urlscan.io logo urlscan.io
SecurityTrails logo

lp1s.stop-ads.xyz Open in urlscan Pro
2606:4700:3033::6815:11b6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://magmacapitalfinance.co//wp-content/cap/c1bun/index.html
Effective URL: https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=8F5viIJImmJAg80oL6L8IKk8ilCSC4uyQbMfu2XdrQuOy99DjhQqmPqf9h_bM...
Submission: On December 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3033::6815:11b6, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp1s.stop-ads.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 4th 2021. Valid for: a year.
This is the only time lp1s.stop-ads.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 81.17.29.150 51852 (PLI-AS)
2 2 173.192.101.30 36351 (SOFTLAYER)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 5
2    81.17.29.150 (Zurich, Switzerland)

ASN51852 (PLI-AS, PA)
magmacapitalfinance.co
2    173.192.101.30 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 1e.65.c0ad.ip4.static.sl-reverse.com
mybestdl.com
p185689.mybestdl.com
2    2606:4700:3030::ac43:cd01 (United States)

ASN13335 (CLOUDFLARENET, US)
track.sparta-tracking.xyz
2    2606:4700:3033::6815:11b6 (United States)

ASN13335 (CLOUDFLARENET, US)
lp1s.stop-ads.xyz
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
2 fonts.gstatic.com fonts.googleapis.com
2 lp1s.stop-ads.xyz magmacapitalfinance.co
lp1s.stop-ads.xyz
2 track.sparta-tracking.xyz 2 redirects
2 magmacapitalfinance.co 1 redirects
1 fonts.googleapis.com lp1s.stop-ads.xyz
1 p185689.mybestdl.com 1 redirects
1 mybestdl.com 1 redirects
6 7

This site contains no links.

Subject Issuer Validity Valid
magmacapitalfinance.co
R3		 2021-11-10 -
2022-02-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-04 -
2022-12-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=8F5viIJImmJAg80oL6L8IKk8ilCSC4uyQbMfu2XdrQuOy99DjhQqmPqf9h_bMBRNnsAgk2PMw_mlZbWVMNRZ8R18ZvvLq0rW6Kh8VeRjyW6mv3HBRUQJoUuqotTLJZnxoxsKiF7z9-0N0on-IzOtCK2cRUfdNaKWK-ROWiL_7_n2ze32ejEGEz3Spn0KiSrl6u6cTZx2fvpvg66jeihFvCd0hOGS9KVuLoTih9LiMgU0I_77GQG7Zh6ghiKuaif1BBSc0u0yzWEtH8zzAifHeEOa-3xwRt2zyJZKQu4YzGLDXI6kXyvpOOHAdPvxpfNek95VZZ29DJTCXeLtLduIG1maLhBjw8yAnguSR9EN_AcsDcRbswZRs9M017mmFIhehHj3ctI_BhC9mItuparu3NjP1-wVF7-to7G6L6JsuQYOsREQSrxR77NqRckvN4jUaY36z00Hz-ZjjO_7uo9pdL6fhZQrgjl1RPXCzUXw_9zSVUS7Tp0l4eBNElWRc4wUs9WrSUhXIA0lj3yEsf2cFw&lptoken=16c7401c08a402d87239&keyword=magmacapitalfinance&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440873958&bid=0.006334&clickid=87806754383
Frame ID: 8676F8569B96F53A388476A25A02DC3A
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AdBlocker and Privacy Protector

Page URL History Show full URLs

  1. https://magmacapitalfinance.co//wp-content/cap/c1bun/index.html Page URL
  2. https://magmacapitalfinance.co//wp-content/cap/c1bun/index.html?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ... HTTP 302
    https://mybestdl.com/aS/feedclick?s=mC6s-PqgY7_B6lTI98VBNI8uDhK_8R6jneFSxp7pVcZkyVA1ztLLGjCXEHRI2... HTTP 302
    https://p185689.mybestdl.com/adServe/domainClick?ai=IMh5EoW_2OqsOIqecBMktWRb_WGnVCjWeXNFZpL31T5MhwGkCFJSu... HTTP 302
    http://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=magmacapitalfinance&geo=DE&camp... HTTP 301
    https://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=magmacapitalfinance&geo=DE&camp... HTTP 302
    https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=8F5viIJImmJAg80oL6L8IKk8ilCSC4uyQbMfu2Xdr... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

