urlscan.io logo urlscan.io
SecurityTrails logo

popmyads.com Open in urlscan Pro
2606:4700:e4::ac40:a615  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://c.adups.app/36399?click=pub2f0d010ab67e4d46835067cb6704e494&pubid=ba8315b2
Effective URL: https://popmyads.com/return/30?clickid=eb655149-5e7e-11ee-a86e-0ab5beac3f4d
Submission: On September 29 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 10 HTTP transactions. The main IP is 2606:4700:e4::ac40:a615, located in United States and belongs to CLOUDFLARENET, US. The main domain is popmyads.com. The Cisco Umbrella rank of the primary domain is 145107.
TLS certificate: Issued by GTS CA 1P5 on August 29th 2023. Valid for: 3 months.
This is the only time popmyads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 174.138.122.163 14061 (DIGITALOC...)
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 51.161.115.163 16276 (OVH)
1 3 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 23.21.62.107 14618 (AMAZON-AES)
2 2a00:1450:400... ()
10 6
1    174.138.122.163 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)
c.adups.app
4    2606:4700:3033::ac43:837e (United States)

ASN13335 (CLOUDFLARENET, US)
track.thatconvertingoffer.com
1    2606:4700:3034::6815:1362 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    51.161.115.163 (Canada)

ASN16276 (OVH, FR)
PTR: ns572483.ip-51-161-115.net
t3.hightid.com
3    2606:4700:e4::ac40:a615 (United States)

ASN13335 (CLOUDFLARENET, US)
popmyads.com
2    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
1    23.21.62.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-62-107.compute-1.amazonaws.com
kuno-gae.com
2    2a00:1450:4001:82f::200e (None, )

ASN- ()
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
4 thatconvertingoffer.com
track.thatconvertingoffer.com
6 KB
3 popmyads.com
popmyads.com — Cisco Umbrella Rank: 145107
3 KB
2 google-analytics.com
www.google-analytics.com
21 KB
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 10525
widgets.amung.us — Cisco Umbrella Rank: 17598
708 B
1 kuno-gae.com
kuno-gae.com — Cisco Umbrella Rank: 77953
495 B
1 hightid.com
t3.hightid.com — Cisco Umbrella Rank: 254012
261 B
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 246563
1 KB
1 adups.app
c.adups.app
429 B
10 8
Domain Requested by
4 track.thatconvertingoffer.com 1 redirects track.thatconvertingoffer.com
3 popmyads.com 1 redirects track.thatconvertingoffer.com
popmyads.com
2 www.google-analytics.com popmyads.com
www.google-analytics.com
1 kuno-gae.com 1 redirects
1 widgets.amung.us
1 whos.amung.us 1 redirects
1 t3.hightid.com 1 redirects
1 cdn.addlnk.com track.thatconvertingoffer.com
1 c.adups.app 1 redirects
10 9

This site contains no links.

Subject Issuer Validity Valid
*.thatconvertingoffer.com
E1		 2023-09-16 -
2023-12-15		 3 months crt.sh
addlnk.com
GTS CA 1P5		 2023-08-11 -
2023-11-09		 3 months crt.sh
popmyads.com
GTS CA 1P5		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 2 frames:

Frame: https://popmyads.com/returngo/MTY5NTk2MDk3MUFWYlhUMHFadG1rZE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTIuMC41NjE1LjI5IFNhZmFyaS81MzcuMzY=/30/1600x1200/8/4/0
Frame ID: 097C376D035CB7D03C25E518642B4023
Requests: 8 HTTP requests in this frame

Frame: https://track.thatconvertingoffer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 5F61623612C16C4C688A48A8AD27257A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://c.adups.app/36399?click=pub2f0d010ab67e4d46835067cb6704e494&pubid=ba8315b2 HTTP 302
    https://track.thatconvertingoffer.com/rc/736006a179?affclick=23I29094607A036399028631hP2rJ&pubid=36399&pubid=c49f6 Page URL
  2. https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&s=11213b3c&pid=pub8... HTTP 302
    https://popmyads.com/serve/52264/48075/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxLmNvbQ== Page URL
  3. https://popmyads.com/gget HTTP 302
    http://kuno-gae.com/0480753250?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://... HTTP 302
    https://popmyads.com/return/30?clickid=eb655149-5e7e-11ee-a86e-0ab5beac3f4d Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

