8C0s6q32JaRb_fTqW6Bjxnpx4qL2gtKopMegXtPIYzq6NzwWmkHE0&lptoken=16ad399e79f7115b12ee&keyword=hotailo.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440514653&bid=0.006334&clickid=87784004389 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hotailo.com/ 		350 B
449 B 		Document
General
Check archive.org
Download Go to
Full URL
http://hotailo.com/
Protocol
HTTP/1.1
Server
74.206.228.78 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8f8bad45af343a49ea6a27cc69b34c06deaac0565301abebef95b5115350df59

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.18.0
Date
Sat, 18 Dec 2021 01:01:51 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
/
hotailo.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hotailo.com/
Protocol
HTTP/1.1
Server
74.206.228.78 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
Origin
http://hotailo.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://hotailo.com/

Response headers

Server
nginx/1.18.0
Date
Sat, 18 Dec 2021 01:01:51 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip
Primary Request /
lp1s.stop-ads.xyz/
Redirect Chain
  • https://mybestdl.com/aS/feedclick?s=Un8YNmzNixpndAYfZXLGLVc8RMlCrR9kjTr2aHMUJLVKhuV_szM-pIr2tDB7YixDrtKGeLDN2bDp6O7CY8H5otvV17wkvfiSxVzUh4G27zBEILwODnH1BtwnGVlb7m4kgS41QDYTbhAEysjXg8JANJjEIILW_3V7X...
  • https://p226681.mybestdl.com/adServe/domainClick?ai=IMh5EoW_2OqsOIqecBMktR7-5erJvz6KnvLvpxFj3Hp8ZxTLpvqm1QHrxXYXZoLbhPpxjulGH-k_RFaBcwr6-p1LGVWYVlTz_tvSyZhB3Zme2-kMvWtZh04izcTTY_t9bubLPl7tr4p0rA4-r...
  • http://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=hotailo.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440514653&b...
  • https://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=hotailo.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440514653&...
  • https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=zkpLYZLb3xCQPM3PcFv6NEsmsKqRTjztlZHdxVeuLK_xm0mh6L6a7MB7jttkrJvSDP6TNH6cBNBnctqQZ0Yt86EnPu8UQp1RiZ42hWGqEMCtbejYBEhwOW6_Dj11pJ0yEzEOzYsC...
43 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=zkpLYZLb3xCQPM3PcFv6NEsmsKqRTjztlZHdxVeuLK_xm0mh6L6a7MB7jttkrJvSDP6TNH6cBNBnctqQZ0Yt86EnPu8UQp1RiZ42hWGqEMCtbejYBEhwOW6_Dj11pJ0yEzEOzYsCMythN_WX5OA_-cfIItLyhAxdXivbtaj-59TzBAETwvJeuIfQAPVzuIRcX5NgYrbPz6rf0E98fT7eVijj6MAq-U_6fjEHf_75tScNmLnV2pB939_aGu4qHUU9WCMOjdjf1s21UDxQq3froIzWEZuoKMahEFXcHiR1s4KwKlgWq4Z7W_uPnsHPrcbOTvWFPq7FtQkH4Hj2HqlzUMXtdE_lQApNBzYqNbDTevo-S50Pg_8QbuqUGSYBXGNMlwO4XAvTfdDpb2QVuBavxuv6XmYqbz6aP9hAbG_zDZrd2wK5r8Pm1iA-eMzJH74cl-4ELYhamjE8_k-5SYbat8TOt3iYnosNDrYadoSUP1oCZFRk_7vmzl8C0s6q32JaRb_fTqW6Bjxnpx4qL2gtKopMegXtPIYzq6NzwWmkHE0&lptoken=16ad399e79f7115b12ee&keyword=hotailo.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440514653&bid=0.006334&clickid=87784004389
Requested by
Host: hotailo.com
URL: http://hotailo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b1c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9e7264f6da9e91a22278f28897cf262813ea77bf7dca8b1d5dd36721c5ba8d6
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://hotailo.com/

