urlscan.io logo urlscan.io
SecurityTrails logo

lp9s.stop-ads.xyz Open in urlscan Pro
104.21.17.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cookie.axelatos.com/
Effective URL: https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=rwGkuaYwJGnhKz6jDjkDCXiO1MhfbqKIsOM-aJhwHx9C2kzSewvr...
Submission: On October 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 7 HTTP transactions. The main IP is 104.21.17.182, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp9s.stop-ads.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 4th 2021. Valid for: a year.
This is the only time lp9s.stop-ads.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 72.52.178.23 32244 (LIQUIDWEB)
2 2 173.192.101.24 36351 (SOFTLAYER)
2 2 104.21.37.59 13335 (CLOUDFLAR...)
4 104.21.17.182 13335 (CLOUDFLAR...)
1 213.227.132.155 60781 (LEASEWEB-...)
7 4
2    72.52.178.23 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
cookie.axelatos.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p237996.mybetterdl.com
2    104.21.37.59 (United States)

ASN13335 (CLOUDFLARENET, US)
track.sparta-tracking.xyz
4    104.21.17.182 (United States)

ASN13335 (CLOUDFLARENET, US)
lp9s.stop-ads.xyz
1    213.227.132.155 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
tracking.prtrackings.com
Domain Requested by
4 lp9s.stop-ads.xyz cookie.axelatos.com
lp9s.stop-ads.xyz
2 track.sparta-tracking.xyz 2 redirects
2 cookie.axelatos.com cookie.axelatos.com
1 tracking.prtrackings.com lp9s.stop-ads.xyz
1 p237996.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
7 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-04 -
2022-01-03		 a year crt.sh
tracking.prtrackings.com
Sectigo RSA Domain Validation Secure Server CA		 2019-12-25 -
2021-12-24		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=rwGkuaYwJGnhKz6jDjkDCXiO1MhfbqKIsOM-aJhwHx9C2kzSewvrQ5ENN10VmmdTdQ_A-Dv2dcB8wbaOR6x5NLedXfB4tw8EBvj8bJEFyjsyDoDUPGtRoSj90otNOSAh5QHgV2WH-4SvBebJc2GWTJhGDQK0BGN-xARCUGZ3UJYClXJa8fiX0cjw0wG5gmJEAy4ZO-qVGT5nd9kdWU8KMR97l7nKbtk2BG4-7LlGf1JkvXwr7BdlELtZ594OHhxEy_yCFDOkLlVLSXP2iQHly3Cjtt_miC7-ogaG1bZwypVhWdFaXahWy1h3THOaUwDNdUEg6wgRvCVYvCR9kufXxwIE3gv3RVc19R7hy7YWbmzxpCieRP_izERsU0FhkqIdLSzXijl7SMH7a0eG2unaWCjYJ-QvLpY34yxudWwKW5z2UfUyvUeU5Wymr47QVWR4pdnGxRwF4QaBPGJEJLCF4kRiEY6geB4rTTX-ELTWVixeTGxcJ8T3R3TiT_wUWwQaikqLNwbJV1_pimymB1ctni3U5_6js3KsBeq6oWm0B9o&lptoken=168335e4487141c9598b&keyword=axelatos.com&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440254012&bid=0.0009&clickid=87430463134
Frame ID: 22EEF662D45503B916BB52B03FFD9E8A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Laden Sie die bereite AdBlocker and Privacy Protector Browsererweiterung herunter

Page URL History Show full URLs

  1. http://cookie.axelatos.com/ Page URL
  2. http://cookie.axelatos.com/page/bouncy.php?&bpae=GbhGs7%2FGwiZ5NpuP%2BvzALIrfLmjkSfIrXvjFtKkHaLwX4xm2Lr... Page URL
  3. https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6TPQ4_T7VVdxFc8RMlCrR9kQAVfxVIJjiXnEESpdZY9Zp5tV7Jmg... HTTP 302
    https://p237996.mybetterdl.com/adServe/domainClick?ai=IMh5EoW_2OqMaMm9W8tmTpcuN2BpTcSV95fbFRVw6h0EErEUEwoaP... HTTP 302
    http://track.sparta-tracking.xyz/57730d73-c197-46d0-ba68-56cb980d2001?keyword=axelatos.com&geo=DE&campaignnam... HTTP 301
    https://track.sparta-tracking.xyz/57730d73-c197-46d0-ba68-56cb980d2001?keyword=axelatos.com&geo=DE&campaignnam... HTTP 302
    https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=rwGkuaYwJGnhKz6jDjkDCXiO1MhfbqKI... Page URL