6
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

5
IPs

3
Countries

49 kB
Transfer

88 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://magmacapitalfinance.co//wp-content/cap/c1bun/index.html Page URL
  2. https://magmacapitalfinance.co//wp-content/cap/c1bun/index.html?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MDA4NTY3MSwiaWF0IjoxNjQwMDc4NDcxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycjFibGJoazV1Z29nY2c5NXMxbGRqNjkiLCJuYmYiOjE2NDAwNzg0NzEsInRzIjoxNjQwMDc4NDcxNjc4ODQ4fQ.tANwl0YZmaWF5n3GAe2VhSLak_6AFG-qRlEAn1LdgY0&sid=56949ac2-623f-11ec-9fac-9e9c22e9f37e HTTP 302
    https://mybestdl.com/aS/feedclick?s=mC6s-PqgY7_B6lTI98VBNI8uDhK_8R6jneFSxp7pVcZkyVA1ztLLGjCXEHRI2O64nIFjje5HrPodK7X5QIc3n0hfs9IVa7UGgGUtnOtrdEShwgPSYDeeRknv65QJjHchqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU0X7EuFVoOqCIEOgk21zXlwmTLlT3KV6HQHXoX26MzK6WJKjK97AV3ebvxxc9T_9DXAD_uk7oLW1R2iItHgxYAk7PXDXWxnqPpaSgp_ZRCqJNXDl6RQJP6fDmDkTaV2vOhwovozhMM0qYRLBHmM0ZETP7UWOyRSKHe3cLa--OszyMmlqH_m5JC1KRI1fOucOnHeQwuNwtESk5M8hxUKMtQFtouKiKfIXSvsVvckBxCev24_t4qOogOncm0ZyR9lIp5G4k2PzC2VK0bKO49Cb6VySreJiNENs8dsHf5mVJQgpv0het_93mOg8Kf-Va2i7yNU8LS2Uitu3kU3syicAerkrtXaPRpn3eot90OQq9PwAiHDNnXRfKdaM_l_yhQgr3ko39UL7Z_vPKqZCq_Bg2fEQTpcdtcZm8p8LLJz2iBH3DW_bDqZ18jhKKOn9h-AQ2v07ziiAogrghvbyTUkVEmldXGR1-k5g9uUdbvWm4G4B8G9VGpQrwyXsBZQXglWfpkF0rxoCDLPrpWTUxsn0N9yhU5WXE_plgHCHwsoOyZK1in9B-KTlltosmn2gJ4_htM4-ktB7hM4sJiib8EpR8ma4MhdvCLVXQE5o3j81cfmhm5dtO3mEKrNfjKFRcIraggKR3KqTTlWZdaN-OzukysDtuhmX14CRxUjMmBau8pemRFCUvBJspYBjY1VxcsMKnhhOCGUhlB6DaLv3st0fFCrEAl3EE7NtIcQQTQDx3SgWJH_lu5Ij5pxDysoQUagT0cAH9DH_tmQ4rDeYBhG_iCcXDOYlHkQA7BoXU_X5u2tb4T9oHSc1Ex6_ttGXG1TlJeu2Dli66C-XucADfX2tBPlR3prQOfp40kLZ-dJens2n_Ed_i3-YtjcdbI4fMxfw7NrY2hmcV5sKte7tCCeNk_EoJ4APUi-E1o_yxSmkH3QiFe8xg5F04Ren8Uc18SEqighuvhJwj6443fqfX5UL4K4qJ8fAe9ZegjFvy2RKG2XybIEmZbsRwc9O6YB5OljvHjaaqL0RwPAOYUKOEDmShzPh1_MuuhOjCA4xaYzvjfiurbxDi-tQxV6Lm-55jYmo_eGFGCXXWTRhBR5kHBtJAU6xEZg9ghHqhBdFXD_PDnund-wmTJc3zDlbNlukG5dfv2c_Y1qFfmxuxv3EIRygv1MATGKHvlXRm9enurger-LZVyux2TCpM_Pjr-9i_mycuwFBO1vVWn-LMZCca_rUtp2oLwH0Ddi5PnVun9CKM82C-8Z1P_iW6WyLoXuKK6g4U05jDCok9YMrGRb_WGnVCjWeXNFZpL31T5qEtMolnhJOxY_aFQBOgtliBGVRSJ5k7Zm3B5WSbUq0wrvm_W0HxLZe3LVZPXIhzEWBGu3Yx722OQzDI-NeT4zv3UTuK699z0mDW_olsHQNA HTTP 302
