urlscan.io logo urlscan.io
SecurityTrails logo

security.popim.xyz Open in urlscan Pro
2606:4700:3037::ac43:d0bc  Public Scan

Go To Rescan Add Verdict Report
URL: https://security.popim.xyz/
Submission: On November 21 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 1 countries across 7 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3037::ac43:d0bc, located in United States and belongs to CLOUDFLARENET, US. The main domain is security.popim.xyz.
TLS certificate: Issued by WE1 on October 21st 2024. Valid for: 3 months.
This is the only time security.popim.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2606:4700:3037::ac43:d0bc (United States)

ASN13335 (CLOUDFLARENET, US)
security.popim.xyz
4    2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
7    2607:f8b0:4006:806::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)
ep1.adtrafficquality.google
2    2607:f8b0:4006:809::2001 (United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
Apex Domain
Subdomains		 Transfer
10 popim.xyz
security.popim.xyz
4 MB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
197 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
19 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
53 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 5439
260 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
31 KB
29 7
Domain Requested by
10 security.popim.xyz 1 redirects security.popim.xyz
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com security.popim.xyz
pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 www.google.com pagead2.googlesyndication.com
ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 partner.googleadservices.com www.google.com
1 code.jquery.com security.popim.xyz
29 8

This site contains links to these domains. Also see Links.

