poop.watch Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/y9E7jeWaIo
Effective URL:
https://poop.watch/e/8w4vo552Ucv
Submission: On November 09 via manual (November 9th 2023, 12:45:27 pm UTC) from ID — Scanned from DE

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 20 domains to perform 44 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is poop.watch.
TLS certificate: Issued by GTS CA 1P5 on November 4th 2023. Valid for: 3 months.

This is the only time poop.watch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1 4	66.42.53.251 66.42.53.251	20473 (AS-CHOOPA) (AS-CHOOPA)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
5	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e6:... 2606:4700:e6::ac40:c40e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
2 3	2a00:1450:400... 2a00:1450:4001:827::200d	15169 (GOOGLE) (GOOGLE)
2	168.119.25.102 168.119.25.102	24940 (HETZNER-AS) (HETZNER-AS)
8	2a01:4f8:252:... 2a01:4f8:252:561a::2	24940 (HETZNER-AS) (HETZNER-AS)
7	168.119.25.20 168.119.25.20	24940 (HETZNER-AS) (HETZNER-AS)
1	142.91.159.93 142.91.159.93	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:20:... 2606:4700:20::681a:74a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
44	17

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.42.53.251 (Singapore, Singapore) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 66.42.53.251.vultrusercontent.com

dood.boo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrolagu.cam	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

poop.watch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
berlagu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.adevbom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ea2f8770c9.3e950d4353.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.capndr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e588190a1e.ac09f93506.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:c40e (United States)

ASN13335 (CLOUDFLARENET, US)

storage.multstorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200d (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.25.102 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.102.25.119.168.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a01:4f8:252:561a::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

f2e49209b4.bcab4297a6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 168.119.25.20 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.20.25.119.168.clients.your-server.de

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.91.159.93 (Netherlands)

ASN7979 (SERVERS-COM, US)

oj.bromisescapose.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:74a (United States)

ASN13335 (CLOUDFLARENET, US)

img.doodcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	bcab4297a6.com f2e49209b4.bcab4297a6.com	8 KB
7	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 37292	6 KB
3	google.com 2 redirects accounts.google.com — Cisco Umbrella Rank: 24	2 KB
3	metrolagu.cam metrolagu.cam — Cisco Umbrella Rank: 133433	2 KB
3	3e950d4353.com ea2f8770c9.3e950d4353.com	180 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	98 KB
2	nereserv.com nereserv.com — Cisco Umbrella Rank: 36381	401 B
2	berlagu.com berlagu.com — Cisco Umbrella Rank: 153015	1 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 38780	429 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	304 B
2	poop.watch poop.watch	5 KB
1	doodcdn.co img.doodcdn.co — Cisco Umbrella Rank: 38272	59 KB
1	bromisescapose.com oj.bromisescapose.com — Cisco Umbrella Rank: 161467	1 KB
1	ac09f93506.com e588190a1e.ac09f93506.com	207 B
1	multstorage.com storage.multstorage.com — Cisco Umbrella Rank: 31574	904 B
1	capndr.com js.capndr.com — Cisco Umbrella Rank: 35547	238 B
1	adevbom.com cdn.adevbom.com p.adevbom.com Failed	39 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	93 KB
1	dood.boo 1 redirects dood.boo	117 B
1	t.co t.co — Cisco Umbrella Rank: 607	551 B
44	20

	Domain	Requested by
8	f2e49209b4.bcab4297a6.com	ea2f8770c9.3e950d4353.com poop.watch
7	static.bookmsg.com	poop.watch ea2f8770c9.3e950d4353.com
3	accounts.google.com	2 redirects poop.watch
3	metrolagu.cam	poop.watch berlagu.com metrolagu.cam
3	ea2f8770c9.3e950d4353.com	poop.watch ea2f8770c9.3e950d4353.com
3	code.jquery.com	poop.watch berlagu.com
2	nereserv.com	ea2f8770c9.3e950d4353.com
2	berlagu.com	poop.watch
2	fp.metricswpsh.com	ea2f8770c9.3e950d4353.com
2	region1.google-analytics.com	www.googletagmanager.com
2	poop.watch	t.co poop.watch
1	img.doodcdn.co	berlagu.com
1	oj.bromisescapose.com	berlagu.com
1	e588190a1e.ac09f93506.com	ea2f8770c9.3e950d4353.com
1	storage.multstorage.com	ea2f8770c9.3e950d4353.com
1	js.capndr.com	ea2f8770c9.3e950d4353.com
1	cdn.adevbom.com	poop.watch
1	www.googletagmanager.com	poop.watch
1	dood.boo	1 redirects
1	t.co
0	p.adevbom.com Failed	cdn.adevbom.com
44	21

This site contains no links.

