urlscan.io logo urlscan.io
SecurityTrails logo

lp1s.stop-ads.xyz Open in urlscan Pro
104.21.17.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shaboxes.com/
Effective URL: https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=DWgPiSInkor8MJ-TGYWSR4w8GOj_iBa-tJa5eeS3yQS6CmhDXvYjqLR9krKiP...
Submission Tags: tranco_l324
Submission: On October 28 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 6 domains to perform 7 HTTP transactions. The main IP is 104.21.17.182, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp1s.stop-ads.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 4th 2021. Valid for: a year.
This is the only time lp1s.stop-ads.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 69.16.230.42 32244 (LIQUIDWEB)
2 2 173.192.101.24 36351 (SOFTLAYER)
2 2 104.21.37.59 13335 (CLOUDFLAR...)
2 104.21.17.182 13335 (CLOUDFLAR...)
1 142.250.184.234 15169 (GOOGLE)
2 142.250.186.35 15169 (GOOGLE)
7 5
2    69.16.230.42 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
shaboxes.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p237996.mybetterdl.com
2    104.21.37.59 (United States)

ASN13335 (CLOUDFLARENET, US)
track.sparta-tracking.xyz
2    104.21.17.182 (United States)

ASN13335 (CLOUDFLARENET, US)
lp1s.stop-ads.xyz
1    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
2    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
2 fonts.gstatic.com fonts.googleapis.com
2 lp1s.stop-ads.xyz shaboxes.com
lp1s.stop-ads.xyz
2 track.sparta-tracking.xyz 2 redirects
2 shaboxes.com shaboxes.com
1 fonts.googleapis.com lp1s.stop-ads.xyz
1 p237996.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
7 7

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-04 -
2022-01-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=DWgPiSInkor8MJ-TGYWSR4w8GOj_iBa-tJa5eeS3yQS6CmhDXvYjqLR9krKiPSW-Va6eqwRhAmcvePIGfEf4VmKxQ7lY1GPazWckECTSoLxrau9nZ2x5A9P0TPuviKkIC9BQS3aw864ShEmAA1A_0GFTGFlM516BTgAC3bx4gtkDkLl6qgy9Xpx1iBUI1DTzgKsW6pR652xvL8ToHyc92qZAis35DL_-WTGU_ftAySF__SewBLKbwukmTpKU9XTG2Yl7AX3LgV_J2fPJ-f_4YTSYfo8i-vunQUdcZUpZiGy5btcvvX0I3f1F_iG5C-Zct-0ALFxnBlgw0c2gJvQJFxXOQgCVd4d8J4a5YVj69C0tURa3UiyFmIi47qvwHajlENYUZHgfWHdt_MHB0WutB9JG6CdIDUmVff-YTdAz4d7mu5waM0UnLryejtVkUeDypQUsvGYnrmuS8nYWXs42HD3c_X5hTHl26iqZkm0XjyvmBW8i-Tv87BayFi43fsy7dNSGZtbmpGFF1eCYO5yHFEXxc80mOdWk1Qrq2vvlSn4&lptoken=16093516408e732c7339&keyword=shaboxes.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=440102225&bid=0.006334&clickid=87423086165
Frame ID: 53A60905EE2782519845C34363B1EFA4
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AdBlocker and Privacy Protector

Page URL History Show full URLs

  1. http://shaboxes.com/ Page URL
  2. http://shaboxes.com/page/bouncy.php?&bpae=GbhGszHnwiZx9Zvhqa5rT8MsP0c7RM4zIFolrn376n3bk%2FDmLjjO... Page URL
  3. https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6RB_AzGGnYx2uZxkvSyjFzbqNiqkZvx6Z-t3Q5wgRfquVLRsl-Kd... HTTP 302
    https://p237996.mybetterdl.com/adServe/domainClick?ai=IMh5EoW_2OqsOIqecBMktQApymDiQWF0JfFPiEID_KYEErEUEwoaP... HTTP 302
    http://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=shaboxes.com&geo=DE&campaignnam... HTTP 301
    https://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=shaboxes.com&geo=DE&campaignnam... HTTP 302
    https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=DWgPiSInkor8MJ-TGYWSR4w8GOj_iBa-tJa5eeS3y... Page URL