    https://p185689.mybestdl.com/adServe/domainClick?ai=IMh5EoW_2OqsOIqecBMktWRb_WGnVCjWeXNFZpL31T5MhwGkCFJSuPEd_i3-YtjcdbI4fMxfw7NrY2hmcV5sKte7tCCeNk_EE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeqfWY_uSxD5o-8Z1P_iW6WypfkIvZ64al6hYfAga1DRRaMhDqf7kErm1bp_QijPNgvvGdT_4lulstKNjPuIAbixKXWPnv4k55pbCCDxsj-0Go_FDewBzIq9Lyci_l23c_DVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2njJa5FlVtL54xbRh5WhN0Axej_wmAiUbeoWBGu3Yx722OQzDI-NeT4zGCQUid8JvLt7ctVk9ciHMZTSspL4AEbnZZJCxAdeOqU&ui=mC6s-PqgY7_B6lTI98VBNPbWwvziNp_1xLgNeF8Zj-jaszElIRgu6SVwrcKT82aeG_cQhHKC_UwBMYoe-VdGb16e6uB6v4tlXK7HZMKkz8_NMcl1HQed1g&si=1&oref=29808139472fee5b6ae16c1771fdf463&optunit=zeOlHI7IhmGvYo9_JcV_M34CVQaNrvT5&rb=dAElRmWztfo&rr=1&abtg=0 HTTP 302
    http://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=magmacapitalfinance&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440873958&bid=0.006334&clickid=87806754383 HTTP 301
    https://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=magmacapitalfinance&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440873958&bid=0.006334&clickid=87806754383 HTTP 302
    https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=8F5viIJImmJAg80oL6L8IKk8ilCSC4uyQbMfu2XdrQuOy99DjhQqmPqf9h_bMBRNnsAgk2PMw_mlZbWVMNRZ8R18ZvvLq0rW6Kh8VeRjyW6mv3HBRUQJoUuqotTLJZnxoxsKiF7z9-0N0on-IzOtCK2cRUfdNaKWK-ROWiL_7_n2ze32ejEGEz3Spn0KiSrl6u6cTZx2fvpvg66jeihFvCd0hOGS9KVuLoTih9LiMgU0I_77GQG7Zh6ghiKuaif1BBSc0u0yzWEtH8zzAifHeEOa-3xwRt2zyJZKQu4YzGLDXI6kXyvpOOHAdPvxpfNek95VZZ29DJTCXeLtLduIG1maLhBjw8yAnguSR9EN_AcsDcRbswZRs9M017mmFIhehHj3ctI_BhC9mItuparu3NjP1-wVF7-to7G6L6JsuQYOsREQSrxR77NqRckvN4jUaY36z00Hz-ZjjO_7uo9pdL6fhZQrgjl1RPXCzUXw_9zSVUS7Tp0l4eBNElWRc4wUs9WrSUhXIA0lj3yEsf2cFw&lptoken=16c7401c08a402d87239&keyword=magmacapitalfinance&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440873958&bid=0.006334&clickid=87806754383 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.html
magmacapitalfinance.co//wp-content/cap/c1bun/ 		511 B
729 B 		Document
General
Check archive.org
Download Go to
Full URL
https://magmacapitalfinance.co//wp-content/cap/c1bun/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.17.29.150 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
Cowboy /
Resource Hash
8040ba3f5d651049883e34c10807a20c9c8593925fba6233794a4033f463ceed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-length
511
content-type
text/html; charset=utf-8
date