Domain
generatepress.com
Subject Issuer Validity Valid
popim.xyz
WE1		 2024-10-21 -
2025-01-19		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.googleadservices.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://security.popim.xyz/
Frame ID: 4857144A71FB3B5F76B3B1FD86297CA4
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241119/r20190131/zrt_lookup_fy2021.html
Frame ID: 4F82CA53CB29296C05FE9DD15FF8F3C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7163477569667522&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1732148228&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fsecurity.popim.xyz%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732148227942&bpp=30&bdt=598&idt=563&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2824914177080&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088250%2C95345966%2C95347756&oid=2&pvsid=2380753183882287&tmod=921222127&uas=0&nvt=1&fsapi=1&fc=1920&brdim=290%2C290%2C290%2C290%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=634
Frame ID: 46890BAD07FB0FBB09F8006F15D7C288
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7163477569667522&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732148228&rafmt=1&to=qs&pwprc=8397321414&format=1200x280&url=https%3A%2F%2Fsecurity.popim.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732148227972&bpp=3&bdt=627&idt=636&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=2824914177080&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088250%2C95345966%2C95347756&oid=2&pvsid=2380753183882287&tmod=921222127&uas=0&nvt=1&fc=1920&brdim=290%2C290%2C290%2C290%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=652
Frame ID: D7835B04EC362A7B512D228049A92DC3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7163477569667522&output=html&h=280&adk=926476324&adf=592498440&pi=t.aa~a.3369044679~rp.4&w=360&abgtt=6&fwrn=4&fwrnh=100&lmt=1732148229&rafmt=1&to=qs&pwprc=8397321414&format=360x280&url=https%3A%2F%2Fsecurity.popim.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732148229183&bpp=1&bdt=1838&idt=-M&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0abd5ed167596269%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MbhPF7PTYLY3ow09t9fp9wtHT11_w&gpic=UID%3D00000db3896b5cbf%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MaBXzSCIoJlsF-KjJh8xuNpZ8Hg_g&eo_id_str=ID%3D7bfad89b1d243236%3AT%3D1732148228%3ART%3D1732148228%3AS%3DAA-AfjbUcWsoMzpCDgtJk8bNo1ij&prev_fmts=0x0%2C1200x280&nras=3&correlator=2824914177080&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088250%2C95345966%2C95347756&oid=2&pvsid=2380753183882287&tmod=921222127&uas=0&nvt=1&fc=1920&brdim=290%2C290%2C290%2C290%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=25
Frame ID: D4930E69BE71905BC28B70A0A73F50F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7163477569667522&output=html&h=280&adk=2546437900&adf=1960128240&pi=t.aa~a.2503141246~rp.4&w=820&abgtt=6&fwrn=1&fwrnh=100&lmt=1732148229&rafmt=1&to=qs&pwprc=8397321414&format=820x280&url=https%3A%2F%2Fsecurity.popim.xyz%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732148229183&bpp=1&bdt=1839&idt=-M&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0abd5ed167596269%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MbhPF7PTYLY3ow09t9fp9wtHT11_w&gpic=UID%3D00000db3896b5cbf%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MaBXzSCIoJlsF-KjJh8xuNpZ8Hg_g&eo_id_str=ID%3D7bfad89b1d243236%3AT%3D1732148228%3ART%3D1732148228%3AS%3DAA-AfjbUcWsoMzpCDgtJk8bNo1ij&prev_fmts=0x0%2C1200x280%2C360x280&nras=4&correlator=2824914177080&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088250%2C95345966%2C95347756&oid=2&pvsid=2380753183882287&tmod=921222127&uas=0&nvt=1&fc=1920&brdim=290%2C290%2C290%2C290%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=41
Frame ID: 39E89369C6E4D45EB50B82AF43F0493E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7163477569667522&output=html&h=280&adk=2546437900&adf=2043691330&pi=t.aa~a.2503140167~rp.4&w=820&abgtt=6&fwrn=1&fwrnh=100&lmt=1732148229&rafmt=1&to=qs&pwprc=8397321414&format=820x280&url=https%3A%2F%2Fsecurity.popim.xyz%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732148229183&bpp=1&bdt=1839&idt=-M&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0abd5ed167596269%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MbhPF7PTYLY3ow09t9fp9wtHT11_w&gpic=UID%3D00000db3896b5cbf%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MaBXzSCIoJlsF-KjJh8xuNpZ8Hg_g&eo_id_str=ID%3D7bfad89b1d243236%3AT%3D1732148228%3ART%3D1732148228%3AS%3DAA-AfjbUcWsoMzpCDgtJk8bNo1ij&prev_fmts=0x0%2C1200x280%2C360x280%2C820x280&nras=5&correlator=2824914177080&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088250%2C95345966%2C95347756&oid=2&pvsid=2380753183882287&tmod=921222127&uas=0&nvt=1&fc=1920&brdim=290%2C290%2C290%2C290%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=53
Frame ID: 5ABCF863AF3DC7597B07FDA7FC9B2457
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7163477569667522&output=html&h=280&adk=2546437900&adf=30658758&pi=t.aa~a.2503122700~rp.4&w=820&abgtt=6&fwrn=1&fwrnh=100&lmt=1732148229&rafmt=1&to=qs&pwprc=8397321414&format=820x280&url=https%3A%2F%2Fsecurity.popim.xyz%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732148229183&bpp=1&bdt=1839&idt=1&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0abd5ed167596269%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MbhPF7PTYLY3ow09t9fp9wtHT11_w&gpic=UID%3D00000db3896b5cbf%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MaBXzSCIoJlsF-KjJh8xuNpZ8Hg_g&eo_id_str=ID%3D7bfad89b1d243236%3AT%3D1732148228%3ART%3D1732148228%3AS%3DAA-AfjbUcWsoMzpCDgtJk8bNo1ij&prev_fmts=0x0%2C1200x280%2C360x280%2C820x280%2C820x280&nras=6&correlator=2824914177080&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088250%2C95345966%2C95347756&oid=2&pvsid=2380753183882287&tmod=921222127&uas=0&nvt=1&fc=1920&brdim=290%2C290%2C290%2C290%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=58
Frame ID: A54C272711D7E42CEB98D7BE984B9A65
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 5EC02F58C278B45A7D9057755EC4B428
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 399472A6E39E930AE1242FC01003E914
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

security.popim.xyz

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

90 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

9
IPs

1
Countries

4771 kB
Transfer

5516 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://security.popim.xyz/favicon.ico HTTP 302
  • https://security.popim.xyz/wp-includes/images/w-logo-blue-white-bg.png

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
security.popim.xyz/ 		73 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://security.popim.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d0bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7badbf827e3b0429f99eeaf93e9d1c5925ac4e6f6003ad71628d201221d2a9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e5c7eb45db31a1b-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 21 Nov 2024 00:17:07 GMT
link
<https://security.popim.xyz/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMe%2FU8xZHS%2Fwh7BEfWccnpvzOCbGPrGRrMgsEpn3W5dGjnsKNdehIwS2w9fIc6BE6bandpnBS%2FgMXQkaa88w9Ffq10K12I8OU71BClH3iEuR3YzCcM1jSP6x5kIWti3EwKYMHJssXLmnnW216m4BPgo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=140111&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4229&recv_bytes=4435&delivery_rate=4701&cwnd=12000&unsent_bytes=0&cid=3c5c68d04bcb4ad1&ts=284&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-litespeed-cache
hit
x-ua-compatible
IE=edge
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7163477569667522
Requested by
Host: security.popim.xyz
URL: https://security.popim.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b79dc841f5c4c9368e7305c00fbe3c62184fcf3b056ca67671df9498b41573f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://security.popim.xyz
Referer
https://security.popim.xyz/

