urlscan.io logo urlscan.io
SecurityTrails logo

popullarmedilin.online Open in urlscan Pro
2606:4700:3035::6815:56e5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ellessel.biologicalfindings.online/
Effective URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&...
Submission: On April 10 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3035::6815:56e5, located in United States and belongs to CLOUDFLARENET, US. The main domain is popullarmedilin.online.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2024. Valid for: 3 months.
This is the only time popullarmedilin.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 172.67.214.179 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
12 172.67.137.110 13335 (CLOUDFLAR...)
16 139.45.197.253 9002 (RETN-AS)
34 3
Apex Domain
Subdomains		 Transfer
18 popullarmedilin.online
popullarmedilin.online
749 KB
16 notix.io
notix.io — Cisco Umbrella Rank: 13586
46 KB
2 biologicalfindings.online
ellessel.biologicalfindings.online
biologicalfindings.online
2 KB
34 3
Domain Requested by
18 popullarmedilin.online popullarmedilin.online
16 notix.io popullarmedilin.online
notix.io
1 biologicalfindings.online 1 redirects
1 ellessel.biologicalfindings.online 1 redirects
34 4

This site contains no links.

Subject Issuer Validity Valid
popullarmedilin.online
GTS CA 1P5		 2024-04-03 -
2024-07-02		 3 months crt.sh
notix.io
R3		 2024-02-17 -
2024-05-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Frame ID: 09CFF57E46500245DD0D1992FA34B4CE
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cum să arăți mai tânără decât vârsta ta dacă nu poți vizita un cosmetolog?

Page URL History Show full URLs

  1. https://ellessel.biologicalfindings.online/ HTTP 302
    https://biologicalfindings.online/c09pl1k.php?key=vzghz3ds0arkb06xkyo6&check=0 HTTP 302
    https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&traffi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

794 kB
Transfer

1081 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ellessel.biologicalfindings.online/ HTTP 302
    https://biologicalfindings.online/c09pl1k.php?key=vzghz3ds0arkb06xkyo6&check=0 HTTP 302
    https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/
Redirect Chain
  • https://ellessel.biologicalfindings.online/
  • https://biologicalfindings.online/c09pl1k.php?key=vzghz3ds0arkb06xkyo6&check=0
  • https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost...
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:56e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08ae4277ba235fa9d1efefdf654bb647d9e5bda5c0cd77359aeec1b72435753b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8725b100ffb54bcc-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 10 Apr 2024 21:04:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BcaZLjvkL5q5YCwS1EjaXIPjAuUhAiTVZkowWISu%2BUHQ0vm3H%2FG5i7H1BUZHQg4B8mlSG6U35ByHWPCbc7ha1Bq7qQ6yXHG8VDjc%2Fe8cEjXIYZIf%2BrUYIPaK%2BvO7CtwtRTpBphOPiWuUrzWamD4Nl4%2FgMw8x"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8725b0fadfc74bc0-BUF
content-type
text/html; charset=UTF-8
date
Wed, 10 Apr 2024 21:04:48 GMT
location
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eCfJahL6i9MYQhXPpS9r4rFSUBn%2B8TFWFP0aY1I0eP0LLzOBgZtLCISdCrfBUfjphMtelyGAL6gu4X6y8yreiErXc8EpGQZBQ%2F4GzdC1H82E8OS1zStEIli4HW2dHQZLijtCJt78sSyremTm"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.css
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/style.css
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:56e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5825f35939fbf8e004948afcf42a3a88b0ad44b90adf4ea72275225916e15944

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65cce5a5-6598"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MB%2F0zQmMWosWxGQGsL4KwVOXq13PIb4GLElsBSi%2FxfAqcSe5DGYFKSmkr4iz3jHa9QiPSLLBeOUaUYuiDL61HSV4cSK4opTwnLORL3C9x09SXu4ga0h1sOlvdlCYR4Dcz4ipbA3DI%2FMcTBXyPXw6KiBFcv2c"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8725b102a8984bcc-BUF
alt-svc
h3=":443"; ma=86400
style.min.css
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/style.min.css
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:56e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6e02f0335d59edf4569b537afae81876ea6d12501908b611282ef27d225dee