Tue, 21 Dec 2021 09:21:11 GMT
server
Cowboy
Primary Request /
lp1s.stop-ads.xyz/
Redirect Chain
  • https://magmacapitalfinance.co//wp-content/cap/c1bun/index.html?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MDA4NTY3MSwiaWF0IjoxNjQwMDc4NDcxLCJpc3MiOiJKb2tlbiIsImpzIjoxL...
  • https://mybestdl.com/aS/feedclick?s=mC6s-PqgY7_B6lTI98VBNI8uDhK_8R6jneFSxp7pVcZkyVA1ztLLGjCXEHRI2O64nIFjje5HrPodK7X5QIc3n0hfs9IVa7UGgGUtnOtrdEShwgPSYDeeRknv65QJjHchqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjO...
  • https://p185689.mybestdl.com/adServe/domainClick?ai=IMh5EoW_2OqsOIqecBMktWRb_WGnVCjWeXNFZpL31T5MhwGkCFJSuPEd_i3-YtjcdbI4fMxfw7NrY2hmcV5sKte7tCCeNk_EE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeqfWY_uS...
  • http://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=magmacapitalfinance&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440...
  • https://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=magmacapitalfinance&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=44...
  • https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=8F5viIJImmJAg80oL6L8IKk8ilCSC4uyQbMfu2XdrQuOy99DjhQqmPqf9h_bMBRNnsAgk2PMw_mlZbWVMNRZ8R18ZvvLq0rW6Kh8VeRjyW6mv3HBRUQJoUuqotTLJZnxoxsKiF7z...
43 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=8F5viIJImmJAg80oL6L8IKk8ilCSC4uyQbMfu2XdrQuOy99DjhQqmPqf9h_bMBRNnsAgk2PMw_mlZbWVMNRZ8R18ZvvLq0rW6Kh8VeRjyW6mv3HBRUQJoUuqotTLJZnxoxsKiF7z9-0N0on-IzOtCK2cRUfdNaKWK-ROWiL_7_n2ze32ejEGEz3Spn0KiSrl6u6cTZx2fvpvg66jeihFvCd0hOGS9KVuLoTih9LiMgU0I_77GQG7Zh6ghiKuaif1BBSc0u0yzWEtH8zzAifHeEOa-3xwRt2zyJZKQu4YzGLDXI6kXyvpOOHAdPvxpfNek95VZZ29DJTCXeLtLduIG1maLhBjw8yAnguSR9EN_AcsDcRbswZRs9M017mmFIhehHj3ctI_BhC9mItuparu3NjP1-wVF7-to7G6L6JsuQYOsREQSrxR77NqRckvN4jUaY36z00Hz-ZjjO_7uo9pdL6fhZQrgjl1RPXCzUXw_9zSVUS7Tp0l4eBNElWRc4wUs9WrSUhXIA0lj3yEsf2cFw&lptoken=16c7401c08a402d87239&keyword=magmacapitalfinance&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440873958&bid=0.006334&clickid=87806754383
Requested by
Host: magmacapitalfinance.co
URL: https://magmacapitalfinance.co//wp-content/cap/c1bun/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:11b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c11ecb3d12554dc60b3b42eeea93b397206004655bf18574c06f3b26f704c8e
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://magmacapitalfinance.co//wp-content/cap/c1bun/index.html