Page Statistics

7
Requests

71 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

77 kB
Transfer

88 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cookie.axelatos.com/ Page URL
  2. http://cookie.axelatos.com/page/bouncy.php?&bpae=GbhGs7%2FGwiZ5NpuP%2BvzALIrfLmjkSfIrXvjFtKkHaLwX4xm2LrngnNluZQT8KNBTZ2DgWtSuSFPqlV%2FIvrkvNv40GuGO0XRFMeKmkr5tSMNuBYZgyig3tRN65buokynml2tHjz%2FHhT4yqo0vxLqogG8XM89LyMuL8MES6%2BVkmZa37M0r7YuVemGZ26yIWemXO27MV5TpnNc9i4j5Q5ZQ6Su%2BWn%2BYeaqmIleMLZjOKWs%2FgiaxaTwe9ZBfQVw2%2F0dfts7xr%2FQLwrssDijCdOvqUZ9xx0JNhzE5rvcGGZuMvV2PgvlY5r%2B3GJcUkcRGxtraLbRM%2FB9dRdZXbyTNp0r1cEUR9ddnRbjo0xSGKOan3RZFmDmxwb4IQosoavD1RhGYnwVeWCYnCs62lAIblwTOmk0tJaSSjEbK1uxwCF3icImyvlOVv9jqbRCqbftOR1wj8aJjB69wiXhyhT7fA%2Bpdx9PHx16o2qvAis%2FSf2RxMyD2hclCEve2GbKA53zcPy%2FLOmy%2BiV5XZjOYXD5zSLqNH%2BCAQZHcL2uMm01lacWShfjQfWBvVT98Rox1bKUwEDfo5kHfhfeZmQDjw%2BW8uvgcwVHGu%2FmXP87bD0r%2FOXluGL%2BtqumQE05oPG3E8G6Ki0SPsApNv6T2rCc3N%2FVWzahPs0MYF%2B5HJgnX8hP30tbgaDS8UPvkAkRKoFiTxrITo%2B%2FB%2Fg4U2itZbS2zjbToOhOaz7V2V4BuxRbFAqdwGAnbdb3xyje28hHW2YXQbalO1bIkfFqilGAzlBB1dGxfWA9TGxdu5z2CrwAPbKGOjq5fdzzBB4R8yDDy95r4P%2B0Eqa%2Fsq8Uzra88dcLhQZMlDhX%2FSWm%2BTtex%2FA5Q%2FRUupTqKN5yOKp49x9vyK1KQO52p9j%2BGpm%2FG7d%2F6hRENGVsYH%2Bvoq4X8m0e3PuWOU%2B1ZIBW4dMLi5TC87%2Fj0SUtyk9pNsfBsKcdMA%2BHxTMTe4qTpVYZxyDJL01wONQurPJRqxRt8BTvzAnDLRbxxs%2Bx87Gm2FIlRpv4EvnXskI5ob2OCVRuj81TsJ12cTmU%2FonGzNeMS0fVrSY1SaWB%2FRg3jU5rmuB4fJ%2FQsf3wYSA%2Btlii0iK%2BFS%2BwZwshQtUZg0p4fnOQfY3ZZaB90%2BNPEnGy1d64FeIAJ5%2FxrHAri6FkVZueeoDiXCoC7qd9lfgcIRvKdjLjR5uBXpkVlrdOFVVgnXm2khwY1DC2jJnu3RhsbnMChsBhVwNnZk6UFk5T4QtCYubhE5M8ZjkaihEFKhUwvG5rFcbbF6xm9FnbJiOpW8r%2BEatdyqjZMzg8esRmM7sWPHS5UTeayEezW8Ddpafufp7UXNsT%2B5xCpFpWAgl5r9VupAY8I3xFpizQVuYRVMtzVF2yHLuyTZu4YZi85RHZxiEfocPNoVXMtWlsvOO1dl4a1J3OaYR86RNMWq%2Byv36019fE8vq9nSIV3NwG9RiANfmRJcTgmXZ9%2Bpmg6GcXERG%2F2aYmvPBxqthZAxSrHkfAzff%2FtClPlJAmWtB6Vdku80ZrAYhED2KsrJsNgLllGRC79KQgZkK5ee1PPaGS5jRJguOucYJKIsC9apsj%2FJGr1tUC0VZMSoMmbJ%2Fxhunm%2FyZz5CQI6FLuFRx7kWOrlavyi4UoOHaxZWVr9NRdnm6cJ106NjNTFzTi9XLghlU0p%2BSSrxZh74kiVx0Kqy2BikokmkbUZMS0A4QwWysJgf4UTo6cJaOEDU4K%2Fbf1hZpJjkPQkxERd89S6yRvUV8jQZcsGVBufzLyh%2BirOuIr0bT4ZDnwBZEsM7Qmesz%2B6iVecflJers3xLHPLizSpfCS%2FmgyiF9dYMj1%2Fz0kq7VJ4GoGMgisfd1uzMLsCnnLz32dy4FVbDBFNcvf0N4%2FBW4JhrcXNI7RAMIwxypYmXIIH95T11NUF9p5%2FpK46gAcAENCrKks7kzmuyR7CSEkgffZ6xdaMyjGaHPdP&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6TPQ4_T7VVdxFc8RMlCrR9kQAVfxVIJjiXnEESpdZY9Zp5tV7JmgQXznIFjje5HrPodK7X5QIc3n0hfs9IVa7UGQ57WzBF2cznwvxdiymVNjhYRq2NAfQ6SiUnMKG1xv31r6HPqc5_T5XfmENYXbWzNNl6RGTsBSknRP7mLdAU_N_WpAQO6qnd215MljBnOgvZGa73UHKgWmkljCqd_-OKbp4UlEfy85wtABOqcEFu3rd2Kn2_gzMZwpop5aPirSy3oy4QWGwlR3TBZ6Zw2vprL6kE_jRJrkoI2zuxxwzh-NaQ4kU1nuEskSHVP_AKNw773gmVNJwT1AtAnvhFKYL8I78eHpDygdr2gMwM_pVM0XY3nCGqFBql5LMKmRLHDSQtBmGp4bTzWMEpzYqD4B097NCQww9FDsL-rRnI1ll5ssHrz3WI9mYfdu9EV7m4eOU918SaRsAmotArhbQQjULSArBlmV0vNQw9BX5yx0Ix_Dc2r0qtBTcy5h7cDVXcO8OhPrB0IMjwzxzT3rWjqSuGb8NQz7BtxkBPgIMRaIQcqgwYInwime25VQ1F35wN2fuBa6nMUadLWAkYOd2yZuudsCjUQdT00YZU24yY_cOneCApBYmBWzQ547L03DgO15QhyxPyfk2cXizUAM0XWMDCgVhU2XXirkb68wSbvl73i1zs91RWbptjcExnYxiRDRy9mS2ZsbePrNX9_Ku7cen9iFNxDgDjyIm3l10dOWY-uZavUXsgXFyPPMZlJhZANjdAtpPDOaRJlWZMuo4lXUhfhZiVE2URjVEDy6IZxqTZ-G8yX8p1ckGTXjRbixmaeDlT7W2NOJFr9gDPlwJknODce7f8pXd79e-ClOjVI6ttVNpQL-GnACHHGJhBOwNNyKPS7GT3A0KdIAxFN7wysKFw2dg8IHsLNbR-4yhO4g1exQWG6ulNxQoB32XrObDFiZlEuN1202C92y8UrAAWCWiKnwK9wHMmX3kK0AXuto--PdBF60A6df-T4-nPWN3kRkqc50MpPR-MEXUdAmmzLFXubgxFd-pz25ktrh9EEVyRYA6KQmoHlboUAv3SPgwje0F5khLIYwmp7N1jgZepaCKXRrmIrP2lNhVXc1TJLY5jgsYGrivroMtcMcqnNvhGdhwxahSsPlvn6vuXaUOR19twEjAxabQaLByJK4nAe_QDrvEYk0qpySDdI1StMGW5Glm6eUdaZf__tAEJgWFB6J_Y0aW_71CtbnC2n4FHXo_2rGaJlLSR1HJWJC-K0BXW83CkpFGA_wgnsDeF6_g8Tduk2raJccto791T6pyAeCFIdF7b5J2fz31MKlnXH7OixRLN5JeenoHUvBEJgWFB6J_Y0Oaa6puB53gAlO7oBdjPsrkJgWFB6J_Y0GeDYFDo8O3wEqdXyGRuajxgzzf-peldAHNGkWry4PIP0Gk2GDBUMQxMKyxAGjlv4Yffk3A3bwOYTqNgyWjYzZA HTTP 302
    https://p237996.mybetterdl.com/adServe/domainClick?ai=IMh5EoW_2OqMaMm9W8tmTpcuN2BpTcSV95fbFRVw6h0EErEUEwoaPfpz1jd5EZKnOdDKT0fjBF2H9fE_QqR6gk9i_TRclVxeeUOO8_gldaJdpOF1ScxyV_JhYB0lhN02yi5QSNsOAhdM_d9S4MXF-gFbc1vgZxvyYlZ0CBoMUA4lO7oBdjPsrkJgWFB6J_Y0JPjBUjMHixTtt8nH_2lE0LXKLq8swfk_lnXH7OixRLNM6h5QjmQGPltoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q3zC3htLeISDCol4S5osn5YR0Ng4Sbb-ez4Kbfkwb3MQhMKyxAGjlv4Yffk3A3bwOb_HEQbYg3d0iQM8FakQgVKwbN-HQI1TJo&ui=w_Wj54-Mm6TPQ4_T7VVdxA2PDc-S0YhkIaIc3yOo5HK-5aQGHoQMPpERoEOsDGTcENvlYhvkT8k6lYZhP4q5xACVUpRTHSWwm02sQM_ghbazbp_JzTIPZA&si=1&oref=cc3e6fdae89cba88a26a2afce86190a7&optunit=QmBYUHon9jStK6Mz5FaVqw&rb=4mwZSEUVHek&rr=1&abtg=0 HTTP 302