Response headers

content-encoding
br
etag
15259133188981199918
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 00:17:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 21 Nov 2024 00:17:07 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53699
x-xss-protection
0
server
cafe
style.min.css
security.popim.xyz/wp-includes/css/dist/block-library/ 		112 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://security.popim.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.7
Requested by
Host: security.popim.xyz
URL: https://security.popim.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d0bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"1c012-67370170-4953f5;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eTKD%2FUm%2Fcer6105Su%2BFryH5q5Ku46ZksZCKzPYM%2FiVsb9ijZqDHJvNuhmL8LmJM0YbBSkC8r9K82vuIbRGrmqpJR9%2FDfXFaDT23ptbcAhjp0%2BkB75%2BUcpTl3YpEZidZBP%2BpY%2BamnT9lHm8TyMjzVzzY%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 00:17:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=102094&sent=28&recv=23&lost=0&retrans=0&sent_bytes=17044&recv_bytes=6906&delivery_rate=172381&cwnd=13200&unsent_bytes=0&cid=3c5c68d04bcb4ad1&ts=468&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 00:17:07 GMT
content-type
text/css
last-modified
Fri, 15 Nov 2024 08:08:16 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5c7eb56ee81a1b-EWR
server
cloudflare
main.min.css
security.popim.xyz/wp-content/themes/generatepress/assets/css/ 		19 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://security.popim.xyz/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.5.1
Requested by
Host: security.popim.xyz
URL: https://security.popim.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d0bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"4c38-67371489-491a41;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BvWQI3sbl%2FrbabY%2B9suSwkBK9hyI5KS4fXmKN91adku3at0Ob1XT%2F5vv%2BdIqDOsoFzUklG24QYQKqT2zk1cZZinUDj4g6kzM96GYhD1u3PNYWF8Y5GIUkPNt1kshMetJp7p0%2FcSk%2B0CR0Q1Uus4p8r4%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 00:17:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=102094&sent=39&recv=23&lost=0&retrans=0&sent_bytes=30244&recv_bytes=6906&delivery_rate=172381&cwnd=13200&unsent_bytes=0&cid=3c5c68d04bcb4ad1&ts=471&x=1", cfExtPri, cfHdrFlush;dur=49
date
Thu, 21 Nov 2024 00:17:07 GMT
content-type
text/css
last-modified
Fri, 15 Nov 2024 09:29:45 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5c7eb56eed1a1b-EWR
server
cloudflare
featured-image-1731664568-1.png
security.popim.xyz/wp-content/uploads/2024/11/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.popim.xyz/wp-content/uploads/2024/11/featured-image-1731664568-1.png
Requested by
Host: security.popim.xyz
URL: https://security.popim.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d0bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd5ef3a4fa86d7bb349a1f47700d835be8a030e4351b45966d28272a4ad8ff5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

cf-cache-status
MISS
etag
"1b8f77-67371ab8-4939b6;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zplGiQFv%2BQL65R7zfsKOZ3BMVQxsVPknVJs5vw4n5zSYgEdaZ3UU6QTeKmEUCXadjJbRp8TDc4vT1dVWR7f9jBY5rs0CoCOYgPl9fSKXbzWJCfhg2oRjxQJSMEj150n5oaLi4I0zGZBAgRfBnxLXZHs%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 00:17:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=102094&sent=39&recv=23&lost=0&retrans=0&sent_bytes=30244&recv_bytes=6906&delivery_rate=172381&cwnd=13200&unsent_bytes=0&cid=3c5c68d04bcb4ad1&ts=510&x=1", cfExtPri, cfHdrFlush;dur=19
date
Thu, 21 Nov 2024 00:17:07 GMT
content-type
image/png
last-modified
Fri, 15 Nov 2024 09:56:08 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5c7eb56eef1a1b-EWR
accept-ranges
bytes
content-length
1806199
server
cloudflare
featured-image-1731664545-1.png
security.popim.xyz/wp-content/uploads/2024/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.popim.xyz/wp-content/uploads/2024/11/featured-image-1731664545-1.png
Requested by
Host: security.popim.xyz
URL: https://security.popim.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d0bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ffba5250d7c06daddd38ce301fd4b62bac7d5b0da21a6d49237beeb677b2e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