10
Requests

70 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

31 kB
Transfer

65 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://c.adups.app/36399?click=pub2f0d010ab67e4d46835067cb6704e494&pubid=ba8315b2 HTTP 302
    https://track.thatconvertingoffer.com/rc/736006a179?affclick=23I29094607A036399028631hP2rJ&pubid=36399&pubid=c49f6 Page URL
  2. https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&s=11213b3c&pid=pub8a6fbd451bc4449a854c939d652ff438 HTTP 302
    https://popmyads.com/serve/52264/48075/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxLmNvbQ== Page URL
  3. https://popmyads.com/gget HTTP 302
    http://kuno-gae.com/0480753250?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://popmyads.com/return/30 HTTP 302
    https://popmyads.com/return/30?clickid=eb655149-5e7e-11ee-a86e-0ab5beac3f4d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://c.adups.app/36399?click=pub2f0d010ab67e4d46835067cb6704e494&pubid=ba8315b2 HTTP 302
  • https://track.thatconvertingoffer.com/rc/736006a179?affclick=23I29094607A036399028631hP2rJ&pubid=36399&pubid=c49f6
Request Chain 2
  • https://track.thatconvertingoffer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://track.thatconvertingoffer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Request Chain 4
  • https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&s=11213b3c&pid=pub8a6fbd451bc4449a854c939d652ff438 HTTP 302
  • https://popmyads.com/serve/52264/48075/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxLmNvbQ==
Request Chain 5
  • https://whos.amung.us/swidget/popmyads.png HTTP 307
  • https://widgets.amung.us/draw/?w=small&n=22700&c=ffc20e000000&p=left