    http://track.sparta-tracking.xyz/57730d73-c197-46d0-ba68-56cb980d2001?keyword=axelatos.com&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440254012&bid=0.0009&clickid=87430463134 HTTP 301
    https://track.sparta-tracking.xyz/57730d73-c197-46d0-ba68-56cb980d2001?keyword=axelatos.com&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440254012&bid=0.0009&clickid=87430463134 HTTP 302
    https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=rwGkuaYwJGnhKz6jDjkDCXiO1MhfbqKIsOM-aJhwHx9C2kzSewvrQ5ENN10VmmdTdQ_A-Dv2dcB8wbaOR6x5NLedXfB4tw8EBvj8bJEFyjsyDoDUPGtRoSj90otNOSAh5QHgV2WH-4SvBebJc2GWTJhGDQK0BGN-xARCUGZ3UJYClXJa8fiX0cjw0wG5gmJEAy4ZO-qVGT5nd9kdWU8KMR97l7nKbtk2BG4-7LlGf1JkvXwr7BdlELtZ594OHhxEy_yCFDOkLlVLSXP2iQHly3Cjtt_miC7-ogaG1bZwypVhWdFaXahWy1h3THOaUwDNdUEg6wgRvCVYvCR9kufXxwIE3gv3RVc19R7hy7YWbmzxpCieRP_izERsU0FhkqIdLSzXijl7SMH7a0eG2unaWCjYJ-QvLpY34yxudWwKW5z2UfUyvUeU5Wymr47QVWR4pdnGxRwF4QaBPGJEJLCF4kRiEY6geB4rTTX-ELTWVixeTGxcJ8T3R3TiT_wUWwQaikqLNwbJV1_pimymB1ctni3U5_6js3KsBeq6oWm0B9o&lptoken=168335e4487141c9598b&keyword=axelatos.com&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440254012&bid=0.0009&clickid=87430463134 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cookie.axelatos.com/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cookie.axelatos.com/
Protocol
HTTP/1.1
Server
72.52.178.23 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 29 Oct 2021 04:39:18 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
bouncy.php
cookie.axelatos.com/page/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cookie.axelatos.com/page/bouncy.php?&bpae=GbhGs7%2FGwiZ5NpuP%2BvzALIrfLmjkSfIrXvjFtKkHaLwX4xm2LrngnNluZQT8KNBTZ2DgWtSuSFPqlV%2FIvrkvNv40GuGO0XRFMeKmkr5tSMNuBYZgyig3tRN65buokynml2tHjz%2FHhT4yqo0vxLqogG8XM89LyMuL8MES6%2BVkmZa37M0r7YuVemGZ26yIWemXO27MV5TpnNc9i4j5Q5ZQ6Su%2BWn%2BYeaqmIleMLZjOKWs%2FgiaxaTwe9ZBfQVw2%2F0dfts7xr%2FQLwrssDijCdOvqUZ9xx0JNhzE5rvcGGZuMvV2PgvlY5r%2B3GJcUkcRGxtraLbRM%2FB9dRdZXbyTNp0r1cEUR9ddnRbjo0xSGKOan3RZFmDmxwb4IQosoavD1RhGYnwVeWCYnCs62lAIblwTOmk0tJaSSjEbK1uxwCF3icImyvlOVv9jqbRCqbftOR1wj8aJjB69wiXhyhT7fA%2Bpdx9PHx16o2qvAis%2FSf2RxMyD2hclCEve2GbKA53zcPy%2FLOmy%2BiV5XZjOYXD5zSLqNH%2BCAQZHcL2uMm01lacWShfjQfWBvVT98Rox1bKUwEDfo5kHfhfeZmQDjw%2BW8uvgcwVHGu%2FmXP87bD0r%2FOXluGL%2BtqumQE05oPG3E8G6Ki0SPsApNv6T2rCc3N%2FVWzahPs0MYF%2B5HJgnX8hP30tbgaDS8UPvkAkRKoFiTxrITo%2B%2FB%2Fg4U2itZbS2zjbToOhOaz7V2V4BuxRbFAqdwGAnbdb3xyje28hHW2YXQbalO1bIkfFqilGAzlBB1dGxfWA9TGxdu5z2CrwAPbKGOjq5fdzzBB4R8yDDy95r4P%2B0Eqa%2Fsq8Uzra88dcLhQZMlDhX%2FSWm%2BTtex%2FA5Q%2FRUupTqKN5yOKp49x9vyK1KQO52p9j%2BGpm%2FG7d%2F6hRENGVsYH%2Bvoq4X8m0e3PuWOU%2B1ZIBW4dMLi5TC87%2Fj0SUtyk9pNsfBsKcdMA%2BHxTMTe4qTpVYZxyDJL01wONQurPJRqxRt8BTvzAnDLRbxxs%2Bx87Gm2FIlRpv4EvnXskI5ob2OCVRuj81TsJ12cTmU%2FonGzNeMS0fVrSY1SaWB%2FRg3jU5rmuB4fJ%2FQsf3wYSA%2Btlii0iK%2BFS%2BwZwshQtUZg0p4fnOQfY3ZZaB90%2BNPEnGy1d64FeIAJ5%2FxrHAri6FkVZueeoDiXCoC7qd9lfgcIRvKdjLjR5uBXpkVlrdOFVVgnXm2khwY1DC2jJnu3RhsbnMChsBhVwNnZk6UFk5T4QtCYubhE5M8ZjkaihEFKhUwvG5rFcbbF6xm9FnbJiOpW8r%2BEatdyqjZMzg8esRmM7sWPHS5UTeayEezW8Ddpafufp7UXNsT%2B5xCpFpWAgl5r9VupAY8I3xFpizQVuYRVMtzVF2yHLuyTZu4YZi85RHZxiEfocPNoVXMtWlsvOO1dl4a1J3OaYR86RNMWq%2Byv36019fE8vq9nSIV3NwG9RiANfmRJcTgmXZ9%2Bpmg6GcXERG%2F2aYmvPBxqthZAxSrHkfAzff%2FtClPlJAmWtB6Vdku80ZrAYhED2KsrJsNgLllGRC79KQgZkK5ee1PPaGS5jRJguOucYJKIsC9apsj%2FJGr1tUC0VZMSoMmbJ%2Fxhunm%2FyZz5CQI6FLuFRx7kWOrlavyi4UoOHaxZWVr9NRdnm6cJ106NjNTFzTi9XLghlU0p%2BSSrxZh74kiVx0Kqy2BikokmkbUZMS0A4QwWysJgf4UTo6cJaOEDU4K%2Fbf1hZpJjkPQkxERd89S6yRvUV8jQZcsGVBufzLyh%2BirOuIr0bT4ZDnwBZEsM7Qmesz%2B6iVecflJers3xLHPLizSpfCS%2FmgyiF9dYMj1%2Fz0kq7VJ4GoGMgisfd1uzMLsCnnLz32dy4FVbDBFNcvf0N4%2FBW4JhrcXNI7RAMIwxypYmXIIH95T11NUF9p5%2FpK46gAcAENCrKks7kzmuyR7CSEkgffZ6xdaMyjGaHPdP&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: cookie.axelatos.com
URL: http://cookie.axelatos.com/
Protocol
HTTP/1.1
Server
72.52.178.23 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://cookie.axelatos.com/