Page Statistics

7
Requests

71 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

5
IPs

1
Countries

61 kB
Transfer

99 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shaboxes.com/ Page URL
  2. http://shaboxes.com/page/bouncy.php?&bpae=GbhGszHnwiZx9Zvhqa5rT8MsP0c7RM4zIFolrn376n3bk%2FDmLjjOMS6beFxLkEqlvc7ueKaT5TSeEl6UKwFLX0GfLG76yAoqrNVIedRddOogWNRzoHUryeF285lAbeQvUrllto2DTXt%2BPXZcn671pDcWlB99kxwru4mVoKFabaIS1JL8kDe91HyZHnqCfXRQFcKiaHPY%2FWN%2Ftsa0uZl0hdMO3kVKN9RQLidF5WmlH%2F7GbuX6Rc5VLPGyY6iO7yFMiaCSvgYPqeEhHfE8Xg439df%2FLDNoxC0wqiDMYi6XbiWg73yn3axHnMpk%2FFDxdM7g0PU9Pm0jZXGdyMxY%2BPJQKSJO4UPkr7zisiE%2Fd5%2BF9SYLC5emKCK4zty%2B5jIJNfTg9UzrKBSjui%2B3%2BKsKwn0WvB6kwl%2FVe5VQlkFb8z%2BQ%2BppEB85j7hlNofEqUXycNxDEfAASU930MMckuK6i2ILkUPwn52jMIuK4gaoBK51sPaMd6XSRHEwCNY78mhyYodxqZTq4DyyvYqpQOkl%2BPGufj%2BWgYtV311wPMTcCzHea4BHGbqFTryEH8dGT%2B%2BeNcMn3QlOBkimauNbWE48pJ4bPhZRrydAEu2qttGEi4oLMvf2LVT8PAXg4TxqIy1v1iEiRzI%2Ffml%2B0tH0%2F74YSqtjTFkTH5m6M8VVqNJPNP9KVxIc3XYNKzUwHRj3c56%2BxN4FckYfEwqvhMIq5sHKGqnoJntYt1mvZFwEzuWVvXiBMVUXoRpTvKHYvfJAAY911vek2%2BhC%2B1rC9BHRcWwgeXMrdQawMIFk60ivPB1mJyjdcXKLTvSjVLqFlVXb1BVBnRqMNYbIATuiiPRe8ENLtOSe%2BoHojgSrtEkVZW29rAOFZLRzPDNBXIV0ATWOCrlwPdG4Q5qEWmjvDDdUgnfvcRh2nYxUoeDHCYJAkNmGM1ew9Q17KgnFxYz7%2FDt%2FHE49yPg1rS33UwGaXh0bGYXdyOYY7oooNad4PJ0vlYd9E65%2Fme%2BrBzvh7ZZfZK5cpL4rfIeXEofFBVzQgqS0PotjuFZkZBLJYiaCxoLo2xsom7bt1O4Cwy2clMePfF2wgY87ryk%2FjU6fRlTDouSlV%2FKzabmlO0r47uaeh14XolxMdl%2Fnn%2Faa3xyTa2Fecxnx4aj9StCfPGmHZQACD6yt66xBnS8WQSo9mUklhwzVDKCfq1%2F6BxK1HCemvl7cuLLVhnQ%2BrW9LEnk2Gabcf0MszNhp0yF3saWFA2Ohnyca%2FAC04JHzEWShDKVlRTWvtBlX9f3AHoWksB9fwuxZfJTgWf0PtVUd8t9ezix6k58aiCovhd%2FvyFkcxcX2bku16G%2FXQUA6tsGQ625fXgWJFQC1QRU6Ei4guN87OEx4CAP7szU3qDPa7LvC%2BnoOFDYN%2BX6ZrqGjtSjRy3E02XWlj%2B8yKJT7wtNfaJRyUi6sje6gRcDmCQgKP1Q3E1AEWrjJgVLj20N0kXccyRFP4RtQNGhNNf7EqOOr6neXmKdZNjtPf3IT6MwESTwjgDJOZiUjz%2FfRhU3P9sG15y8hjteSWjrwp1tBTpAIbLlDFHEyRPRIbmlqetnTJzUIXhBtkJCAS4U6Rd4KX7dvB55WqS6umDjer%2FaQ7%2F7me38VSIYq%2FZe0fne7VbNDssMOfr4krWN%2BjRPNY1ReU47u%2BOuc0U%2FidhmBtHgev%2BKEjSuGhWLyP4FzfvC%2BuMvAxVV07lQAzooxCi8Q05CXs%2BH5k7Q9EYrjGKLA7ShGIIB0hMim77cepQ4aW%2FZn5N1CdSCy4HVzkF4bF7oRgGW%2Ff9r%2BCJElyC%2BmcIwn0iYZjwSI1ixDKUYsIYnqeSRCCTGfjZZXPwI5Cr9jNpbcBIVPM9PubV753C%2FYMkQBiuiWIl%2FmSozXSefXzmrE1MxPQamreI2YKiLhkHBhtUJzjbbGYH1NhhXZSl6Qvd44ELS%2FxpWlKQpkqDqaiQM%2B%2BW6QEl2Ovm4Pe2yBAGvnb&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6RB_AzGGnYx2uZxkvSyjFzbqNiqkZvx6Z-t3Q5wgRfquVLRsl-Kd-UEY_iD5bFykKi_84eTTfdYjpFGL3HNM2iZpLSZmparWHXlxh5tJot7LxmPiRLDedU-EaetGzMqHz6mGf_HQGXBODC3pBZX1rE6XwY0YatoKShSsF6rU8upGOAdLLKq_XdPa-J4Av5I33jo09qf8lstCdnEERUPSNEL_Tf9CiXu3OIhg7k8VmsKYMIdreaLCiCzHJZoZdwe7Lj34WSITejotyuu22l-T0iQpxYmYe9XCLNwfuQgxWlcdsjlgcqRMyuo767i50AairgiPsgiY-JD5GVwHEy_taJ5np5-i0CkD0rAPHaL4pBWdT5ATCzh8sbe0OmZP7VXhJvIY4j3JGapcN4yvDFd_bbA08-eDDubaVgToVbxb7yZWI_xMZUaWHrsC6yK22HOirBdv35YbLWNMwa728yqvbMHLJ8fps4MILzShrLg6JdZh0p7WKmdtlJmqXoVoVgmf6YuZN3CHM0hRbb2BwxtE3d_p-9_M1G2djZxZYDpvPH2_yqT0RNIwG-H6A14fLoBhAEksWIZ5tFVuB6-oA-lemdgxtEJl0Bt8RwzP66jXIwB0HSHvrLifU7a3Io4g8IdRYAUCmO62bIaDDb_Eay9zwkr7iyIJGGTj4GKYayF0ujjShKRCi2o9gf_ZypP9l1UxzzMeQrjI_HUeH2E0nHXPWJ_unhbxI1riJBkhT2xxk5KqifVa1-DDq002jPERed-XJ1L2hJhvAQFadCtzdlG7ZSZd0ArnOay6SiEatYXKO6T_OCKw2dxmKIp0s05xt94gGmzTWbbr61qzp6_Pg2vG7-Ztm4zgUqaOmF9C78Acdvv7JmUVEs_B4U_Qd2yhg4AMkZq_PKsXAF_qHItK4DOnlQYWTUvA4kWxhLxcvl4xKrUBJ62au0Fs8Xpu3yT36a6bn5Ksyw5VI6sUh6LB51TyPTJ_EuU_gAsTyIKicC80-2WK6vb_OJIXmHl_A9yAGdaUGgKnnSihP_QirbaOt94Qi8a7mYdKiWU3z9H-3uz5Zt3HaJbzIrK5N9EmlDaB7tSj71nxBZbuPpufgYxIEoB2FTxDZW6g141J0FUMOCtRPh07PhXmretIozc1AbS0PSXZp0Vx7N5t9vxBGk_cvFOjY7Csy3CjqQFwkgb3bCe0fNDFd58B2FJC7J2Udpq6JK-2zjtbAEzssXv9i1UUA-ATptWCzPAjKRW0Vlsh9UC42y_y6E7dVTO9fvynHX97n-YmIAlFju2JoAtyoqV0YBZ25NFXNtsy2gS_saY3JDr1kIu-N8pw-VDmwYunbxj74WGQ2DhteeAVcDgjQApymDiQWF0JfFPiEID_KY5jDCok9YMrAApymDiQWF05iQSoWKQxzunz0PuyzzqhW9OhTe-yssTbedYwajyysssm7cgp-IDouBybpyqSvYh1BXc4tUbJjJO-_N9TMdQ_2WSQsQHXjql HTTP 302
    https://p237996.mybetterdl.com/adServe/domainClick?ai=IMh5EoW_2OqsOIqecBMktQApymDiQWF0JfFPiEID_KYEErEUEwoaPYTki1BZe7L-7E_FyoiwAkKH9fE_QqR6gk9i_TRclVxeeUOO8_gldaJdpOF1ScxyV_JhYB0lhN028JzJBOGFulZvToU3vsrLEwFbc1vgZxvyYlZ0CBoMUA4lO7oBdjPsrgkVCHv9wBj7JPjBUjMHixQmoHuQ7p0vklBPPdoWjOi8nbxj74WGQ2BlW6Kmbi47Imtdnt_Lrhn8xIM-F2T9IJsA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qeNnUqwZB1wttfL2tY4RhRiPI3aj7cR-FAiUOPEN66SyzZXxnX9w3KH1wgeoYy4_2BfD7Q_ar0mVr6vXA2g7MC_bWnaHeEFBufsfIEQ6j_a0nnaMzr4fK_SBqnnqxyi93Klu56Ibtjf3-JGFvjEsyaGxLfdpjIFYMM&ui=w_Wj54-Mm6RB_AzGGnYx2n800SDWLs8k5BqBrDJxXOHoEA17KP5r5i9mFUUnL9BkEX4UstpaAq-PtlvgrejyIc3q3infU_mnw0YR64_BEQ5JwFoz4Yix9A&si=1&oref=164958feeeed59ba6c18680c25d74b60&optunit=CRUIe_3AGPutK6Mz5FaVqw&rb=e_EtilKVKjA&rr=1&abtg=0 HTTP 302
    http://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=shaboxes.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=440102225&bid=0.006334&clickid=87423086165 HTTP 301
    https://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=shaboxes.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=440102225&bid=0.006334&clickid=87423086165 HTTP 302
    https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=DWgPiSInkor8MJ-TGYWSR4w8GOj_iBa-tJa5eeS3yQS6CmhDXvYjqLR9krKiPSW-Va6eqwRhAmcvePIGfEf4VmKxQ7lY1GPazWckECTSoLxrau9nZ2x5A9P0TPuviKkIC9BQS3aw864ShEmAA1A_0GFTGFlM516BTgAC3bx4gtkDkLl6qgy9Xpx1iBUI1DTzgKsW6pR652xvL8ToHyc92qZAis35DL_-WTGU_ftAySF__SewBLKbwukmTpKU9XTG2Yl7AX3LgV_J2fPJ-f_4YTSYfo8i-vunQUdcZUpZiGy5btcvvX0I3f1F_iG5C-Zct-0ALFxnBlgw0c2gJvQJFxXOQgCVd4d8J4a5YVj69C0tURa3UiyFmIi47qvwHajlENYUZHgfWHdt_MHB0WutB9JG6CdIDUmVff-YTdAz4d7mu5waM0UnLryejtVkUeDypQUsvGYnrmuS8nYWXs42HD3c_X5hTHl26iqZkm0XjyvmBW8i-Tv87BayFi43fsy7dNSGZtbmpGFF1eCYO5yHFEXxc80mOdWk1Qrq2vvlSn4&lptoken=16093516408e732c7339&keyword=shaboxes.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=440102225&bid=0.006334&clickid=87423086165 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
shaboxes.com/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://shaboxes.com/