Response headers

date
Sat, 18 Dec 2021 01:01:52 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
ALLOWALL
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Authorization
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtEjY8ujD4VfpY7oXBkWDYn0gEU%2BiIznzwbUkabaUY3uCr4xPOygx2lneti%2Fp2W1ubgjsvMdq5g1RivY1WSaFwCP7wbjjRKRyK%2FpW0ZM0QKZoKNMMsx%2FeE4GrcZuUUO0FAUFdtMF9AXMoxWxFLtNBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6bf47662ae7f59b9-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sat, 18 Dec 2021 01:01:52 GMT
content-length
0
location
https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=zkpLYZLb3xCQPM3PcFv6NEsmsKqRTjztlZHdxVeuLK_xm0mh6L6a7MB7jttkrJvSDP6TNH6cBNBnctqQZ0Yt86EnPu8UQp1RiZ42hWGqEMCtbejYBEhwOW6_Dj11pJ0yEzEOzYsCMythN_WX5OA_-cfIItLyhAxdXivbtaj-59TzBAETwvJeuIfQAPVzuIRcX5NgYrbPz6rf0E98fT7eVijj6MAq-U_6fjEHf_75tScNmLnV2pB939_aGu4qHUU9WCMOjdjf1s21UDxQq3froIzWEZuoKMahEFXcHiR1s4KwKlgWq4Z7W_uPnsHPrcbOTvWFPq7FtQkH4Hj2HqlzUMXtdE_lQApNBzYqNbDTevo-S50Pg_8QbuqUGSYBXGNMlwO4XAvTfdDpb2QVuBavxuv6XmYqbz6aP9hAbG_zDZrd2wK5r8Pm1iA-eMzJH74cl-4ELYhamjE8_k-5SYbat8TOt3iYnosNDrYadoSUP1oCZFRk_7vmzl8C0s6q32JaRb_fTqW6Bjxnpx4qL2gtKopMegXtPIYzq6NzwWmkHE0&lptoken=16ad399e79f7115b12ee&keyword=hotailo.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440514653&bid=0.006334&clickid=87784004389
cache-control
no-store, no-cache, pre-check=0, post-check=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0z4urN4ODAAH1mOpq3UpkcBHvhiZloI5DQw3T0MFt7neBRDhqvcmwT5FhztqhrQ0KDkjAoY%2BIyGCPyBeLIhoJxB4YAy%2BmDlgC%2FpyYZXboLGNOgJiIkQWZ9I42BBbDsU5xvej3Vp6iAwFpiSz92XoPUdMmjRaTRkC"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6bf47661fd985995-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: lp1s.stop-ads.xyz
URL: https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=zkpLYZLb3xCQPM3PcFv6NEsmsKqRTjztlZHdxVeuLK_xm0mh6L6a7MB7jttkrJvSDP6TNH6cBNBnctqQZ0Yt86EnPu8UQp1RiZ42hWGqEMCtbejYBEhwOW6_Dj11pJ0yEzEOzYsCMythN_WX5OA_-cfIItLyhAxdXivbtaj-59TzBAETwvJeuIfQAPVzuIRcX5NgYrbPz6rf0E98fT7eVijj6MAq-U_6fjEHf_75tScNmLnV2pB939_aGu4qHUU9WCMOjdjf1s21UDxQq3froIzWEZuoKMahEFXcHiR1s4KwKlgWq4Z7W_uPnsHPrcbOTvWFPq7FtQkH4Hj2HqlzUMXtdE_lQApNBzYqNbDTevo-S50Pg_8QbuqUGSYBXGNMlwO4XAvTfdDpb2QVuBavxuv6XmYqbz6aP9hAbG_zDZrd2wK5r8Pm1iA-eMzJH74cl-4ELYhamjE8_k-5SYbat8TOt3iYnosNDrYadoSUP1oCZFRk_7vmzl8C0s6q32JaRb_fTqW6Bjxnpx4qL2gtKopMegXtPIYzq6NzwWmkHE0&lptoken=16ad399e79f7115b12ee&keyword=hotailo.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440514653&bid=0.006334&clickid=87784004389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp1s.stop-ads.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 18 Dec 2021 00:13:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 18 Dec 2021 01:01:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Dec 2021 01:01:52 GMT
email-decode.min.js
lp1s.stop-ads.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp1s.stop-ads.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: lp1s.stop-ads.xyz