Response headers

Date
Fri, 29 Oct 2021 04:39:18 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
Keep-Alive
timeout=5, max=96
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request /
lp9s.stop-ads.xyz/
Redirect Chain
  • https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6TPQ4_T7VVdxFc8RMlCrR9kQAVfxVIJjiXnEESpdZY9Zp5tV7JmgQXznIFjje5HrPodK7X5QIc3n0hfs9IVa7UGQ57WzBF2cznwvxdiymVNjhYRq2NAfQ6SiUnMKG1xv31r6HPqc5_T5XfmENYXbWz...
  • https://p237996.mybetterdl.com/adServe/domainClick?ai=IMh5EoW_2OqMaMm9W8tmTpcuN2BpTcSV95fbFRVw6h0EErEUEwoaPfpz1jd5EZKnOdDKT0fjBF2H9fE_QqR6gk9i_TRclVxeeUOO8_gldaJdpOF1ScxyV_JhYB0lhN02yi5QSNsOAhdM_d9...
  • http://track.sparta-tracking.xyz/57730d73-c197-46d0-ba68-56cb980d2001?keyword=axelatos.com&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440254012&...
  • https://track.sparta-tracking.xyz/57730d73-c197-46d0-ba68-56cb980d2001?keyword=axelatos.com&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440254012...
  • https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=rwGkuaYwJGnhKz6jDjkDCXiO1MhfbqKIsOM-aJhwHx9C2kzSewvrQ5ENN10VmmdTdQ_A-Dv2dcB8wbaOR6x5NLedXfB4tw8EBvj8bJEFyjsyDoDUPGtRoSj90otNOSA...
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=rwGkuaYwJGnhKz6jDjkDCXiO1MhfbqKIsOM-aJhwHx9C2kzSewvrQ5ENN10VmmdTdQ_A-Dv2dcB8wbaOR6x5NLedXfB4tw8EBvj8bJEFyjsyDoDUPGtRoSj90otNOSAh5QHgV2WH-4SvBebJc2GWTJhGDQK0BGN-xARCUGZ3UJYClXJa8fiX0cjw0wG5gmJEAy4ZO-qVGT5nd9kdWU8KMR97l7nKbtk2BG4-7LlGf1JkvXwr7BdlELtZ594OHhxEy_yCFDOkLlVLSXP2iQHly3Cjtt_miC7-ogaG1bZwypVhWdFaXahWy1h3THOaUwDNdUEg6wgRvCVYvCR9kufXxwIE3gv3RVc19R7hy7YWbmzxpCieRP_izERsU0FhkqIdLSzXijl7SMH7a0eG2unaWCjYJ-QvLpY34yxudWwKW5z2UfUyvUeU5Wymr47QVWR4pdnGxRwF4QaBPGJEJLCF4kRiEY6geB4rTTX-ELTWVixeTGxcJ8T3R3TiT_wUWwQaikqLNwbJV1_pimymB1ctni3U5_6js3KsBeq6oWm0B9o&lptoken=168335e4487141c9598b&keyword=axelatos.com&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440254012&bid=0.0009&clickid=87430463134
Requested by
Host: cookie.axelatos.com
URL: http://cookie.axelatos.com/page/bouncy.php?&bpae=GbhGs7%2FGwiZ5NpuP%2BvzALIrfLmjkSfIrXvjFtKkHaLwX4xm2LrngnNluZQT8KNBTZ2DgWtSuSFPqlV%2FIvrkvNv40GuGO0XRFMeKmkr5tSMNuBYZgyig3tRN65buokynml2tHjz%2FHhT4yqo0vxLqogG8XM89LyMuL8MES6%2BVkmZa37M0r7YuVemGZ26yIWemXO27MV5TpnNc9i4j5Q5ZQ6Su%2BWn%2BYeaqmIleMLZjOKWs%2FgiaxaTwe9ZBfQVw2%2F0dfts7xr%2FQLwrssDijCdOvqUZ9xx0JNhzE5rvcGGZuMvV2PgvlY5r%2B3GJcUkcRGxtraLbRM%2FB9dRdZXbyTNp0r1cEUR9ddnRbjo0xSGKOan3RZFmDmxwb4IQosoavD1RhGYnwVeWCYnCs62lAIblwTOmk0tJaSSjEbK1uxwCF3icImyvlOVv9jqbRCqbftOR1wj8aJjB69wiXhyhT7fA%2Bpdx9PHx16o2qvAis%2FSf2RxMyD2hclCEve2GbKA53zcPy%2FLOmy%2BiV5XZjOYXD5zSLqNH%2BCAQZHcL2uMm01lacWShfjQfWBvVT98Rox1bKUwEDfo5kHfhfeZmQDjw%2BW8uvgcwVHGu%2FmXP87bD0r%2FOXluGL%2BtqumQE05oPG3E8G6Ki0SPsApNv6T2rCc3N%2FVWzahPs0MYF%2B5HJgnX8hP30tbgaDS8UPvkAkRKoFiTxrITo%2B%2FB%2Fg4U2itZbS2zjbToOhOaz7V2V4BuxRbFAqdwGAnbdb3xyje28hHW2YXQbalO1bIkfFqilGAzlBB1dGxfWA9TGxdu5z2CrwAPbKGOjq5fdzzBB4R8yDDy95r4P%2B0Eqa%2Fsq8Uzra88dcLhQZMlDhX%2FSWm%2BTtex%2FA5Q%2FRUupTqKN5yOKp49x9vyK1KQO52p9j%2BGpm%2FG7d%2F6hRENGVsYH%2Bvoq4X8m0e3PuWOU%2B1ZIBW4dMLi5TC87%2Fj0SUtyk9pNsfBsKcdMA%2BHxTMTe4qTpVYZxyDJL01wONQurPJRqxRt8BTvzAnDLRbxxs%2Bx87Gm2FIlRpv4EvnXskI5ob2OCVRuj81TsJ12cTmU%2FonGzNeMS0fVrSY1SaWB%2FRg3jU5rmuB4fJ%2FQsf3wYSA%2Btlii0iK%2BFS%2BwZwshQtUZg0p4fnOQfY3ZZaB90%2BNPEnGy1d64FeIAJ5%2FxrHAri6FkVZueeoDiXCoC7qd9lfgcIRvKdjLjR5uBXpkVlrdOFVVgnXm2khwY1DC2jJnu3RhsbnMChsBhVwNnZk6UFk5T4QtCYubhE5M8ZjkaihEFKhUwvG5rFcbbF6xm9FnbJiOpW8r%2BEatdyqjZMzg8esRmM7sWPHS5UTeayEezW8Ddpafufp7UXNsT%2B5xCpFpWAgl5r9VupAY8I3xFpizQVuYRVMtzVF2yHLuyTZu4YZi85RHZxiEfocPNoVXMtWlsvOO1dl4a1J3OaYR86RNMWq%2Byv36019fE8vq9nSIV3NwG9RiANfmRJcTgmXZ9%2Bpmg6GcXERG%2F2aYmvPBxqthZAxSrHkfAzff%2FtClPlJAmWtB6Vdku80ZrAYhED2KsrJsNgLllGRC79KQgZkK5ee1PPaGS5jRJguOucYJKIsC9apsj%2FJGr1tUC0VZMSoMmbJ%2Fxhunm%2FyZz5CQI6FLuFRx7kWOrlavyi4UoOHaxZWVr9NRdnm6cJ106NjNTFzTi9XLghlU0p%2BSSrxZh74kiVx0Kqy2BikokmkbUZMS0A4QwWysJgf4UTo6cJaOEDU4K%2Fbf1hZpJjkPQkxERd89S6yRvUV8jQZcsGVBufzLyh%2BirOuIr0bT4ZDnwBZEsM7Qmesz%2B6iVecflJers3xLHPLizSpfCS%2FmgyiF9dYMj1%2Fz0kq7VJ4GoGMgisfd1uzMLsCnnLz32dy4FVbDBFNcvf0N4%2FBW4JhrcXNI7RAMIwxypYmXIIH95T11NUF9p5%2FpK46gAcAENCrKks7kzmuyR7CSEkgffZ6xdaMyjGaHPdP&redirectType=js&inIframe=false&inPopUp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.17.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffa910fe0529d63512c5c53278fe5485e93f143ca203443766f313011f299631
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://cookie.axelatos.com/page/bouncy.php?&bpae=GbhGs7%2FGwiZ5NpuP%2BvzALIrfLmjkSfIrXvjFtKkHaLwX4xm2LrngnNluZQT8KNBTZ2DgWtSuSFPqlV%2FIvrkvNv40GuGO0XRFMeKmkr5tSMNuBYZgyig3tRN65buokynml2tHjz%2FHhT4yqo0vxLqogG8XM89LyMuL8MES6%2BVkmZa37M0r7YuVemGZ26yIWemXO27MV5TpnNc9i4j5Q5ZQ6Su%2BWn%2BYeaqmIleMLZjOKWs%2FgiaxaTwe9ZBfQVw2%2F0dfts7xr%2FQLwrssDijCdOvqUZ9xx0JNhzE5rvcGGZuMvV2PgvlY5r%2B3GJcUkcRGxtraLbRM%2FB9dRdZXbyTNp0r1cEUR9ddnRbjo0xSGKOan3RZFmDmxwb4IQosoavD1RhGYnwVeWCYnCs62lAIblwTOmk0tJaSSjEbK1uxwCF3icImyvlOVv9jqbRCqbftOR1wj8aJjB69wiXhyhT7fA%2Bpdx9PHx16o2qvAis%2FSf2RxMyD2hclCEve2GbKA53zcPy%2FLOmy%2BiV5XZjOYXD5zSLqNH%2BCAQZHcL2uMm01lacWShfjQfWBvVT98Rox1bKUwEDfo5kHfhfeZmQDjw%2BW8uvgcwVHGu%2FmXP87bD0r%2FOXluGL%2BtqumQE05oPG3E8G6Ki0SPsApNv6T2rCc3N%2FVWzahPs0MYF%2B5HJgnX8hP30tbgaDS8UPvkAkRKoFiTxrITo%2B%2FB%2Fg4U2itZbS2zjbToOhOaz7V2V4BuxRbFAqdwGAnbdb3xyje28hHW2YXQbalO1bIkfFqilGAzlBB1dGxfWA9TGxdu5z2CrwAPbKGOjq5fdzzBB4R8yDDy95r4P%2B0Eqa%2Fsq8Uzra88dcLhQZMlDhX%2FSWm%2BTtex%2FA5Q%2FRUupTqKN5yOKp49x9vyK1KQO52p9j%2BGpm%2FG7d%2F6hRENGVsYH%2Bvoq4X8m0e3PuWOU%2B1ZIBW4dMLi5TC87%2Fj0SUtyk9pNsfBsKcdMA%2BHxTMTe4qTpVYZxyDJL01wONQurPJRqxRt8BTvzAnDLRbxxs%2Bx87Gm2FIlRpv4EvnXskI5ob2OCVRuj81TsJ12cTmU%2FonGzNeMS0fVrSY1SaWB%2FRg3jU5rmuB4fJ%2FQsf3wYSA%2Btlii0iK%2BFS%2BwZwshQtUZg0p4fnOQfY3ZZaB90%2BNPEnGy1d64FeIAJ5%2FxrHAri6FkVZueeoDiXCoC7qd9lfgcIRvKdjLjR5uBXpkVlrdOFVVgnXm2khwY1DC2jJnu3RhsbnMChsBhVwNnZk6UFk5T4QtCYubhE5M8ZjkaihEFKhUwvG5rFcbbF6xm9FnbJiOpW8r%2BEatdyqjZMzg8esRmM7sWPHS5UTeayEezW8Ddpafufp7UXNsT%2B5xCpFpWAgl5r9VupAY8I3xFpizQVuYRVMtzVF2yHLuyTZu4YZi85RHZxiEfocPNoVXMtWlsvOO1dl4a1J3OaYR86RNMWq%2Byv36019fE8vq9nSIV3NwG9RiANfmRJcTgmXZ9%2Bpmg6GcXERG%2F2aYmvPBxqthZAxSrHkfAzff%2FtClPlJAmWtB6Vdku80ZrAYhED2KsrJsNgLllGRC79KQgZkK5ee1PPaGS5jRJguOucYJKIsC9apsj%2FJGr1tUC0VZMSoMmbJ%2Fxhunm%2FyZz5CQI6FLuFRx7kWOrlavyi4UoOHaxZWVr9NRdnm6cJ106NjNTFzTi9XLghlU0p%2BSSrxZh74kiVx0Kqy2BikokmkbUZMS0A4QwWysJgf4UTo6cJaOEDU4K%2Fbf1hZpJjkPQkxERd89S6yRvUV8jQZcsGVBufzLyh%2BirOuIr0bT4ZDnwBZEsM7Qmesz%2B6iVecflJers3xLHPLizSpfCS%2FmgyiF9dYMj1%2Fz0kq7VJ4GoGMgisfd1uzMLsCnnLz32dy4FVbDBFNcvf0N4%2FBW4JhrcXNI7RAMIwxypYmXIIH95T11NUF9p5%2FpK46gAcAENCrKks7kzmuyR7CSEkgffZ6xdaMyjGaHPdP&redirectType=js&inIframe=false&inPopUp=false