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65cce5a5-774c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZPRbwsuAs8TBaHxrp0NYZvJf9XKy2MbE0pPoiPZrBvp8y7qB4gqPHo3HSnQ39vH5%2BwQZUnhGoUGcDXs6oKPO%2B%2B9nxmEayldpbfitLc%2FhzFnbad%2FxZf3vVu0kYuCWSaZM7FicoCRLpvo5jBMTcP%2FlKwFXT3r"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8725b102a89a4bcc-BUF
alt-svc
h3=":443"; ma=86400
css2.css
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/css2.css
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:56e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9yYzreRtzbxzNYb9fp89x88TfeMHGmCgcqqV5hBjJyhQsqsBBTPi4S3Ygvr3r9c%2FOGVX8BZQPgb88EP%2Bxu3ztGVTrZVC4HmijPPg%2BzdzX0n6nm7zilrVR5BOfamJhcR40%2FMk36p1HN%2BiXwI9PLTv4SoCIPWM"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8725b102a89b4bcc-BUF
alt-svc
h3=":443"; ma=86400
1wb0e2tny4u951fuyle2r9getv.jpg
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		712 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/1wb0e2tny4u951fuyle2r9getv.jpg
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:56e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5fad4cc57f5bb13ea8c1abafe67fbe014c468caf9694b86dbb0a4e4004a1424

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65cce5ac-2c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DfxiE0UcsbZUFyBXwjIBBiAshQkpeI3KCmYA5nLBwECgFjTsBloy1Nc%2FFgGrwiTEk%2FW8H0rzlzS8uoqSg9gyhKqEYWKiX5naGxOr5wO5yORlw4Map9%2FCVeLM8qLcPEbm22jptnlRyC%2FWpo9QK3bQHjBMlGJ8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8725b102a89d4bcc-BUF
alt-svc
h3=":443"; ma=86400
content-length
712
1i96go4gqz5z3jcczatlttua5.jpg
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/1i96go4gqz5z3jcczatlttua5.jpg
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:56e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
970a0ea65ae9d32f30b01be602f31c821065b24564f31199c929ca4d3ee0d8cb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65cce5ad-cee4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1m2t%2B3xTWrYiQczNoG1vG7vaWxGMRyzQccb0IiLX9ChgyGYX2cpNTdi3SxCdjdg2cnd52P6gxykTLbmvzmfK%2FjWGqTbPmBKU0L3GmEPnGp8PLsRBjwOvh1AxX4kvmR%2Bgq3Qscwiz4lheQaRR6Vs6q56ghXV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8725b102a89f4bcc-BUF
alt-svc
h3=":443"; ma=86400
content-length
52964
2cv0min6nai261tvvz2zlaqukk.jpg
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/2cv0min6nai261tvvz2zlaqukk.jpg
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17687ba839881f29abb79d2559e45919d31cb350a2b924b7f6736e99959d5135

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65cce5ab-957f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZM507yh%2BYdcZDw20D%2Ft0y7EGoyJSvRZ8RdugcOgs74ubXK8Djn9nbiaET2sXe03dUTrc8BeB6tTDLnr4GuqhM5x%2FyifJXR6kHgQ9uSui3Io%2BEGBQY9mWhdE1wlxymKaFHHQ5gBRWPWtJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8725b10318286aee-BUF
alt-svc
h3=":443"; ma=86400
content-length
38271
193i66i400sup31i67rid7qh6t.jpg
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/193i66i400sup31i67rid7qh6t.jpg
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a9b228828961c63855aad33e61d0b48a7b0a8fa245b0721a6b0c0c768866a60