Protocol
HTTP/1.1
Server
69.16.230.42 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash
9c94fdeced82f2eb28eb7661fd0a46806ae3f0fdc3da1789250d95bfc3f7a9c8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 28 Oct 2021 07:19:31 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
Keep-Alive
timeout=5, max=91
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
bouncy.php
shaboxes.com/page/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://shaboxes.com/page/bouncy.php?&bpae=GbhGszHnwiZx9Zvhqa5rT8MsP0c7RM4zIFolrn376n3bk%2FDmLjjOMS6beFxLkEqlvc7ueKaT5TSeEl6UKwFLX0GfLG76yAoqrNVIedRddOogWNRzoHUryeF285lAbeQvUrllto2DTXt%2BPXZcn671pDcWlB99kxwru4mVoKFabaIS1JL8kDe91HyZHnqCfXRQFcKiaHPY%2FWN%2Ftsa0uZl0hdMO3kVKN9RQLidF5WmlH%2F7GbuX6Rc5VLPGyY6iO7yFMiaCSvgYPqeEhHfE8Xg439df%2FLDNoxC0wqiDMYi6XbiWg73yn3axHnMpk%2FFDxdM7g0PU9Pm0jZXGdyMxY%2BPJQKSJO4UPkr7zisiE%2Fd5%2BF9SYLC5emKCK4zty%2B5jIJNfTg9UzrKBSjui%2B3%2BKsKwn0WvB6kwl%2FVe5VQlkFb8z%2BQ%2BppEB85j7hlNofEqUXycNxDEfAASU930MMckuK6i2ILkUPwn52jMIuK4gaoBK51sPaMd6XSRHEwCNY78mhyYodxqZTq4DyyvYqpQOkl%2BPGufj%2BWgYtV311wPMTcCzHea4BHGbqFTryEH8dGT%2B%2BeNcMn3QlOBkimauNbWE48pJ4bPhZRrydAEu2qttGEi4oLMvf2LVT8PAXg4TxqIy1v1iEiRzI%2Ffml%2B0tH0%2F74YSqtjTFkTH5m6M8VVqNJPNP9KVxIc3XYNKzUwHRj3c56%2BxN4FckYfEwqvhMIq5sHKGqnoJntYt1mvZFwEzuWVvXiBMVUXoRpTvKHYvfJAAY911vek2%2BhC%2B1rC9BHRcWwgeXMrdQawMIFk60ivPB1mJyjdcXKLTvSjVLqFlVXb1BVBnRqMNYbIATuiiPRe8ENLtOSe%2BoHojgSrtEkVZW29rAOFZLRzPDNBXIV0ATWOCrlwPdG4Q5qEWmjvDDdUgnfvcRh2nYxUoeDHCYJAkNmGM1ew9Q17KgnFxYz7%2FDt%2FHE49yPg1rS33UwGaXh0bGYXdyOYY7oooNad4PJ0vlYd9E65%2Fme%2BrBzvh7ZZfZK5cpL4rfIeXEofFBVzQgqS0PotjuFZkZBLJYiaCxoLo2xsom7bt1O4Cwy2clMePfF2wgY87ryk%2FjU6fRlTDouSlV%2FKzabmlO0r47uaeh14XolxMdl%2Fnn%2Faa3xyTa2Fecxnx4aj9StCfPGmHZQACD6yt66xBnS8WQSo9mUklhwzVDKCfq1%2F6BxK1HCemvl7cuLLVhnQ%2BrW9LEnk2Gabcf0MszNhp0yF3saWFA2Ohnyca%2FAC04JHzEWShDKVlRTWvtBlX9f3AHoWksB9fwuxZfJTgWf0PtVUd8t9ezix6k58aiCovhd%2FvyFkcxcX2bku16G%2FXQUA6tsGQ625fXgWJFQC1QRU6Ei4guN87OEx4CAP7szU3qDPa7LvC%2BnoOFDYN%2BX6ZrqGjtSjRy3E02XWlj%2B8yKJT7wtNfaJRyUi6sje6gRcDmCQgKP1Q3E1AEWrjJgVLj20N0kXccyRFP4RtQNGhNNf7EqOOr6neXmKdZNjtPf3IT6MwESTwjgDJOZiUjz%2FfRhU3P9sG15y8hjteSWjrwp1tBTpAIbLlDFHEyRPRIbmlqetnTJzUIXhBtkJCAS4U6Rd4KX7dvB55WqS6umDjer%2FaQ7%2F7me38VSIYq%2FZe0fne7VbNDssMOfr4krWN%2BjRPNY1ReU47u%2BOuc0U%2FidhmBtHgev%2BKEjSuGhWLyP4FzfvC%2BuMvAxVV07lQAzooxCi8Q05CXs%2BH5k7Q9EYrjGKLA7ShGIIB0hMim77cepQ4aW%2FZn5N1CdSCy4HVzkF4bF7oRgGW%2Ff9r%2BCJElyC%2BmcIwn0iYZjwSI1ixDKUYsIYnqeSRCCTGfjZZXPwI5Cr9jNpbcBIVPM9PubV753C%2FYMkQBiuiWIl%2FmSozXSefXzmrE1MxPQamreI2YKiLhkHBhtUJzjbbGYH1NhhXZSl6Qvd44ELS%2FxpWlKQpkqDqaiQM%2B%2BW6QEl2Ovm4Pe2yBAGvnb&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: shaboxes.com
URL: http://shaboxes.com/
Protocol
HTTP/1.1
Server
69.16.230.42 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash
aa327708b582e71b6d1acbb4253e3417aab1b0d46de3ff3ee2cb92e99a115ad4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://shaboxes.com/