Response headers

date
Tue, 21 Dec 2021 09:21:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
ALLOWALL
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Authorization
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yvow%2BYjrcWDjxWyR4m6L0Kts1pWuS5sx7%2FnPrvoxMPuK%2FifXhW0Z4TsZ6%2Fas0cbimpyQ1944qMl7aV6CIhRPMnQKnKNgu00lcv%2BD3Q5znDy0Ai8L3OcgYel6OLO9z2ElzSJn9%2FtbyvdhBBaaqn0rmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c1009f83ed65a25-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 21 Dec 2021 09:21:12 GMT
content-length
0
location
https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=8F5viIJImmJAg80oL6L8IKk8ilCSC4uyQbMfu2XdrQuOy99DjhQqmPqf9h_bMBRNnsAgk2PMw_mlZbWVMNRZ8R18ZvvLq0rW6Kh8VeRjyW6mv3HBRUQJoUuqotTLJZnxoxsKiF7z9-0N0on-IzOtCK2cRUfdNaKWK-ROWiL_7_n2ze32ejEGEz3Spn0KiSrl6u6cTZx2fvpvg66jeihFvCd0hOGS9KVuLoTih9LiMgU0I_77GQG7Zh6ghiKuaif1BBSc0u0yzWEtH8zzAifHeEOa-3xwRt2zyJZKQu4YzGLDXI6kXyvpOOHAdPvxpfNek95VZZ29DJTCXeLtLduIG1maLhBjw8yAnguSR9EN_AcsDcRbswZRs9M017mmFIhehHj3ctI_BhC9mItuparu3NjP1-wVF7-to7G6L6JsuQYOsREQSrxR77NqRckvN4jUaY36z00Hz-ZjjO_7uo9pdL6fhZQrgjl1RPXCzUXw_9zSVUS7Tp0l4eBNElWRc4wUs9WrSUhXIA0lj3yEsf2cFw&lptoken=16c7401c08a402d87239&keyword=magmacapitalfinance&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440873958&bid=0.006334&clickid=87806754383
cache-control
no-store, no-cache, pre-check=0, post-check=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgOR%2Fy%2Fm%2B3QbPXYrVb4hK9CE%2FBOBXmcNalJawf5x6%2FD1%2BIqDWk1yQUfL9%2FrEwn6AZMCvWHjcM6fG0Xtdc2IzPuLNJqiWhyG3ZMUUZVEZQ1LxmnbBVcgcsh6jmM%2FuvpKPx1wHza8va8DkvNfzztvbacHJLCI6prEt"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c1009f76c037027-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: lp1s.stop-ads.xyz
URL: https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=8F5viIJImmJAg80oL6L8IKk8ilCSC4uyQbMfu2XdrQuOy99DjhQqmPqf9h_bMBRNnsAgk2PMw_mlZbWVMNRZ8R18ZvvLq0rW6Kh8VeRjyW6mv3HBRUQJoUuqotTLJZnxoxsKiF7z9-0N0on-IzOtCK2cRUfdNaKWK-ROWiL_7_n2ze32ejEGEz3Spn0KiSrl6u6cTZx2fvpvg66jeihFvCd0hOGS9KVuLoTih9LiMgU0I_77GQG7Zh6ghiKuaif1BBSc0u0yzWEtH8zzAifHeEOa-3xwRt2zyJZKQu4YzGLDXI6kXyvpOOHAdPvxpfNek95VZZ29DJTCXeLtLduIG1maLhBjw8yAnguSR9EN_AcsDcRbswZRs9M017mmFIhehHj3ctI_BhC9mItuparu3NjP1-wVF7-to7G6L6JsuQYOsREQSrxR77NqRckvN4jUaY36z00Hz-ZjjO_7uo9pdL6fhZQrgjl1RPXCzUXw_9zSVUS7Tp0l4eBNElWRc4wUs9WrSUhXIA0lj3yEsf2cFw&lptoken=16c7401c08a402d87239&keyword=magmacapitalfinance&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440873958&bid=0.006334&clickid=87806754383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp1s.stop-ads.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 08:21:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 21 Dec 2021 09:21:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Dec 2021 09:21:13 GMT
email-decode.min.js
lp1s.stop-ads.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp1s.stop-ads.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: lp1s.stop-ads.xyz