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65cce5ad-123bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OnBQjVVRC0jbf1GPLMpEYIk%2BAfwzW9d02kJ7BY2aWWywKvzbTDnjdt96074p2U%2F13nYX15sYRUAjsInvvj8ZFnMx%2BGeKEiRw4jWfDroyPWyjRbxisYjT13F9AF%2F49iR4Bdwj3urIUDzj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8725b103182a6aee-BUF
alt-svc
h3=":443"; ma=86400
content-length
74683
hhk6s3cw46uu3bztmzjycrnox.jpg
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/hhk6s3cw46uu3bztmzjycrnox.jpg
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0090c9492294ab47b09676519ff8632c8e0317490b812a6219714f1dcf06e6f7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65cce5a8-133bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0oiRFYRlIXP8N7zW4R62%2FVAjCG2PhxHq9FBVf95SkfJZXFgO%2FwaK1Jud6wSnKNnQ1rH7knO2HZlzZJ5sH6cBuwG%2Bfg9Jr7ZLDvbuO0qNEFcTedi%2B%2Fe5z%2BgO%2FtHxJaYT6V1yxrE7ZNLVG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8725b103182c6aee-BUF
alt-svc
h3=":443"; ma=86400
content-length
78779
3p73wyivzsw2j2qjpjssbvpicu.jpg
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/3p73wyivzsw2j2qjpjssbvpicu.jpg
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d34cd5898bf009377b9a3b382d12335fd44a7d025c81e997f6f039cce098a9cd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65cce5aa-c9f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zAlMB%2Bg4C9nvd8K65TtezerCBAvtsUcPtTfQQuq%2F0rYYHJwskXYLQu2T0es4mxzMggaEPMdVq3mspcaK8SoGwxgPMfbk3cbqWEc6mc68N9R3xvlI3s38EOFZufwksAAzXFVLtNOmkjVW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8725b10318326aee-BUF
alt-svc
h3=":443"; ma=86400
content-length
51703
25sz560t4s04p2svr1xedgx210.jpg
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/25sz560t4s04p2svr1xedgx210.jpg
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55ca36a124a98663305c0262276e461d3548403bcf1b773148536c13c538fbe9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65cce5ab-958f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qfz%2FRgeL1EFNa1OcQ1Wnb%2BhOy31XWhnVErVkoCuEnIhMErgXOSw36Wmw%2FSN40zUPzWn9XpEIroRIGknkKfLSVesg2On%2BnXiwRJzIAiJZWK0iuPUThP1KOWgff6c%2FG1C473zbK9huNKLj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8725b10318336aee-BUF
alt-svc
h3=":443"; ma=86400
content-length
38287
2skn0b2dhssfd138qdswwltqs4.jpg
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/2skn0b2dhssfd138qdswwltqs4.jpg
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a088639403e7e12a0adc57b76c9c9b0e04cc0421dfbc74324d79a45a6561d55

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65cce5ab-b13c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7avkOrl61E01nGs2s04fhEOLqQ6gQkOS6icOvo2vuyTO2SA9Uw5yOqfejzInBKK19E%2FUsi6VIESw9ZzDuI05D8VCjCzFwWFOxGtmvtEr2njADWJ0pWlKXkrxzAN6OhBFI9yjTgi%2FyZjr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8725b10318346aee-BUF
alt-svc
h3=":443"; ma=86400
content-length
45372
cream.png
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		294 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/cream.png
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5846e6e7bb45a424533d10b7f3eed2e1483786df607d4cb4d97d31d1407767

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65cce5a9-4963e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZtggZ75hlzphnw2iS9IVW%2BlMPxVW2oiDwwMWtAhUKQBCwh2M4MV3BYHLyk61w0HkCzM0vKV2u%2F2gRIPlRyfAOcOKnfBFev4CvJxsnl%2F%2FCnNvKAJomS2rer4M2PZhyJ4Tybr%2BIxaD9dSs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8725b10318376aee-BUF
alt-svc
h3=":443"; ma=86400
content-length
300606
back.js
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/back.js
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8170dba15492190087019c975b0b1a3feb1dba1727aa46bb86a9da568cdf5d19