Response headers

Date
Thu, 28 Oct 2021 07:19:32 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
Keep-Alive
timeout=5, max=87
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request /
lp1s.stop-ads.xyz/
Redirect Chain
  • https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6RB_AzGGnYx2uZxkvSyjFzbqNiqkZvx6Z-t3Q5wgRfquVLRsl-Kd-UEY_iD5bFykKi_84eTTfdYjpFGL3HNM2iZpLSZmparWHXlxh5tJot7LxmPiRLDedU-EaetGzMqHz6mGf_HQGXBODC3pBZX1rE...
  • https://p237996.mybetterdl.com/adServe/domainClick?ai=IMh5EoW_2OqsOIqecBMktQApymDiQWF0JfFPiEID_KYEErEUEwoaPYTki1BZe7L-7E_FyoiwAkKH9fE_QqR6gk9i_TRclVxeeUOO8_gldaJdpOF1ScxyV_JhYB0lhN028JzJBOGFulZvToU...
  • http://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=shaboxes.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=440102225&...
  • https://track.sparta-tracking.xyz/440e1753-b94c-4d29-bfdc-7aa21335939c?keyword=shaboxes.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=440102225...
  • https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=DWgPiSInkor8MJ-TGYWSR4w8GOj_iBa-tJa5eeS3yQS6CmhDXvYjqLR9krKiPSW-Va6eqwRhAmcvePIGfEf4VmKxQ7lY1GPazWckECTSoLxrau9nZ2x5A9P0TPuviKkIC9BQS3aw...
43 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=DWgPiSInkor8MJ-TGYWSR4w8GOj_iBa-tJa5eeS3yQS6CmhDXvYjqLR9krKiPSW-Va6eqwRhAmcvePIGfEf4VmKxQ7lY1GPazWckECTSoLxrau9nZ2x5A9P0TPuviKkIC9BQS3aw864ShEmAA1A_0GFTGFlM516BTgAC3bx4gtkDkLl6qgy9Xpx1iBUI1DTzgKsW6pR652xvL8ToHyc92qZAis35DL_-WTGU_ftAySF__SewBLKbwukmTpKU9XTG2Yl7AX3LgV_J2fPJ-f_4YTSYfo8i-vunQUdcZUpZiGy5btcvvX0I3f1F_iG5C-Zct-0ALFxnBlgw0c2gJvQJFxXOQgCVd4d8J4a5YVj69C0tURa3UiyFmIi47qvwHajlENYUZHgfWHdt_MHB0WutB9JG6CdIDUmVff-YTdAz4d7mu5waM0UnLryejtVkUeDypQUsvGYnrmuS8nYWXs42HD3c_X5hTHl26iqZkm0XjyvmBW8i-Tv87BayFi43fsy7dNSGZtbmpGFF1eCYO5yHFEXxc80mOdWk1Qrq2vvlSn4&lptoken=16093516408e732c7339&keyword=shaboxes.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=440102225&bid=0.006334&clickid=87423086165
Requested by
Host: shaboxes.com
URL: http://shaboxes.com/page/bouncy.php?&bpae=GbhGszHnwiZx9Zvhqa5rT8MsP0c7RM4zIFolrn376n3bk%2FDmLjjOMS6beFxLkEqlvc7ueKaT5TSeEl6UKwFLX0GfLG76yAoqrNVIedRddOogWNRzoHUryeF285lAbeQvUrllto2DTXt%2BPXZcn671pDcWlB99kxwru4mVoKFabaIS1JL8kDe91HyZHnqCfXRQFcKiaHPY%2FWN%2Ftsa0uZl0hdMO3kVKN9RQLidF5WmlH%2F7GbuX6Rc5VLPGyY6iO7yFMiaCSvgYPqeEhHfE8Xg439df%2FLDNoxC0wqiDMYi6XbiWg73yn3axHnMpk%2FFDxdM7g0PU9Pm0jZXGdyMxY%2BPJQKSJO4UPkr7zisiE%2Fd5%2BF9SYLC5emKCK4zty%2B5jIJNfTg9UzrKBSjui%2B3%2BKsKwn0WvB6kwl%2FVe5VQlkFb8z%2BQ%2BppEB85j7hlNofEqUXycNxDEfAASU930MMckuK6i2ILkUPwn52jMIuK4gaoBK51sPaMd6XSRHEwCNY78mhyYodxqZTq4DyyvYqpQOkl%2BPGufj%2BWgYtV311wPMTcCzHea4BHGbqFTryEH8dGT%2B%2BeNcMn3QlOBkimauNbWE48pJ4bPhZRrydAEu2qttGEi4oLMvf2LVT8PAXg4TxqIy1v1iEiRzI%2Ffml%2B0tH0%2F74YSqtjTFkTH5m6M8VVqNJPNP9KVxIc3XYNKzUwHRj3c56%2BxN4FckYfEwqvhMIq5sHKGqnoJntYt1mvZFwEzuWVvXiBMVUXoRpTvKHYvfJAAY911vek2%2BhC%2B1rC9BHRcWwgeXMrdQawMIFk60ivPB1mJyjdcXKLTvSjVLqFlVXb1BVBnRqMNYbIATuiiPRe8ENLtOSe%2BoHojgSrtEkVZW29rAOFZLRzPDNBXIV0ATWOCrlwPdG4Q5qEWmjvDDdUgnfvcRh2nYxUoeDHCYJAkNmGM1ew9Q17KgnFxYz7%2FDt%2FHE49yPg1rS33UwGaXh0bGYXdyOYY7oooNad4PJ0vlYd9E65%2Fme%2BrBzvh7ZZfZK5cpL4rfIeXEofFBVzQgqS0PotjuFZkZBLJYiaCxoLo2xsom7bt1O4Cwy2clMePfF2wgY87ryk%2FjU6fRlTDouSlV%2FKzabmlO0r47uaeh14XolxMdl%2Fnn%2Faa3xyTa2Fecxnx4aj9StCfPGmHZQACD6yt66xBnS8WQSo9mUklhwzVDKCfq1%2F6BxK1HCemvl7cuLLVhnQ%2BrW9LEnk2Gabcf0MszNhp0yF3saWFA2Ohnyca%2FAC04JHzEWShDKVlRTWvtBlX9f3AHoWksB9fwuxZfJTgWf0PtVUd8t9ezix6k58aiCovhd%2FvyFkcxcX2bku16G%2FXQUA6tsGQ625fXgWJFQC1QRU6Ei4guN87OEx4CAP7szU3qDPa7LvC%2BnoOFDYN%2BX6ZrqGjtSjRy3E02XWlj%2B8yKJT7wtNfaJRyUi6sje6gRcDmCQgKP1Q3E1AEWrjJgVLj20N0kXccyRFP4RtQNGhNNf7EqOOr6neXmKdZNjtPf3IT6MwESTwjgDJOZiUjz%2FfRhU3P9sG15y8hjteSWjrwp1tBTpAIbLlDFHEyRPRIbmlqetnTJzUIXhBtkJCAS4U6Rd4KX7dvB55WqS6umDjer%2FaQ7%2F7me38VSIYq%2FZe0fne7VbNDssMOfr4krWN%2BjRPNY1ReU47u%2BOuc0U%2FidhmBtHgev%2BKEjSuGhWLyP4FzfvC%2BuMvAxVV07lQAzooxCi8Q05CXs%2BH5k7Q9EYrjGKLA7ShGIIB0hMim77cepQ4aW%2FZn5N1CdSCy4HVzkF4bF7oRgGW%2Ff9r%2BCJElyC%2BmcIwn0iYZjwSI1ixDKUYsIYnqeSRCCTGfjZZXPwI5Cr9jNpbcBIVPM9PubV753C%2FYMkQBiuiWIl%2FmSozXSefXzmrE1MxPQamreI2YKiLhkHBhtUJzjbbGYH1NhhXZSl6Qvd44ELS%2FxpWlKQpkqDqaiQM%2B%2BW6QEl2Ovm4Pe2yBAGvnb&redirectType=js&inIframe=false&inPopUp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.17.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c49661d4dcafb53a9a4c75d08db27264c65b9b2c747f73e9d7788381de56b17
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://shaboxes.com/page/bouncy.php?&bpae=GbhGszHnwiZx9Zvhqa5rT8MsP0c7RM4zIFolrn376n3bk%2FDmLjjOMS6beFxLkEqlvc7ueKaT5TSeEl6UKwFLX0GfLG76yAoqrNVIedRddOogWNRzoHUryeF285lAbeQvUrllto2DTXt%2BPXZcn671pDcWlB99kxwru4mVoKFabaIS1JL8kDe91HyZHnqCfXRQFcKiaHPY%2FWN%2Ftsa0uZl0hdMO3kVKN9RQLidF5WmlH%2F7GbuX6Rc5VLPGyY6iO7yFMiaCSvgYPqeEhHfE8Xg439df%2FLDNoxC0wqiDMYi6XbiWg73yn3axHnMpk%2FFDxdM7g0PU9Pm0jZXGdyMxY%2BPJQKSJO4UPkr7zisiE%2Fd5%2BF9SYLC5emKCK4zty%2B5jIJNfTg9UzrKBSjui%2B3%2BKsKwn0WvB6kwl%2FVe5VQlkFb8z%2BQ%2BppEB85j7hlNofEqUXycNxDEfAASU930MMckuK6i2ILkUPwn52jMIuK4gaoBK51sPaMd6XSRHEwCNY78mhyYodxqZTq4DyyvYqpQOkl%2BPGufj%2BWgYtV311wPMTcCzHea4BHGbqFTryEH8dGT%2B%2BeNcMn3QlOBkimauNbWE48pJ4bPhZRrydAEu2qttGEi4oLMvf2LVT8PAXg4TxqIy1v1iEiRzI%2Ffml%2B0tH0%2F74YSqtjTFkTH5m6M8VVqNJPNP9KVxIc3XYNKzUwHRj3c56%2BxN4FckYfEwqvhMIq5sHKGqnoJntYt1mvZFwEzuWVvXiBMVUXoRpTvKHYvfJAAY911vek2%2BhC%2B1rC9BHRcWwgeXMrdQawMIFk60ivPB1mJyjdcXKLTvSjVLqFlVXb1BVBnRqMNYbIATuiiPRe8ENLtOSe%2BoHojgSrtEkVZW29rAOFZLRzPDNBXIV0ATWOCrlwPdG4Q5qEWmjvDDdUgnfvcRh2nYxUoeDHCYJAkNmGM1ew9Q17KgnFxYz7%2FDt%2FHE49yPg1rS33UwGaXh0bGYXdyOYY7oooNad4PJ0vlYd9E65%2Fme%2BrBzvh7ZZfZK5cpL4rfIeXEofFBVzQgqS0PotjuFZkZBLJYiaCxoLo2xsom7bt1O4Cwy2clMePfF2wgY87ryk%2FjU6fRlTDouSlV%2FKzabmlO0r47uaeh14XolxMdl%2Fnn%2Faa3xyTa2Fecxnx4aj9StCfPGmHZQACD6yt66xBnS8WQSo9mUklhwzVDKCfq1%2F6BxK1HCemvl7cuLLVhnQ%2BrW9LEnk2Gabcf0MszNhp0yF3saWFA2Ohnyca%2FAC04JHzEWShDKVlRTWvtBlX9f3AHoWksB9fwuxZfJTgWf0PtVUd8t9ezix6k58aiCovhd%2FvyFkcxcX2bku16G%2FXQUA6tsGQ625fXgWJFQC1QRU6Ei4guN87OEx4CAP7szU3qDPa7LvC%2BnoOFDYN%2BX6ZrqGjtSjRy3E02XWlj%2B8yKJT7wtNfaJRyUi6sje6gRcDmCQgKP1Q3E1AEWrjJgVLj20N0kXccyRFP4RtQNGhNNf7EqOOr6neXmKdZNjtPf3IT6MwESTwjgDJOZiUjz%2FfRhU3P9sG15y8hjteSWjrwp1tBTpAIbLlDFHEyRPRIbmlqetnTJzUIXhBtkJCAS4U6Rd4KX7dvB55WqS6umDjer%2FaQ7%2F7me38VSIYq%2FZe0fne7VbNDssMOfr4krWN%2BjRPNY1ReU47u%2BOuc0U%2FidhmBtHgev%2BKEjSuGhWLyP4FzfvC%2BuMvAxVV07lQAzooxCi8Q05CXs%2BH5k7Q9EYrjGKLA7ShGIIB0hMim77cepQ4aW%2FZn5N1CdSCy4HVzkF4bF7oRgGW%2Ff9r%2BCJElyC%2BmcIwn0iYZjwSI1ixDKUYsIYnqeSRCCTGfjZZXPwI5Cr9jNpbcBIVPM9PubV753C%2FYMkQBiuiWIl%2FmSozXSefXzmrE1MxPQamreI2YKiLhkHBhtUJzjbbGYH1NhhXZSl6Qvd44ELS%2FxpWlKQpkqDqaiQM%2B%2BW6QEl2Ovm4Pe2yBAGvnb&redirectType=js&inIframe=false&inPopUp=false