URL: https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=8F5viIJImmJAg80oL6L8IKk8ilCSC4uyQbMfu2XdrQuOy99DjhQqmPqf9h_bMBRNnsAgk2PMw_mlZbWVMNRZ8R18ZvvLq0rW6Kh8VeRjyW6mv3HBRUQJoUuqotTLJZnxoxsKiF7z9-0N0on-IzOtCK2cRUfdNaKWK-ROWiL_7_n2ze32ejEGEz3Spn0KiSrl6u6cTZx2fvpvg66jeihFvCd0hOGS9KVuLoTih9LiMgU0I_77GQG7Zh6ghiKuaif1BBSc0u0yzWEtH8zzAifHeEOa-3xwRt2zyJZKQu4YzGLDXI6kXyvpOOHAdPvxpfNek95VZZ29DJTCXeLtLduIG1maLhBjw8yAnguSR9EN_AcsDcRbswZRs9M017mmFIhehHj3ctI_BhC9mItuparu3NjP1-wVF7-to7G6L6JsuQYOsREQSrxR77NqRckvN4jUaY36z00Hz-ZjjO_7uo9pdL6fhZQrgjl1RPXCzUXw_9zSVUS7Tp0l4eBNElWRc4wUs9WrSUhXIA0lj3yEsf2cFw&lptoken=16c7401c08a402d87239&keyword=magmacapitalfinance&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440873958&bid=0.006334&clickid=87806754383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:11b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=8F5viIJImmJAg80oL6L8IKk8ilCSC4uyQbMfu2XdrQuOy99DjhQqmPqf9h_bMBRNnsAgk2PMw_mlZbWVMNRZ8R18ZvvLq0rW6Kh8VeRjyW6mv3HBRUQJoUuqotTLJZnxoxsKiF7z9-0N0on-IzOtCK2cRUfdNaKWK-ROWiL_7_n2ze32ejEGEz3Spn0KiSrl6u6cTZx2fvpvg66jeihFvCd0hOGS9KVuLoTih9LiMgU0I_77GQG7Zh6ghiKuaif1BBSc0u0yzWEtH8zzAifHeEOa-3xwRt2zyJZKQu4YzGLDXI6kXyvpOOHAdPvxpfNek95VZZ29DJTCXeLtLduIG1maLhBjw8yAnguSR9EN_AcsDcRbswZRs9M017mmFIhehHj3ctI_BhC9mItuparu3NjP1-wVF7-to7G6L6JsuQYOsREQSrxR77NqRckvN4jUaY36z00Hz-ZjjO_7uo9pdL6fhZQrgjl1RPXCzUXw_9zSVUS7Tp0l4eBNElWRc4wUs9WrSUhXIA0lj3yEsf2cFw&lptoken=16c7401c08a402d87239&keyword=magmacapitalfinance&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+96&carrier=UNKNOWN&source=440873958&bid=0.006334&clickid=87806754383
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 09:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Dec 2021 14:16:35 GMT
server
cloudflare
etag
W/"61bc9bc3-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyLeWNJbCePnmDza0VIZZNO7LOkfb2afJwMjgtQ4f7BZZS7cnI3x48v7M4e9gNNZN5jCXS9YXpVy2G%2F1Rr%2BesU0yOCFS9nxN4OHKpPCOdbToU8SzwSPDNU68qLubalkrHZczraaZYz5rVd%2BFIZ83Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c1009f908975a25-MXP
vary
Accept-Encoding
expires
Thu, 23 Dec 2021 09:21:13 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lp1s.stop-ads.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:33:18 GMT
x-content-type-options
nosniff
age
532075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Dec 2022 05:33:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lp1s.stop-ads.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 01:54:06 GMT
x-content-type-options
nosniff
age
545227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Dec 2022 01:54:06 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
.magmacapitalfinance.co/ Name: sid
Value: 56949ac2-623f-11ec-9fac-9e9c22e9f37e
.mybestdl.com/ Name: rhid
Value: 80350320066
.mybestdl.com/ Name: loi
Value: ad_1126337_off_570904_aff_8203_cid_185689-MAGMACAPITALFINANCE.CO_ts_1640078472
.track.sparta-tracking.xyz/ Name: 440e1753-b94c-4d29-bfdc-7aa21335939c-v4
Value: 4pDIJqt2fIh64RMpg7v4yXAgIAENm3JSK8Chq2EcfVU
.track.sparta-tracking.xyz/ Name: cep-v4
Value: Kn8ZV2u0LybGiK54EH3FtZEu3JhKGpj3fG9o2gLSFIOI48SNiy1k7HUWLojyRMlOyh0WVDyX33d6-zsKjeiBH1_SWIwCaZo7GPOfve3_lxasDiLUtsntjOCeyyQLYn4AHy3I3yHZ9G1S7C7lsp6wxXVjy9tQQlXjKNI25pDgnqeO8kzyyG1KFSkGv7jjekXtFBkAgFStvpgB9ApNJ2fpbsa2IzTHx5ecP8USd5P0gPqB8Q8vp8UROHsm4UveghpPYyz8Y2rP3jFQvjpF0PFSXj2PlQiNvwYlj8OarMcLCqgw8M4uEPQjFWIc240C5SMlhs0UoD86HsihEsVRg-OVX6ClXTPHs_68EcPQEjdNcVXGq5Xzld3_8vnYdtPMos6mW6y31U9BOoF8kkHS8ub4e-bwdYUl_anI9_VLhShSQdwdNa7eaTIdp_y_vLM6qxv6ajFG66PDF02oiNtMNaEPmY0j7ivmKFoqE-B9c3axe3-yhZru20wxUlZy6_5qGiFm2cXCjI2f0wH_ckMpKE8U0A