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65cce5a9-193d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8pbH2LZesot8I3y4CJNCR5DvKNUdluKPpMy3vcO5YMEE58c3fDb2gt5JwkAz1whu2vL6%2BHZMzWs0R4iyRIMtEhvLUa4PBrjdNUed2d%2Bl%2BV7QcIbkcFZ9QhnZ6vDRnWvB0aENITL1WFhs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8725b103182e6aee-BUF
alt-svc
h3=":443"; ma=86400
enot.min.js
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/enot.min.js
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7ddff63d1afd11ff5b022c838338864f1706d65eda7cf4a4660b65298da5dd6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65cce5a9-17986"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jlZ5cX7s6IGDaqYePVjpnKY9AmBpO%2BtgSzFGHR38DxNw5aLD08Wj922GfmcWqfHT%2BCvhfSoO%2Fx3s39sViAsNLXTAgbWJgqnlA1l8%2FGDMEGIal5qhcPjTVTi22r6xob3Rd%2F8GOI7DSBVr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8725b103182f6aee-BUF
alt-svc
h3=":443"; ma=86400
jquery.js
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/jquery.js
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65cce5a7-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GfWIhtadL10thM2r7TdLeUuVGf75uCP7O3L2utrPSmvLpzO3OiDFdMpUaYj6yeoJX%2FMBYI7b6xvQ6Uow6J84izltCFE4rI%2F%2BgiUvi5RLkwMf8we7bPqYvbQ7h1izFxUQxKIGMsbodT1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8725b10318306aee-BUF
alt-svc
h3=":443"; ma=86400
index.js
popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/index.js
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16e6e48c928be78c4fb465b7eae4f3b1c1dfb8e259ef22958419abf4c1b17ec3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 16:09:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65cce5a8-1749"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ACgibRDhGjImJ21WUfUVwkcDEgrccHWy1dFyCpQ1X7tYtv7DDt7roiQzcYJmJtKW2PqAq36FCvke9xa2y7JaySnuE7dsmR60Pxtxed2WdEyQcq2nJX7A9Lpg1oJlc0ah6TUFsyrw4uIi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8725b10318316aee-BUF
alt-svc
h3=":443"; ma=86400
enot.min.js
notix.io/ent/current/ 		142 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notix.io/ent/current/enot.min.js
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 21:04:50 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:17:38 GMT
server
nginx
etag
W/"65f18b52-2380d"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
event
notix.io/ 		15 B
273 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://popullarmedilin.online/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Apr 2024 21:04:50 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://popullarmedilin.online
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://popullarmedilin.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://popullarmedilin.online
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 10 Apr 2024 21:04:50 GMT
server
nginx
event
notix.io/ 		15 B
273 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://popullarmedilin.online/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Apr 2024 21:04:50 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://popullarmedilin.online
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ 		15 B
273 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://popullarmedilin.online/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Apr 2024 21:04:50 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://popullarmedilin.online
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://popullarmedilin.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://popullarmedilin.online
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 10 Apr 2024 21:04:50 GMT
server
nginx
event
notix.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://popullarmedilin.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://popullarmedilin.online
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 10 Apr 2024 21:04:50 GMT
server
nginx
settings
notix.io/ 		328 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://notix.io/settings?appId=1006b7a7665c226fd6a4fc26f85532b&ver=0.16.4
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6f9a8e2e3e56b57ed4b6f014500da6573af46dbc431c363d0c2e8b5f575860a2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:50 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://popullarmedilin.online
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
328
favicon.ico
popullarmedilin.online/ 		555 B
572 B 		Other
General
Check archive.org
Download Go to
Full URL
https://popullarmedilin.online/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/?clickid=15e88gx17pm2te76&campaign=82&trafficsource=8&user_id=1&trafficsource_name=Adskeeper%20|%20biologicalfindings.online&clickcost=0&lander=0&domain=biologicalfindings.online&referer=Unknown&time=1712790288&device_name=Desktop&device_brand=Desktop&device_model=Desktop&browser_name=Chrome&browser_version=123.0.0.0&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&language=en-US&city=Buffalo&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&t1=Unknown&t6=Unknown&t7={t7}&t2=Unknown&t3=Unknown&t8={t8}&t9={t9}&t4=Unknown&t5=Unknown&t10=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:04:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BWRlak1Ph4ZehCcFAs3ww%2F%2FHxR%2BTBp0fqfixaE6%2FnLmKLQ%2F2fhTWn%2FJwxVJJbEUCxn7jBz9bFcTtGKiyzgAKpqOIVEIwmeogYWYicSAge1UMgl%2Fl%2B9YgLOwC1ZUxULhnO7NdgtLstrbk"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8725b10c2c656aee-BUF
alt-svc
h3=":443"; ma=86400
event
notix.io/ 		15 B
273 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://popullarmedilin.online/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Apr 2024 21:04:50 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://popullarmedilin.online
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://popullarmedilin.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://popullarmedilin.online
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 10 Apr 2024 21:04:50 GMT
server
nginx
event
notix.io/ 		15 B
273 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://popullarmedilin.online/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Apr 2024 21:04:50 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://popullarmedilin.online
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ 		15 B
273 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://popullarmedilin.online/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Apr 2024 21:04:50 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://popullarmedilin.online
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://popullarmedilin.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://popullarmedilin.online
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 10 Apr 2024 21:04:50 GMT
server
nginx
event
notix.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://popullarmedilin.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://popullarmedilin.online
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 10 Apr 2024 21:04:50 GMT
server
nginx
event
notix.io/ 		15 B
273 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: popullarmedilin.online
URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://popullarmedilin.online/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Apr 2024 21:04:51 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://popullarmedilin.online
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://popullarmedilin.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://popullarmedilin.online
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 10 Apr 2024 21:04:51 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| day string| newDay object| d object| p object| monthA function| vitBack object| _0xb13a function| _0x2e65 object| s function| $ function| jQuery object| sucses object| a0_0xab7c function| a0_0x1665 object| zfgformats