URL: https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=zkpLYZLb3xCQPM3PcFv6NEsmsKqRTjztlZHdxVeuLK_xm0mh6L6a7MB7jttkrJvSDP6TNH6cBNBnctqQZ0Yt86EnPu8UQp1RiZ42hWGqEMCtbejYBEhwOW6_Dj11pJ0yEzEOzYsCMythN_WX5OA_-cfIItLyhAxdXivbtaj-59TzBAETwvJeuIfQAPVzuIRcX5NgYrbPz6rf0E98fT7eVijj6MAq-U_6fjEHf_75tScNmLnV2pB939_aGu4qHUU9WCMOjdjf1s21UDxQq3froIzWEZuoKMahEFXcHiR1s4KwKlgWq4Z7W_uPnsHPrcbOTvWFPq7FtQkH4Hj2HqlzUMXtdE_lQApNBzYqNbDTevo-S50Pg_8QbuqUGSYBXGNMlwO4XAvTfdDpb2QVuBavxuv6XmYqbz6aP9hAbG_zDZrd2wK5r8Pm1iA-eMzJH74cl-4ELYhamjE8_k-5SYbat8TOt3iYnosNDrYadoSUP1oCZFRk_7vmzl8C0s6q32JaRb_fTqW6Bjxnpx4qL2gtKopMegXtPIYzq6NzwWmkHE0&lptoken=16ad399e79f7115b12ee&keyword=hotailo.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440514653&bid=0.006334&clickid=87784004389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b1c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=zkpLYZLb3xCQPM3PcFv6NEsmsKqRTjztlZHdxVeuLK_xm0mh6L6a7MB7jttkrJvSDP6TNH6cBNBnctqQZ0Yt86EnPu8UQp1RiZ42hWGqEMCtbejYBEhwOW6_Dj11pJ0yEzEOzYsCMythN_WX5OA_-cfIItLyhAxdXivbtaj-59TzBAETwvJeuIfQAPVzuIRcX5NgYrbPz6rf0E98fT7eVijj6MAq-U_6fjEHf_75tScNmLnV2pB939_aGu4qHUU9WCMOjdjf1s21UDxQq3froIzWEZuoKMahEFXcHiR1s4KwKlgWq4Z7W_uPnsHPrcbOTvWFPq7FtQkH4Hj2HqlzUMXtdE_lQApNBzYqNbDTevo-S50Pg_8QbuqUGSYBXGNMlwO4XAvTfdDpb2QVuBavxuv6XmYqbz6aP9hAbG_zDZrd2wK5r8Pm1iA-eMzJH74cl-4ELYhamjE8_k-5SYbat8TOt3iYnosNDrYadoSUP1oCZFRk_7vmzl8C0s6q32JaRb_fTqW6Bjxnpx4qL2gtKopMegXtPIYzq6NzwWmkHE0&lptoken=16ad399e79f7115b12ee&keyword=hotailo.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440514653&bid=0.006334&clickid=87784004389
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 18 Dec 2021 01:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 14:30:56 GMT
server
cloudflare
etag
W/"61b75920-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wlv4JFduP%2B%2F1icNaPasx9XFM5frmG09bkQhqfDEavncrU91JSVRYyr9iEj7U899kUnCkIwfX62JRZyydsH1p2m0bw%2BPcJ6sfl1MtKZc7DlSqKZ1vqMmpByA9gBZCTc2KYo8EqyFKRGJSrPQqBByo8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6bf476634f4559b9-MXP
vary
Accept-Encoding
expires
Mon, 20 Dec 2021 01:01:52 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lp1s.stop-ads.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 14:02:00 GMT
x-content-type-options
nosniff
age
298792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Dec 2022 14:02:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lp1s.stop-ads.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 13:39:48 GMT
x-content-type-options
nosniff
age
40924
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Dec 2022 13:39:48 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
hotailo.com/ Name: ipc
Value: eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6MjEsInRzIjoxNjM5Nzg5MzExLCJoYXNoIjoiNjgxOTAyMjgifQ==
.mybestdl.com/ Name: rhid
Value: 80328439539
.mybestdl.com/ Name: loi
Value: ad_1126337_off_570904_aff_8203_cid_226681-HOTAILO.COM_ts_1639789312
.track.sparta-tracking.xyz/ Name: 440e1753-b94c-4d29-bfdc-7aa21335939c-v4
Value: hGG6s1y7raBuZUGhAoflddL413x9Y8WDv8S7QtQjxj4
.track.sparta-tracking.xyz/ Name: cep-v4
Value: DNeSA_5yaKK8u1BT1b1VreiiNNe2BG4RwKK4uyiPM3K0d0W052ZHpub-zfVpIszVW8x0q978OrKZZjqxQ9eVvuvj8OSCCFbGeavXshQMmYfEmONP_xPK9bOX2gYIC3hllIeVVRcJSDKI4_pMb4XLpcDrQgtyXzN4KKKprEPhDCiaEN7q_7mt3BNb0jRamUzpzhSjLfE1D-mQwDSjKPQkwBjnUMcxuzWF4ukJXjOifyNR3_obETtaKExWOgF85VkoFANODnnt1zQoVZTuj7iCoLcyDYeaNn2T_qnuYl0HlCVDQuKM5g72mgBl6YRgmZwEBX2LCk8FbpjCjLyqNnbD3L_-qpfCpwpk5hc_rX52YMtO1RITcAGzmtkJpNOsVkfFYWaVnmgpD6emx6saKyCUatRYBgFEa8kVegUWWbxJapwOcZ35Jv4QlF8Ymc7Izamyta0llhb2p92fSNeNma4Afu65v8VLAo0XyMUwRLStn90DtBkIGZhU7k_z8jG6qeDOSQ3dkV6Z88JgWIcM7Tqpxzw4ShXlWSTaXrrS9WV6tFk