Response headers

date
Thu, 28 Oct 2021 07:19:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
ALLOWALL
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Authorization
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01pYqvvDIY5M%2FG1ZE1WIV4kZXeRHjdPyqv0CDrlZmg1P8Iir81TdhWpXzHwQNtHrFOhHFSnivfYLim2YkieTbjBx9oTRyoVN24AjA5QaSCW4m8MYxZkhndThtaPDBpGe2S8kLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a5265802cb86946-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Thu, 28 Oct 2021 07:19:33 GMT
content-length
0
cache-control
no-store, no-cache, pre-check=0, post-check=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=DWgPiSInkor8MJ-TGYWSR4w8GOj_iBa-tJa5eeS3yQS6CmhDXvYjqLR9krKiPSW-Va6eqwRhAmcvePIGfEf4VmKxQ7lY1GPazWckECTSoLxrau9nZ2x5A9P0TPuviKkIC9BQS3aw864ShEmAA1A_0GFTGFlM516BTgAC3bx4gtkDkLl6qgy9Xpx1iBUI1DTzgKsW6pR652xvL8ToHyc92qZAis35DL_-WTGU_ftAySF__SewBLKbwukmTpKU9XTG2Yl7AX3LgV_J2fPJ-f_4YTSYfo8i-vunQUdcZUpZiGy5btcvvX0I3f1F_iG5C-Zct-0ALFxnBlgw0c2gJvQJFxXOQgCVd4d8J4a5YVj69C0tURa3UiyFmIi47qvwHajlENYUZHgfWHdt_MHB0WutB9JG6CdIDUmVff-YTdAz4d7mu5waM0UnLryejtVkUeDypQUsvGYnrmuS8nYWXs42HD3c_X5hTHl26iqZkm0XjyvmBW8i-Tv87BayFi43fsy7dNSGZtbmpGFF1eCYO5yHFEXxc80mOdWk1Qrq2vvlSn4&lptoken=16093516408e732c7339&keyword=shaboxes.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=440102225&bid=0.006334&clickid=87423086165
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQhY%2BV0yBprWpwDuYchPoIXnaoDTJfqCsUfrvFgXIQQAiBrRm9BfXhIK7D9qR5RfTl36Refcma%2BhQmONzdkdNQnxOmPykr9CEAwW7RveMLS3CA9UsxrMhfN3942OOEXBbeD3a22YK6lUgRl%2F"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a52657f9b154108-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: lp1s.stop-ads.xyz
URL: https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=DWgPiSInkor8MJ-TGYWSR4w8GOj_iBa-tJa5eeS3yQS6CmhDXvYjqLR9krKiPSW-Va6eqwRhAmcvePIGfEf4VmKxQ7lY1GPazWckECTSoLxrau9nZ2x5A9P0TPuviKkIC9BQS3aw864ShEmAA1A_0GFTGFlM516BTgAC3bx4gtkDkLl6qgy9Xpx1iBUI1DTzgKsW6pR652xvL8ToHyc92qZAis35DL_-WTGU_ftAySF__SewBLKbwukmTpKU9XTG2Yl7AX3LgV_J2fPJ-f_4YTSYfo8i-vunQUdcZUpZiGy5btcvvX0I3f1F_iG5C-Zct-0ALFxnBlgw0c2gJvQJFxXOQgCVd4d8J4a5YVj69C0tURa3UiyFmIi47qvwHajlENYUZHgfWHdt_MHB0WutB9JG6CdIDUmVff-YTdAz4d7mu5waM0UnLryejtVkUeDypQUsvGYnrmuS8nYWXs42HD3c_X5hTHl26iqZkm0XjyvmBW8i-Tv87BayFi43fsy7dNSGZtbmpGFF1eCYO5yHFEXxc80mOdWk1Qrq2vvlSn4&lptoken=16093516408e732c7339&keyword=shaboxes.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=440102225&bid=0.006334&clickid=87423086165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp1s.stop-ads.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 05:23:54 GMT
server
ESF
date
Thu, 28 Oct 2021 07:19:33 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Thu, 28 Oct 2021 07:19:33 GMT
email-decode.min.js
lp1s.stop-ads.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp1s.stop-ads.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: lp1s.stop-ads.xyz
URL: https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=DWgPiSInkor8MJ-TGYWSR4w8GOj_iBa-tJa5eeS3yQS6CmhDXvYjqLR9krKiPSW-Va6eqwRhAmcvePIGfEf4VmKxQ7lY1GPazWckECTSoLxrau9nZ2x5A9P0TPuviKkIC9BQS3aw864ShEmAA1A_0GFTGFlM516BTgAC3bx4gtkDkLl6qgy9Xpx1iBUI1DTzgKsW6pR652xvL8ToHyc92qZAis35DL_-WTGU_ftAySF__SewBLKbwukmTpKU9XTG2Yl7AX3LgV_J2fPJ-f_4YTSYfo8i-vunQUdcZUpZiGy5btcvvX0I3f1F_iG5C-Zct-0ALFxnBlgw0c2gJvQJFxXOQgCVd4d8J4a5YVj69C0tURa3UiyFmIi47qvwHajlENYUZHgfWHdt_MHB0WutB9JG6CdIDUmVff-YTdAz4d7mu5waM0UnLryejtVkUeDypQUsvGYnrmuS8nYWXs42HD3c_X5hTHl26iqZkm0XjyvmBW8i-Tv87BayFi43fsy7dNSGZtbmpGFF1eCYO5yHFEXxc80mOdWk1Qrq2vvlSn4&lptoken=16093516408e732c7339&keyword=shaboxes.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=440102225&bid=0.006334&clickid=87423086165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.17.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp1s.stop-ads.xyz/?&utm_campaign=00639_test-best&cep=DWgPiSInkor8MJ-TGYWSR4w8GOj_iBa-tJa5eeS3yQS6CmhDXvYjqLR9krKiPSW-Va6eqwRhAmcvePIGfEf4VmKxQ7lY1GPazWckECTSoLxrau9nZ2x5A9P0TPuviKkIC9BQS3aw864ShEmAA1A_0GFTGFlM516BTgAC3bx4gtkDkLl6qgy9Xpx1iBUI1DTzgKsW6pR652xvL8ToHyc92qZAis35DL_-WTGU_ftAySF__SewBLKbwukmTpKU9XTG2Yl7AX3LgV_J2fPJ-f_4YTSYfo8i-vunQUdcZUpZiGy5btcvvX0I3f1F_iG5C-Zct-0ALFxnBlgw0c2gJvQJFxXOQgCVd4d8J4a5YVj69C0tURa3UiyFmIi47qvwHajlENYUZHgfWHdt_MHB0WutB9JG6CdIDUmVff-YTdAz4d7mu5waM0UnLryejtVkUeDypQUsvGYnrmuS8nYWXs42HD3c_X5hTHl26iqZkm0XjyvmBW8i-Tv87BayFi43fsy7dNSGZtbmpGFF1eCYO5yHFEXxc80mOdWk1Qrq2vvlSn4&lptoken=16093516408e732c7339&keyword=shaboxes.com&geo=DE&campaignname=00639&device=Desktop&os=Windows+10&browser=Chrome+93&carrier=UNKNOWN&source=440102225&bid=0.006334&clickid=87423086165
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 07:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:26:29 GMT
server
cloudflare
etag
W/"616eb975-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJAUNjQmUY80%2FuJG20gvh3Hmt1rwPxhoncfgP0U2PwIvN0lLtr2EzBRU0XqPohX2NSBY9jdbDr%2B27NIpFMTDwfQBRCVPaqrtPuyXXIOosYpH7LzBc1gq3HSRsA8VyYHxSfyFOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a5265806d366946-FRA
vary
Accept-Encoding
expires
Sat, 30 Oct 2021 07:19:33 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lp1s.stop-ads.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:46:35 GMT
x-content-type-options
nosniff
age
534778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 02:46:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lp1s.stop-ads.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:31:41 GMT
x-content-type-options
nosniff
age
53272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 27 Oct 2022 16:31:41 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