cf-cache-status
MISS
etag
"13b4f6-67371aa1-4939a9;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1v8knF5fjYKApNzrVSXwaFiUEyQLG%2FLe1e5XmzfUCSr%2BN3B5IgUhTCfebKuUjVC6JK0qfwn1DzfDE%2B0M9UNFa2uH22kcd8WvvqlwrzqJkl9jULoPJvO5%2Fr9TcIwI6VBGZ3KMMlxLu5I%2FJEa5Bc%2FYSWs%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 00:17:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=102094&sent=39&recv=23&lost=0&retrans=0&sent_bytes=30244&recv_bytes=6906&delivery_rate=172381&cwnd=13200&unsent_bytes=0&cid=3c5c68d04bcb4ad1&ts=472&x=1", cfExtPri, cfHdrFlush;dur=62
date
Thu, 21 Nov 2024 00:17:07 GMT
content-type
image/png
last-modified
Fri, 15 Nov 2024 09:55:45 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5c7eb56ef01a1b-EWR
accept-ranges
bytes
content-length
1291510
server
cloudflare
featured-image-1731664525-1.png
security.popim.xyz/wp-content/uploads/2024/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.popim.xyz/wp-content/uploads/2024/11/featured-image-1731664525-1.png
Requested by
Host: security.popim.xyz
URL: https://security.popim.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d0bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1851ace2841037c7a974c60795c6805a783082733d541d1b241c4e1ccaab680

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

cf-cache-status
MISS
etag
"15cb02-67371a8d-493996;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZDtbeBNuwcN00vmv2KtLafSRbmHW89WOLQ5FXHd9%2B153T2s6QmUFrrAviKKCBJAT1tU4rqWnQ2c1qCAFkE9AB1CrGlXeKeogC2TOledDs9N0GGfIr4t0z6x51ATBQr6KYfRYgPxr7b96G6mqlzN3oBY%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 00:17:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=102094&sent=39&recv=23&lost=0&retrans=0&sent_bytes=30244&recv_bytes=6906&delivery_rate=172381&cwnd=13200&unsent_bytes=0&cid=3c5c68d04bcb4ad1&ts=493&x=1", cfExtPri, cfHdrFlush;dur=41
date
Thu, 21 Nov 2024 00:17:07 GMT
content-type
image/png
last-modified
Fri, 15 Nov 2024 09:55:25 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5c7eb56ef61a1b-EWR
accept-ranges
bytes
content-length
1428226
server
cloudflare
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: security.popim.xyz
URL: https://security.popim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d9d"
age
2130554
x-cache
HIT, HIT
date
Thu, 21 Nov 2024 00:17:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
508945, 553030
x-served-by
cache-lga21931-LGA, cache-ewr-kewr1740026-EWR
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1732148228.571940,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30875
server
nginx
menu.min.js
security.popim.xyz/wp-content/themes/generatepress/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.popim.xyz/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1
Requested by
Host: security.popim.xyz
URL: https://security.popim.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d0bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"1ca5-67371489-491a66;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9MlAqQTeb4vuSDdG9AhvNpnMqs0LhkJKmYhev%2BiYJXioaEnjEJlXuETLl9fuaxF7%2BDmb1267XJhshwXmjIAjehu6vshYCqGcCEK0nf97jhZChlLgYMkBhQZSBusyhGWZgMQWOkSOXWGuJr71GOPNnaw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5c7eb57f051a1b-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=102094&sent=39&recv=23&lost=0&retrans=0&sent_bytes=30244&recv_bytes=6906&delivery_rate=172381&cwnd=13200&unsent_bytes=0&cid=3c5c68d04bcb4ad1&ts=514&x=1", cfExtPri, cfHdrFlush;dur=27
date
Thu, 21 Nov 2024 00:17:07 GMT
content-type
text/javascript
last-modified
Fri, 15 Nov 2024 09:29:45 GMT
vary
Accept-Encoding
priority
u=2,i=?0
6c90e3fb-7242-43d9-ba3d-61b70d297b2c
https://security.popim.xyz/ Frame 		0
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7163477569667522
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a059b8eeb772a50435eb517b600f8e3c98688cb03b741d60fd33308f65ec421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