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
736006a179
track.thatconvertingoffer.com/rc/
Redirect Chain
  • https://c.adups.app/36399?click=pub2f0d010ab67e4d46835067cb6704e494&pubid=ba8315b2
  • https://track.thatconvertingoffer.com/rc/736006a179?affclick=23I29094607A036399028631hP2rJ&pubid=36399&pubid=c49f6
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.thatconvertingoffer.com/rc/736006a179?affclick=23I29094607A036399028631hP2rJ&pubid=36399&pubid=c49f6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:837e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88bc11299c159c9e7a506c84ee476611ef2b2d22787c26f6eb98091623b0d43e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80e168ad9de23686-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 04:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxHOoqtrPRvPCcOvVDmCZCmJ%2B8IPifSBR%2FtkpMksjLgy%2FhoMRSVjl%2BdylqJ2hG5VOTsAtHkABjUBQAdxZXYx5V%2F%2BWB0t%2B7IlKSRcXiz%2BzcW%2F%2FNmmFoMfMw3iRsg69IQShM7su8WkaHVLk6kT9bV1%2F553juCVPV%2BQg4PcQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-length
288
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 04:16:07 GMT
expires
0
location
https://track.thatconvertingoffer.com/rc/736006a179?affclick=23I29094607A036399028631hP2rJ&pubid=36399&pubid=c49f6
pragma
no-cache
surrogate-control
no-store
vary
Accept, Accept-Encoding
x-powered-by
Express
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: track.thatconvertingoffer.com
URL: https://track.thatconvertingoffer.com/rc/736006a179?affclick=23I29094607A036399028631hP2rJ&pubid=36399&pubid=c49f6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 04:16:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KM42YGW01YCMFSGA
age
923
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
qNBAdWusLatDcfG6wdrvVtqvtToOZOAXnUye6ynbUf3QLz2FQeBYFcc7BG4EGthvOUwHtRd6zlw=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBdd8RNvhxlsXeG%2BXp98q6QNIL4BXZismcYbEuFy6skMNJks70Pn5MIzPcHQqFaxdivHr2rvJRH8IKP2NZA1dr5dTu6AByMKnvi1oLwU2s%2FafRjL4G%2Fku%2FngoWO%2Ba2%2BYiuDZO2ZnkpMLKan3gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
80e168aeaef3bb86-FRA
main.js
track.thatconvertingoffer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 5F61
Redirect Chain
  • https://track.thatconvertingoffer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://track.thatconvertingoffer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.thatconvertingoffer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Protocol
H2
Server
2606:4700:3033::ac43:837e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16313ca66ae56f3b0ba8bf683fd782129835ad4099e2b525a58c6f6154a489f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 04:16:07 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxnBIh%2BVLadwo8SkX2TIfUdJPi1a36SFmMO2ckwGLuFbgZSS2gSUOKu7NKh1X8aSrsTsUo%2F6D5w7tVM%2BREUOybsL4DeOVniirUWq2OUaT460cTxn82Jl3NLI2fjFQ7qoXUQWjzdBYCuyiv2KGNzyRtrBFCtFYOq0bCHGOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
80e168af2f053686-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 29 Sep 2023 04:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGfwZqs4d3K04uZCb6pbE9AfEdGa4QLLttPQK8Lwhc%2F3gTBoxapps%2B3pLYX%2FLG6Z5h5OzjQbBwZ2c8JtGbP3jBXlu56Kk3fVueoa48Iy60%2FDrVv3VAbpcqD6pNosdcowzo741fx9oF9ppQxTFtr2ZK9ybA5pOn5gQ4R1pg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
80e168af0efd3686-FRA
alt-svc
h3=":443"; ma=86400
80e168ad9de23686
track.thatconvertingoffer.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 5F61 		0
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.thatconvertingoffer.com/cdn-cgi/challenge-platform/h/g/jsd/r/80e168ad9de23686
Requested by
Host: track.thatconvertingoffer.com
URL: https://track.thatconvertingoffer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:837e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Sep 2023 04:16:07 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiGB1GX8wlWtodVgY2ujfa%2FKwMer%2BQYCTHHGAbOifQaWG7Ig%2BGrGbP5dfCpUgKJ8KOtb%2BknbNZTHTwHZyK3PW0zAkgwvBgrsGQKzV38cpIodcYACCqA7VOqzOffOiZII%2FGRrygEctXCwdVj%2FTi7QACIcIpGEmkcgAyLi4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
80e168afebc890ec-FRA
alt-svc
h3=":443"; ma=86400
aHR0cDovL3RyYWZmaXgxLmNvbQ==
popmyads.com/serve/52264/48075/szqpmqqoapdpgpq/
Redirect Chain
  • https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&s=11213b3c&pid=pub8a6fbd451bc4449a854c939d652ff438
  • https://popmyads.com/serve/52264/48075/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxLmNvbQ==
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/serve/52264/48075/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxLmNvbQ==
Requested by
Host: track.thatconvertingoffer.com
URL: https://track.thatconvertingoffer.com/rc/736006a179?affclick=23I29094607A036399028631hP2rJ&pubid=36399&pubid=c49f6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Referer
https://track.thatconvertingoffer.com/rc/736006a179?affclick=23I29094607A036399028631hP2rJ&pubid=36399&pubid=c49f6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80e168b22e6f903a-FRA
content-encoding
br
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Fri, 29 Sep 2023 04:16:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APvYPAarXh0MjWmVs6f%2FXJW%2BE3bAqkHTJyB%2Bl691uleNEhZj5Jg9Ji%2B7rlbCWgM5cZ3r1t93JfSKPgl%2B956umNORDz0zz0hTTYXzk%2BTxLd68130IixsUk8EzpdoiVfZsFsvZ20tIC0TB22o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
x-powered-by
PHP/7.1.33