4 Cookies

Domain/Path Name / Value
.mybetterdl.com/ Name: rhid
Value: 79980723117
.mybetterdl.com/ Name: loi
Value: ad_1126337_off_570904_aff_8203_cid_237996-SHABOXES.COM_ts_1635405572
.track.sparta-tracking.xyz/ Name: 440e1753-b94c-4d29-bfdc-7aa21335939c-v4
Value: 8srt1QaZ9PwWvRVMF21rnVswf2WVfv9bkG9N8M8eQxY
.track.sparta-tracking.xyz/ Name: cep-v4
Value: i-pSsPXDHoxud9kjv-z9aGetgqdMGTNShK3r76yKojK-GslkmUWyzTxfTzG0fCamiG3ehJOVg5IbYJ-n-9PmH6KjoXSm9sxHD2NZrurhft_as4ZlSbna4sgpgYJA7g9-t0N61wHzvpAD0ap5BJFiELtw4QD0zyw7dlw8HXibVXoglKcvtgEj6IiLKQKsadF3iVwnMp3bUjybr_nSlmgIdb3lyuZNCmmEE_NwvTH01J2eqNPhD0rhjJ4PK3WAH5uDyC7mUapK69lvU5QerBoVHlqdxQPadk9lebVZfJWHbpOL2ml9ORuLrZIqAAvwOjRxPRirj_LQtwc6OdXvfcgNs0htdkkTIp3CaynW_uknYBXv-Pp_WpTw5Jt1-s1IR7ozQ_XXuBggdfUD5kYB-4k9P1APEvshZKkdL0EIoewPHiiF_ZhIZyCcGyNstjWx3RDvoyz_qlDmOZqD9NJpxRMx0tBJhYwJlZfIxfrC0-AZwVcvwSEidzt8PGeUfYPJYQpqJSBl76RAOUleNgmT-S8pmh-ElCTa7uImk9LTz1J3B_0