Response headers

date
Fri, 29 Oct 2021 04:39:19 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
ALLOWALL
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Authorization
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H550v5MaBha4cQkHvkeORZZxOizMRMLdZjZ1%2Bd31MKqm5I23%2BOA1RISpCQ2yTLmXCCUStm8JphtAP0EdRX%2FuvOBxrSqtTdAjba4EpX%2Fe3wWU2%2FHYTvCRvg08ccrfqOMctVisFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a59b82c89e340cf-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Fri, 29 Oct 2021 04:39:19 GMT
content-length
0
cache-control
no-store, no-cache, pre-check=0, post-check=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=rwGkuaYwJGnhKz6jDjkDCXiO1MhfbqKIsOM-aJhwHx9C2kzSewvrQ5ENN10VmmdTdQ_A-Dv2dcB8wbaOR6x5NLedXfB4tw8EBvj8bJEFyjsyDoDUPGtRoSj90otNOSAh5QHgV2WH-4SvBebJc2GWTJhGDQK0BGN-xARCUGZ3UJYClXJa8fiX0cjw0wG5gmJEAy4ZO-qVGT5nd9kdWU8KMR97l7nKbtk2BG4-7LlGf1JkvXwr7BdlELtZ594OHhxEy_yCFDOkLlVLSXP2iQHly3Cjtt_miC7-ogaG1bZwypVhWdFaXahWy1h3THOaUwDNdUEg6wgRvCVYvCR9kufXxwIE3gv3RVc19R7hy7YWbmzxpCieRP_izERsU0FhkqIdLSzXijl7SMH7a0eG2unaWCjYJ-QvLpY34yxudWwKW5z2UfUyvUeU5Wymr47QVWR4pdnGxRwF4QaBPGJEJLCF4kRiEY6geB4rTTX-ELTWVixeTGxcJ8T3R3TiT_wUWwQaikqLNwbJV1_pimymB1ctni3U5_6js3KsBeq6oWm0B9o&lptoken=168335e4487141c9598b&keyword=axelatos.com&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440254012&bid=0.0009&clickid=87430463134
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZVwcocwzXVoYhC0t457JPB8CVf3BAJzQI1d0%2FVDL9999jADkliHYMRmnbB4WAoHAEo3NryTZqY0Ui8SLw1EzCn7WYwU741xfFpnl2dTcWZ3izSPCiIi5fLVsRnuwrTVnKsjWJx5EWKPhMNI"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a59b82bdc30cdc7-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ChromeWebStore_Badge_v2_206x58.png
lp9s.stop-ads.xyz/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp9s.stop-ads.xyz/ChromeWebStore_Badge_v2_206x58.png
Requested by
Host: lp9s.stop-ads.xyz
URL: https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=rwGkuaYwJGnhKz6jDjkDCXiO1MhfbqKIsOM-aJhwHx9C2kzSewvrQ5ENN10VmmdTdQ_A-Dv2dcB8wbaOR6x5NLedXfB4tw8EBvj8bJEFyjsyDoDUPGtRoSj90otNOSAh5QHgV2WH-4SvBebJc2GWTJhGDQK0BGN-xARCUGZ3UJYClXJa8fiX0cjw0wG5gmJEAy4ZO-qVGT5nd9kdWU8KMR97l7nKbtk2BG4-7LlGf1JkvXwr7BdlELtZ594OHhxEy_yCFDOkLlVLSXP2iQHly3Cjtt_miC7-ogaG1bZwypVhWdFaXahWy1h3THOaUwDNdUEg6wgRvCVYvCR9kufXxwIE3gv3RVc19R7hy7YWbmzxpCieRP_izERsU0FhkqIdLSzXijl7SMH7a0eG2unaWCjYJ-QvLpY34yxudWwKW5z2UfUyvUeU5Wymr47QVWR4pdnGxRwF4QaBPGJEJLCF4kRiEY6geB4rTTX-ELTWVixeTGxcJ8T3R3TiT_wUWwQaikqLNwbJV1_pimymB1ctni3U5_6js3KsBeq6oWm0B9o&lptoken=168335e4487141c9598b&keyword=axelatos.com&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440254012&bid=0.0009&clickid=87430463134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.17.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 04:39:19 GMT
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
vary
Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 13:27:30 GMT
server
cloudflare
etag
W/"61701942-d6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOWALL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FD%2B6m4YG%2FvC8AMtqALPrsIfqkD6uUikkIqmPoZULxPOSX5Ls7m9ZRd5CQvT%2BXd5oSxoDPVSSCv%2FiNhYp6o59cmycW1CsGhiTTDSTdFAeVjBEAl2GKnogFclF3KkqtkYFWbfTuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6a59b82d7ace40cf-CDG
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Authorization
preland.js
tracking.prtrackings.com/ 		1 KB
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.prtrackings.com/preland.js
Requested by
Host: lp9s.stop-ads.xyz
URL: https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=rwGkuaYwJGnhKz6jDjkDCXiO1MhfbqKIsOM-aJhwHx9C2kzSewvrQ5ENN10VmmdTdQ_A-Dv2dcB8wbaOR6x5NLedXfB4tw8EBvj8bJEFyjsyDoDUPGtRoSj90otNOSAh5QHgV2WH-4SvBebJc2GWTJhGDQK0BGN-xARCUGZ3UJYClXJa8fiX0cjw0wG5gmJEAy4ZO-qVGT5nd9kdWU8KMR97l7nKbtk2BG4-7LlGf1JkvXwr7BdlELtZ594OHhxEy_yCFDOkLlVLSXP2iQHly3Cjtt_miC7-ogaG1bZwypVhWdFaXahWy1h3THOaUwDNdUEg6wgRvCVYvCR9kufXxwIE3gv3RVc19R7hy7YWbmzxpCieRP_izERsU0FhkqIdLSzXijl7SMH7a0eG2unaWCjYJ-QvLpY34yxudWwKW5z2UfUyvUeU5Wymr47QVWR4pdnGxRwF4QaBPGJEJLCF4kRiEY6geB4rTTX-ELTWVixeTGxcJ8T3R3TiT_wUWwQaikqLNwbJV1_pimymB1ctni3U5_6js3KsBeq6oWm0B9o&lptoken=168335e4487141c9598b&keyword=axelatos.com&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440254012&bid=0.0009&clickid=87430463134
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.132.155 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