content-encoding
br
etag
11450720416681512858
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 00:17:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 21 Nov 2024 00:17:08 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147586
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241119/r20190131/ Frame 4F82 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241119/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.popim.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
2010
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 23:43:38 GMT
etag
17661348622971093804
expires
Wed, 04 Dec 2024 23:43:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4689 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7163477569667522&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1732148228&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fsecurity.popim.xyz%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732148227942&bpp=30&bdt=598&idt=563&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2824914177080&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088250%2C95345966%2C95347756&oid=2&pvsid=2380753183882287&tmod=921222127&uas=0&nvt=1&fsapi=1&fc=1920&brdim=290%2C290%2C290%2C290%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=634
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.popim.xyz/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5571
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 00:17:09 GMT
expires
Thu, 21 Nov 2024 00:17:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D783 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7163477569667522&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1732148228&rafmt=1&to=qs&pwprc=8397321414&format=1200x280&url=https%3A%2F%2Fsecurity.popim.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732148227972&bpp=3&bdt=627&idt=636&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=2824914177080&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088250%2C95345966%2C95347756&oid=2&pvsid=2380753183882287&tmod=921222127&uas=0&nvt=1&fc=1920&brdim=290%2C290%2C290%2C290%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=652
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.popim.xyz/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
401
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 00:17:08 GMT
expires
Thu, 21 Nov 2024 00:17:08 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D493 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7163477569667522&output=html&h=280&adk=926476324&adf=592498440&pi=t.aa~a.3369044679~rp.4&w=360&abgtt=6&fwrn=4&fwrnh=100&lmt=1732148229&rafmt=1&to=qs&pwprc=8397321414&format=360x280&url=https%3A%2F%2Fsecurity.popim.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732148229183&bpp=1&bdt=1838&idt=-M&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0abd5ed167596269%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MbhPF7PTYLY3ow09t9fp9wtHT11_w&gpic=UID%3D00000db3896b5cbf%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MaBXzSCIoJlsF-KjJh8xuNpZ8Hg_g&eo_id_str=ID%3D7bfad89b1d243236%3AT%3D1732148228%3ART%3D1732148228%3AS%3DAA-AfjbUcWsoMzpCDgtJk8bNo1ij&prev_fmts=0x0%2C1200x280&nras=3&correlator=2824914177080&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088250%2C95345966%2C95347756&oid=2&pvsid=2380753183882287&tmod=921222127&uas=0&nvt=1&fc=1920&brdim=290%2C290%2C290%2C290%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=25
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.popim.xyz/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 00:17:09 GMT
expires
Thu, 21 Nov 2024 00:17:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 39E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7163477569667522&output=html&h=280&adk=2546437900&adf=1960128240&pi=t.aa~a.2503141246~rp.4&w=820&abgtt=6&fwrn=1&fwrnh=100&lmt=1732148229&rafmt=1&to=qs&pwprc=8397321414&format=820x280&url=https%3A%2F%2Fsecurity.popim.xyz%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732148229183&bpp=1&bdt=1839&idt=-M&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0abd5ed167596269%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MbhPF7PTYLY3ow09t9fp9wtHT11_w&gpic=UID%3D00000db3896b5cbf%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MaBXzSCIoJlsF-KjJh8xuNpZ8Hg_g&eo_id_str=ID%3D7bfad89b1d243236%3AT%3D1732148228%3ART%3D1732148228%3AS%3DAA-AfjbUcWsoMzpCDgtJk8bNo1ij&prev_fmts=0x0%2C1200x280%2C360x280&nras=4&correlator=2824914177080&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088250%2C95345966%2C95347756&oid=2&pvsid=2380753183882287&tmod=921222127&uas=0&nvt=1&fc=1920&brdim=290%2C290%2C290%2C290%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=41
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.popim.xyz/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
207
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 00:17:09 GMT
expires
Thu, 21 Nov 2024 00:17:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5ABC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7163477569667522&output=html&h=280&adk=2546437900&adf=2043691330&pi=t.aa~a.2503140167~rp.4&w=820&abgtt=6&fwrn=1&fwrnh=100&lmt=1732148229&rafmt=1&to=qs&pwprc=8397321414&format=820x280&url=https%3A%2F%2Fsecurity.popim.xyz%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732148229183&bpp=1&bdt=1839&idt=-M&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0abd5ed167596269%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MbhPF7PTYLY3ow09t9fp9wtHT11_w&gpic=UID%3D00000db3896b5cbf%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MaBXzSCIoJlsF-KjJh8xuNpZ8Hg_g&eo_id_str=ID%3D7bfad89b1d243236%3AT%3D1732148228%3ART%3D1732148228%3AS%3DAA-AfjbUcWsoMzpCDgtJk8bNo1ij&prev_fmts=0x0%2C1200x280%2C360x280%2C820x280&nras=5&correlator=2824914177080&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088250%2C95345966%2C95347756&oid=2&pvsid=2380753183882287&tmod=921222127&uas=0&nvt=1&fc=1920&brdim=290%2C290%2C290%2C290%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=53
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.popim.xyz/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 00:17:09 GMT
expires
Thu, 21 Nov 2024 00:17:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A54C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7163477569667522&output=html&h=280&adk=2546437900&adf=30658758&pi=t.aa~a.2503122700~rp.4&w=820&abgtt=6&fwrn=1&fwrnh=100&lmt=1732148229&rafmt=1&to=qs&pwprc=8397321414&format=820x280&url=https%3A%2F%2Fsecurity.popim.xyz%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732148229183&bpp=1&bdt=1839&idt=1&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0abd5ed167596269%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MbhPF7PTYLY3ow09t9fp9wtHT11_w&gpic=UID%3D00000db3896b5cbf%3AT%3D1732148228%3ART%3D1732148228%3AS%3DALNI_MaBXzSCIoJlsF-KjJh8xuNpZ8Hg_g&eo_id_str=ID%3D7bfad89b1d243236%3AT%3D1732148228%3ART%3D1732148228%3AS%3DAA-AfjbUcWsoMzpCDgtJk8bNo1ij&prev_fmts=0x0%2C1200x280%2C360x280%2C820x280%2C820x280&nras=6&correlator=2824914177080&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088250%2C95345966%2C95347756&oid=2&pvsid=2380753183882287&tmod=921222127&uas=0&nvt=1&fc=1920&brdim=290%2C290%2C290%2C290%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=58
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.popim.xyz/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
205
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 00:17:09 GMT
expires
Thu, 21 Nov 2024 00:17:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
async-ads.js
www.google.com/adsense/search/ 		146 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/async-ads.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f2857724dadf10341ea06655be56f818974bc3eb35f1164d5b139a34d49cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