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 29 Sep 2023 04:16:07 GMT
Location
https://popmyads.com/serve/52264/48075/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxLmNvbQ==
Server
nginx
Transfer-Encoding
chunked
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/swidget/popmyads.png
  • https://widgets.amung.us/draw/?w=small&n=22700&c=ffc20e000000&p=left
368 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=small&n=22700&c=ffc20e000000&p=left
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://popmyads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 04:16:08 GMT
cf-cache-status
HIT
last-modified
Wed, 30 Aug 2023 07:35:01 GMT
server
cloudflare
age
2580067
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
80e168b5b94a1c34-FRA
expires
Thu, 31 Aug 2023 07:35:01 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=small&n=22700&c=ffc20e000000&p=left
date
Fri, 29 Sep 2023 04:16:08 GMT
cache-control
max-age=295
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
80e168b4c8831c34-FRA
content-type
text/html; charset=UTF-8
Primary Request 30
popmyads.com/return/
Redirect Chain
  • https://popmyads.com/gget
  • http://kuno-gae.com/0480753250?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://popmyads.com/return/30
  • https://popmyads.com/return/30?clickid=eb655149-5e7e-11ee-a86e-0ab5beac3f4d
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/return/30?clickid=eb655149-5e7e-11ee-a86e-0ab5beac3f4d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:a615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://popmyads.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80e168c0e9ca92c5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 29 Sep 2023 04:16:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zAXcTMDliGEVkzSOFyjunZZRyb1%2F8iANPnjq31I5Q2Z6THurRYwHFwMz%2Bd%2Byj3zznpW6XxOk5GmInEaEVL9llueUi0aYzpqd9ftCjAAN0q7vfKtGDl9eehTAhupKgLz4yS0rGtoRkh5K%2Bc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33

Redirect headers

Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Length
0
Date
Fri, 29 Sep 2023 04:16:10 GMT
Location
https://popmyads.com/return/30?clickid=eb655149-5e7e-11ee-a86e-0ab5beac3f4d
Server
QglepwyC
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: popmyads.com
URL: https://popmyads.com/return/30?clickid=eb655149-5e7e-11ee-a86e-0ab5beac3f4d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://popmyads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 29 Sep 2023 03:44:21 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1910
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 29 Sep 2023 05:44:21 GMT
0
popmyads.com/returngo/MTY5NTk2MDk3MUFWYlhUMHFadG1rZE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTIuMC41NjE1LjI5IFNhZmFyaS8... 		0
0
collect
www.google-analytics.com/j/ 		3 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=714593065&t=pageview&_s=1&dl=https%3A%2F%2Fpopmyads.com%2Freturn%2F30%3Fclickid%3Deb655149-5e7e-11ee-a86e-0ab5beac3f4d&ul=en-us&de=UTF-8&dt=PopMyAds%20Redirecting...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=1080136646&gjid=1751210244&cid=1029431198.1695960972&tid=UA-43135408-1&_gid=56798201.1695960972&_r=1&_slc=1&z=2058275970
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://popmyads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.29 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 04:16:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://popmyads.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
popmyads.com
URL
https://popmyads.com/returngo/MTY5NTk2MDk3MUFWYlhUMHFadG1rZE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTIuMC41NjE1LjI5IFNhZmFyaS81MzcuMzY=/30/1600x1200/8/4/0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

3 Cookies

Domain/Path Name / Value
track.thatconvertingoffer.com/ Name: AWSALB
Value: reLSdmU0gOyHnkPGlb7CaXRYBGv84B2V96QWvp1zXezkwDS/OlQoh0Zw8w7PpZkFIBsC1NX6tvXcxJ5BC+e6SdYKw4KHyPpTsmVMux5uCUACmXE+6t/bz/L14+fk
.thatconvertingoffer.com/ Name: cf_clearance
Value: etoosduXxE7jDA_ebCyg5izwWuxebo4rLcfVsOnoE58-1695960967-0-1-d5cb0285.860973a6.569d9ab9-0.2.1695960967
popmyads.com/ Name: wGprrBLT
Value: 2