2e898095bacd02d29dacf21f6ecb896a313a8cbc002ce7e87d491699cc404c58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 04:39:19 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
email-decode.min.js
lp9s.stop-ads.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp9s.stop-ads.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: lp9s.stop-ads.xyz
URL: https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=rwGkuaYwJGnhKz6jDjkDCXiO1MhfbqKIsOM-aJhwHx9C2kzSewvrQ5ENN10VmmdTdQ_A-Dv2dcB8wbaOR6x5NLedXfB4tw8EBvj8bJEFyjsyDoDUPGtRoSj90otNOSAh5QHgV2WH-4SvBebJc2GWTJhGDQK0BGN-xARCUGZ3UJYClXJa8fiX0cjw0wG5gmJEAy4ZO-qVGT5nd9kdWU8KMR97l7nKbtk2BG4-7LlGf1JkvXwr7BdlELtZ594OHhxEy_yCFDOkLlVLSXP2iQHly3Cjtt_miC7-ogaG1bZwypVhWdFaXahWy1h3THOaUwDNdUEg6wgRvCVYvCR9kufXxwIE3gv3RVc19R7hy7YWbmzxpCieRP_izERsU0FhkqIdLSzXijl7SMH7a0eG2unaWCjYJ-QvLpY34yxudWwKW5z2UfUyvUeU5Wymr47QVWR4pdnGxRwF4QaBPGJEJLCF4kRiEY6geB4rTTX-ELTWVixeTGxcJ8T3R3TiT_wUWwQaikqLNwbJV1_pimymB1ctni3U5_6js3KsBeq6oWm0B9o&lptoken=168335e4487141c9598b&keyword=axelatos.com&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440254012&bid=0.0009&clickid=87430463134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.17.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 04:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:26:29 GMT
server
cloudflare
etag
W/"616eb975-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEJkXCLKTNMJ5ZGqnGbaPLTUnQP5D70xD2%2F13wEfNpWX0TfxNSg%2FBA%2F5EjWfZbodBXAlomTlHSJIeA8K5UA%2FnfvHVXgwPkhkua6RPs3c1e6oLkFhHqs6YkQGuavlMzAyGGiVdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a59b82d7acf40cf-CDG
vary
Accept-Encoding
expires
Sun, 31 Oct 2021 04:39:19 GMT
movies1.jpg
lp9s.stop-ads.xyz/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp9s.stop-ads.xyz/movies1.jpg
Requested by
Host: lp9s.stop-ads.xyz
URL: https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=rwGkuaYwJGnhKz6jDjkDCXiO1MhfbqKIsOM-aJhwHx9C2kzSewvrQ5ENN10VmmdTdQ_A-Dv2dcB8wbaOR6x5NLedXfB4tw8EBvj8bJEFyjsyDoDUPGtRoSj90otNOSAh5QHgV2WH-4SvBebJc2GWTJhGDQK0BGN-xARCUGZ3UJYClXJa8fiX0cjw0wG5gmJEAy4ZO-qVGT5nd9kdWU8KMR97l7nKbtk2BG4-7LlGf1JkvXwr7BdlELtZ594OHhxEy_yCFDOkLlVLSXP2iQHly3Cjtt_miC7-ogaG1bZwypVhWdFaXahWy1h3THOaUwDNdUEg6wgRvCVYvCR9kufXxwIE3gv3RVc19R7hy7YWbmzxpCieRP_izERsU0FhkqIdLSzXijl7SMH7a0eG2unaWCjYJ-QvLpY34yxudWwKW5z2UfUyvUeU5Wymr47QVWR4pdnGxRwF4QaBPGJEJLCF4kRiEY6geB4rTTX-ELTWVixeTGxcJ8T3R3TiT_wUWwQaikqLNwbJV1_pimymB1ctni3U5_6js3KsBeq6oWm0B9o&lptoken=168335e4487141c9598b&keyword=axelatos.com&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440254012&bid=0.0009&clickid=87430463134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.17.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8111cdce17bec2d21f42ea5027bea1948eb0b75bfb8fe7e037054386e0b0d19
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp9s.stop-ads.xyz/?&utm_campaign=00641_test-best&utm_pub=&cep=rwGkuaYwJGnhKz6jDjkDCXiO1MhfbqKIsOM-aJhwHx9C2kzSewvrQ5ENN10VmmdTdQ_A-Dv2dcB8wbaOR6x5NLedXfB4tw8EBvj8bJEFyjsyDoDUPGtRoSj90otNOSAh5QHgV2WH-4SvBebJc2GWTJhGDQK0BGN-xARCUGZ3UJYClXJa8fiX0cjw0wG5gmJEAy4ZO-qVGT5nd9kdWU8KMR97l7nKbtk2BG4-7LlGf1JkvXwr7BdlELtZ594OHhxEy_yCFDOkLlVLSXP2iQHly3Cjtt_miC7-ogaG1bZwypVhWdFaXahWy1h3THOaUwDNdUEg6wgRvCVYvCR9kufXxwIE3gv3RVc19R7hy7YWbmzxpCieRP_izERsU0FhkqIdLSzXijl7SMH7a0eG2unaWCjYJ-QvLpY34yxudWwKW5z2UfUyvUeU5Wymr47QVWR4pdnGxRwF4QaBPGJEJLCF4kRiEY6geB4rTTX-ELTWVixeTGxcJ8T3R3TiT_wUWwQaikqLNwbJV1_pimymB1ctni3U5_6js3KsBeq6oWm0B9o&lptoken=168335e4487141c9598b&keyword=axelatos.com&geo=DE&campaignname=00641&device=Desktop&os=Windows+10&browser=Chrome+95&carrier=UNKNOWN&source=440254012&bid=0.0009&clickid=87430463134
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 04:39:19 GMT
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53291
last-modified
Wed, 20 Oct 2021 13:27:30 GMT
server
cloudflare
x-frame-options
ALLOWALL
etag
"61701942-d02b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUnkEJxFyuvkTV%2FR4F4yKRhxG%2F1M0Ea6OdMUPVBmBHN0LVGQ%2BmcktdZFN3QQMHBPLP4IK8PHOud%2FCUs5ypH3v8vnJ1ENVZsEq5TurhY664LWzQpVnJ%2BSHMkrzUD9QH9AyJZHCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a59b82d7ad040cf-CDG
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Authorization
truncated
/ 		173 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e32d99e816a42958b9473f470a2600963602981007576d85220044e6137965b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| d string| to function| base64_decode function| getParameterByName