content-encoding
gzip
etag
"5710923465192130376"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 00:17:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 00:17:09 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
x-xss-protection
0
server
sffe
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=ok&evt=place&vh=1200&eid=95342163&hl=en&pvc=2380753183882287
Requested by
Host: security.popim.xyz
URL: https://security.popim.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 21 Nov 2024 00:17:09 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://security.popim.xyz/

Response headers
wp-emoji-release.min.js
security.popim.xyz/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.popim.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.7
Requested by
Host: security.popim.xyz
URL: https://security.popim.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d0bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"4926-67370170-494cf1;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gM4k0vIw%2FFfZ5hd9H9aNykHDR6rHDu5KcrmFP6ygZppxJE2F8uTrkVex7uM%2FF16rtb2N85UycWFfRmIbErnw9D2B%2FTOiXdI22NvannQYo84FwFPty%2BqCGuMuv3WLx9z49H2Iw3Yy7YtjENmzk2onHOo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5c7ec18df61a1b-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=161590&sent=1838&recv=264&lost=0&retrans=1&sent_bytes=2124964&recv_bytes=18255&delivery_rate=619327&cwnd=114000&unsent_bytes=0&cid=3c5c68d04bcb4ad1&ts=2394&x=1", cfExtPri, cfHdrFlush;dur=25
date
Thu, 21 Nov 2024 00:17:09 GMT
content-type
text/javascript
last-modified
Fri, 15 Nov 2024 08:08:16 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cookie.js
partner.googleadservices.com/gampad/ 		372 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=security.popim.xyz&client=partner-pub-7163477569667522&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f8ec6e8a60d1c09b4c59a7896581be2afcf2c0e3565140611ce31192bd8382e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
239
date
Thu, 21 Nov 2024 00:17:10 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241119&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
235037398ba5f9538be912a8866e6d286d272f9e00eacf0f3ef9bbb525adbeb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12815
date
Thu, 21 Nov 2024 00:17:12 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
w-logo-blue-white-bg.png
security.popim.xyz/wp-includes/images/
Redirect Chain
  • https://security.popim.xyz/favicon.ico
  • https://security.popim.xyz/wp-includes/images/w-logo-blue-white-bg.png
4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://security.popim.xyz/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H3
Server
2606:4700:3037::ac43:d0bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