2 Cookies

Domain/Path Name / Value
biologicalfindings.online/ Name: uclick
Value: gx17pm2t
biologicalfindings.online/ Name: uclickhash
Value: gx17pm2t-gx17pm2t-3v-h98n-7vdz-x9fe-x90-f43e1e

2 Console Messages

Source Level URL
Text
network error URL: https://popullarmedilin.online/landers/rozqdefzymtk/qkl2lds5q3/css2.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://popullarmedilin.online/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

biologicalfindings.online
ellessel.biologicalfindings.online
notix.io
popullarmedilin.online
139.45.197.253
172.67.137.110
172.67.214.179
2606:4700:3035::6815:56e5
0090c9492294ab47b09676519ff8632c8e0317490b812a6219714f1dcf06e6f7
08ae4277ba235fa9d1efefdf654bb647d9e5bda5c0cd77359aeec1b72435753b
16e6e48c928be78c4fb465b7eae4f3b1c1dfb8e259ef22958419abf4c1b17ec3
17687ba839881f29abb79d2559e45919d31cb350a2b924b7f6736e99959d5135
1a9b228828961c63855aad33e61d0b48a7b0a8fa245b0721a6b0c0c768866a60
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf
55ca36a124a98663305c0262276e461d3548403bcf1b773148536c13c538fbe9
5825f35939fbf8e004948afcf42a3a88b0ad44b90adf4ea72275225916e15944
5f5846e6e7bb45a424533d10b7f3eed2e1483786df607d4cb4d97d31d1407767
6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55
6f9a8e2e3e56b57ed4b6f014500da6573af46dbc431c363d0c2e8b5f575860a2
7a088639403e7e12a0adc57b76c9c9b0e04cc0421dfbc74324d79a45a6561d55
8170dba15492190087019c975b0b1a3feb1dba1727aa46bb86a9da568cdf5d19
970a0ea65ae9d32f30b01be602f31c821065b24564f31199c929ca4d3ee0d8cb
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
b5fad4cc57f5bb13ea8c1abafe67fbe014c468caf9694b86dbb0a4e4004a1424
bf6e02f0335d59edf4569b537afae81876ea6d12501908b611282ef27d225dee
d34cd5898bf009377b9a3b382d12335fd44a7d025c81e997f6f039cce098a9cd
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
f7ddff63d1afd11ff5b022c838338864f1706d65eda7cf4a4660b65298da5dd6