4 Cookies

Domain/Path Name / Value
.mybetterdl.com/ Name: rhid
Value: 79987781568
.mybetterdl.com/ Name: loi
Value: ad_1126339_off_570906_aff_8203_cid_237996-AXELATOS.COM_ts_1635482359
.track.sparta-tracking.xyz/ Name: 57730d73-c197-46d0-ba68-56cb980d2001-v4
Value: efAu8E3_9gcQQ4fawmG8XV1P4CRMEce3fqIv3AVm9Ro
.track.sparta-tracking.xyz/ Name: cep-v4
Value: dRaGOdbYjBgcupivM6JNxPAMT-jpIvx7tUFCi71qEsMa03GxNVX1r_q3Nfz9IWJ2atd01O5lfUp9lw00H3dd7SRjaQ7eJB3bsijSpje88VGly37rjtKhVvifMNU4aegpJyF_UEkdwqOW_p0QCLqNdOnvWCvbM2lsCs0E3AVsGsrwo3cnziU-hFmG9SSDLb4UpSEIgfwBIJsk4NaLmJVVkBVGaw89qJCJbIfo4MIm4bEkyLcC9P2SXkeJ3dI-N2lnVcVhnjjCDSGiOylB_4cViidqpMI-iDKoeIwxe_YYL1wxgvla_HiiLANv6HIQ-JjmJcN4Orv1sYr1ydmbAjEvMTUfRQ38-W40gxuLB4q6HeGHOViHKC4XG7ppvnip1TQExZzy-pFihqh6BxELMZsIAMzOoTe4PAMPJcg4krSmnK4m_DbGxTTEoFyoekBX_DmRwvtfBcJ0egsxhFSpJ3cc4ho8ZoCcKHipXUDeM5zfak2joUrcUltHOs_6YwWJVaZnDRW7ywnkpG495tbtPDWMlE5KVUduF6jEiqMh_iuJSeU