cf-cache-status
MISS
etag
"1017-67370170-494ea3;;;"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ia90qbgqis%2Bf7y73nxxWJosIVlcktQbfm2yJESOwJHR2R556X2%2B%2Fm4SC0rdrupWWADxXKseTgCzY%2BKdecT1%2B0W%2F1TNFFxTTOpzYZoYC4dSFp%2B4rOl734SYMYCAFwBmhO2ld6pk1Jt6Z5o%2BX0CTC7UTs%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 00:17:12 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=279584&sent=4034&recv=533&lost=2&retrans=6&sent_bytes=4691050&recv_bytes=31797&delivery_rate=1534&cwnd=136800&unsent_bytes=0&cid=3c5c68d04bcb4ad1&ts=5432&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 00:17:12 GMT
content-type
image/png
last-modified
Fri, 15 Nov 2024 08:08:16 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5c7ed48bb21a1b-EWR
accept-ranges
bytes
content-length
4119
server
cloudflare

Redirect headers

x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
af3_HTTP.200,af3_HTTP.302,af3_default,af3_URL.b54ff2eddcb0060bcd786ce388d8d4d7,af3_
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZSBlI8vyQj%2BnUXjDwJeLPyaTUSLMbOazLbC1JgjFwbPhi8gC5XSHL8MHihkunfME8wJxER1e7sFPuj7PRQe48E9SBmxo5XKSilqQWbK4WxAaG%2Bi3XdZcgUA47GwQmmxFNoxwq%2BW0MDeNjZSNoOfThU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=277953&sent=4032&recv=532&lost=2&retrans=6&sent_bytes=4690088&recv_bytes=31141&delivery_rate=291031&cwnd=136800&unsent_bytes=0&cid=3c5c68d04bcb4ad1&ts=5112&x=1", cfExtPri, cfHdrFlush;dur=0
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 00:17:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
x-redirect-by
WordPress
link
<https://security.popim.xyz/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://security.popim.xyz/wp-includes/images/w-logo-blue-white-bg.png
cf-ray
8e5c7ed0ffc21a1b-EWR
x-litespeed-cache
miss
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://security.popim.xyz/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 00:17:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 00:17:12 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 5EC0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.popim.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1051
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 23:59:42 GMT
expires
Thu, 21 Nov 2024 00:49:42 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3994 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6b5udvbyUin1EjSaT_MpBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.popim.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6b5udvbyUin1EjSaT_MpBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 00:17:13 GMT
expires
Thu, 21 Nov 2024 00:17:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
security.popim.xyz
URL
blob:https://security.popim.xyz/6c90e3fb-7242-43d9-ba3d-61b70d297b2c
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241119&jk=2380753183882287&bg=!R0SlRAvNAAaIaF9IqGg7ADQBe5WfOBYU9_VjrKBBHRQ0qYQpgQTrkK-p-8czbQuB-voF5tQBri8SvfWLQdvB0RbkvTz2AgAAAG1SAAAABGgBB34ANoZ0hv7Zki69wodbzwRdp3BsxnzMsMwRA6SzFLsTuQbCnmLADVSoRiBfzPtSOCWSUjeViyQTSZkCnfe9MkOlVH0OKIKErT4HYkO8uhsANDKFxAjK9QvKnxVGpks54NV8TadQSS6-onBnvRUP6uSmUd2HbOHLm7H8ARkjsNc-E78AI0m_OFkRtx1qE03GQnywrmYR_OBAQ1nKICGa8y49O-O5Fp7P9zlrbmbuu3fO3s3kotrJVU2e6G1edpcDq8JrH8FP-tUk053t5g8hWSSJsmzgZhzrWigTYZwrq0tJOikVkLZYuqFkZOhKds1Mmo8iBRaHf85IYT_6v9B7wdr1OKe6CrLYiqXWRAxgr0mGeLTF_FXXXGozQMlYCDKwhB68jwxcl6x1Ep2a4TYzUJwig2-IvzaQR5tDFBJnOnpHND8HZuq-eMyVdoEffpRImR5dpig-hfNkBJSOzdOOsfigAOYgkl_kp-eeVshQTi8DEADhj-wxJRa5WjldSJZzuClDhtUUd-sPjS6eQllQ9HJuGMUF6wsW9MZ8oXXfq50TeoQeBAqk1BlSUKADutzjkaFzcR7UpDVHnSnzu_-hB8jFtTHswJCz5DuEk6nCQwyH15m-d8hCzNPgLAj2QyyPxXZ3Ta0fRGwoqppg0vCiYuk5p9QGO6Pqybo165QBRp_OqzuEl7K4XGgmwmcXqZKYs6mczUXNowuzhYpRg5VEC9CVhnhXB-5OFpuaoY7QLYQ1ftIdp9BpR7cSmX1m8PlfjEx14ySMCqN04U1oF9uHDYnTO_IEJxNclVmFS0TK2W5vbWg9I2fCEwhu4HzfnOaAFE2I0L4xr6oDpBMN-gKmRnmVJdeV1d2LGVpdRxV2QZ0aZFkd_rAEMgCqGw3TjPKeshhwVD6Cixebc_k4gjjKa5dEAPCycp9I4vyQm1AplKnByygkRbvOrzHfVPZL2iMyWC3u7pE5Q3O5iQ

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| _wpemojiSettings function| $ function| jQuery object| generatepressMenu object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googTempStyleOverrideInfo object| googNavStack function| _googCsa object| google_image_requests number| googleNDT_ number| googleAltLoader object| google function| __sasCookie object| twemoji object| wp object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
.popim.xyz/ Name: __gads
Value: ID=0abd5ed167596269:T=1732148228:RT=1732148228:S=ALNI_MbhPF7PTYLY3ow09t9fp9wtHT11_w
.popim.xyz/ Name: __gpi
Value: UID=00000db3896b5cbf:T=1732148228:RT=1732148228:S=ALNI_MaBXzSCIoJlsF-KjJh8xuNpZ8Hg_g
.popim.xyz/ Name: __eoi
Value: ID=7bfad89b1d243236:T=1732148228:RT=1732148228:S=AA-AfjbUcWsoMzpCDgtJk8bNo1ij
.doubleclick.net/ Name: IDE
Value: AHWqTUmGK3DHSq6kJ9615hYr1CGL9xvBlR8utSzzlzq66jMbCjKKD9lxPB12rTUc-BM
.popim.xyz/ Name: __gsas
Value: ID=11b39d826322586c:T=1732148230:RT=1732148230:S=ALNI_MYMLGdYqoBhiplCxs4SS8fjFBAHlw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
security.popim.xyz
www.google.com
ep1.adtrafficquality.google
security.popim.xyz
2606:4700:3037::ac43:d0bc
2607:f8b0:4006:806::2002
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:820::2002
2a04:4e42:200::649
0b79dc841f5c4c9368e7305c00fbe3c62184fcf3b056ca67671df9498b41573f
235037398ba5f9538be912a8866e6d286d272f9e00eacf0f3ef9bbb525adbeb0
2f8ec6e8a60d1c09b4c59a7896581be2afcf2c0e3565140611ce31192bd8382e
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3dd5ef3a4fa86d7bb349a1f47700d835be8a030e4351b45966d28272a4ad8ff5
47ffba5250d7c06daddd38ce301fd4b62bac7d5b0da21a6d49237beeb677b2e2
4a059b8eeb772a50435eb517b600f8e3c98688cb03b741d60fd33308f65ec421
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
80f2857724dadf10341ea06655be56f818974bc3eb35f1164d5b139a34d49cb8
bc7badbf827e3b0429f99eeaf93e9d1c5925ac4e6f6003ad71628d201221d2a9
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56
e1851ace2841037c7a974c60795c6805a783082733d541d1b241c4e1ccaab680
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99