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
poop.watch GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
cdn.adevbom.com R3	`2023-10-03` - `2024-01-01`	3 months	crt.sh
ea2f8770c9.3e950d4353.com R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
js.capndr.com R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
multstorage.com GTS CA 1P5	`2023-09-22` - `2023-12-21`	3 months	crt.sh
e588190a1e.ac09f93506.com R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
notification.tubecup.net R3	`2023-11-09` - `2024-02-07`	3 months	crt.sh
www.metrolagu.cam R3	`2023-10-22` - `2024-01-20`	3 months	crt.sh
berlagu.com GTS CA 1P5	`2023-11-05` - `2024-02-03`	3 months	crt.sh
bcab4297a6.com R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
bookmsg.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
oj.bromisescapose.com R3	`2023-09-04` - `2023-12-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-12` - `2024-02-11`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://poop.watch/e/8w4vo552Ucv
Frame ID: 05D55BE449A606F5D0062669342F0778
Requests: 26 HTTP requests in this frame

Frame: https://poop.watch/i/8w4vo552Ucv
Frame ID: BEAD521DEF666BAB2BEE9664E0071E80
Requests: 3 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 02480BB7D79CE6BC3CCEBA247D32EB2C
Requests: 1 HTTP requests in this frame

Frame: https://berlagu.com/media/jQWuyE5jdgI
Frame ID: 747D13CC72FE02131DA0C3C88603B470
Requests: 7 HTTP requests in this frame

Frame: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Frame ID: BF3E480A1780D0AAEC036560A839512D
Requests: 2 HTTP requests in this frame

Frame: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Frame ID: 74B35793FBF8D7E613A28BC82B415BA6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

10 - PoopHD

Page URL History Show full URLs

https://t.co/y9E7jeWaIo Page URL
https://dood.boo/e/8w4vo552Ucv HTTP 301
https://poop.watch/e/8w4vo552Ucv Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

95 %
HTTPS

56 %
IPv6

20
Domains

21
Subdomains

17
IPs

4
Countries

496 kB
Transfer

1497 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/y9E7jeWaIo Page URL
https://dood.boo/e/8w4vo552Ucv HTTP 301
https://poop.watch/e/8w4vo552Ucv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyypjl2APokqVTYILCsSJj5JK8edyXbokdyestIWq-OdSvHspGIgrLcQFQirdxRNhh0sBZGoHA HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeywDW1Aw6d51Z9D4LQxID7DJPxlVOoFa0nRBj4HMFVphkhH56SL2C9gVcZnFq-gUfHDhHqky_g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S218452224%3A1699533922711087&theme=glif

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 y9E7jeWaIo
t.co/ 246 B
551 B 180ms
133ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/y9E7jeWaIo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 180
content-type: text/html; charset=utf-8
date: Thu, 09 Nov 2023 12:45:20 GMT
expires: Thu, 09 Nov 2023 12:50:21 GMT
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: a82889ef8d5bd12f7165b251b50f9a1a71677fdf5e86fb7a2ca9c180b9e597ad
x-response-time: 119
x-transaction-id: 754ea9fbd294b3ac
x-xss-protection: 0

GET
H2

200

Primary Request 8w4vo552Ucv Show response
poop.watch/e/
Redirect Chain

https://dood.boo/e/8w4vo552Ucv
https://poop.watch/e/8w4vo552Ucv

10 KB
5 KB

247ms
196ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://poop.watch/e/8w4vo552Ucv

Requested by

Host: t.co
URL: https://t.co/y9E7jeWaIo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa978ec6f6ef7cbcaba876669be806e3dcce1104f67dc99fc2d03ba5a1f47117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://t.co/y9E7jeWaIo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 823627041ef68fee-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Nov 2023 12:45:22 GMT
last-modified: Thu, 09 Nov 2023 10:46:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIJl9Wqoyug9Kf1WuMGSXaIZnuKeS3Wsmng4tlwCwTN4cBAuJBF8qg%2F99wvJx1fqJ9G4iVXM41dY%2BR0%2Bpmk6%2Blxtlrr5%2B%2FHWSgqLxiBOJL3ednWFbQ%2F0y03%2FCjxv2vQ1DpLmDuvFEm%2Fb"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Thu, 09 Nov 2023 12:45:21 GMT
location: https://poop.watch/e/8w4vo552Ucv
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 jquery-latest.min.js Show response
code.jquery.com/ 94 KB
33 KB 60ms
21ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.min.js
Requested by: Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2613714
x-cache: HIT, HIT
content-length: 33202
x-served-by: cache-lga21983-LGA, cache-fra-eddf8230088-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699533922.187375,VS0,VE0
etag: W/"28feccc0-1762a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 71, 291266

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
93 KB 75ms
38ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X

Requested by

Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20f34c27d0772eedf7f68b8439bc79cbd513c09595aecb3e0916b6d2e87bd87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94871
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Nov 2023 12:45:22 GMT

GET
H2 200 app.js Show response
cdn.adevbom.com/ 109 KB
39 KB 98ms
19ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adevbom.com/app.js
Requested by: Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: f51575c1095e52ee4600a37e8f632b63c9e621f7b49348e460b4c4befcf1f433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 30 Nov 2023 18:59:51 GMT
date: Thu, 09 Nov 2023 12:45:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1082
cdn-cachedat: 10/31/2023 18:59:51
cdn-pullzone: 244525
last-modified: Thu, 12 Oct 2023 14:53:35 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6528086f-1b27b"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBkdtWw6bPuy4t32jqOUHuagMNr%2B22og6LEiZrP4JQcI8ocuatogNdrm%2BvI3W2kOZaEXPqFTNynOV01zSETmIoaq2TLrkSujw9M%2F%2B4%2Bh15T8sxn4ziCE5PCMd78w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 81f0ee8a-6b19-463e-a8be-46c199377685
cache-control: public, max-age=2592000
cdn-requestid: b6c45c4b72aa86497ff15ec64baca5ae
cf-ray: 81ee23388c9ed38f-CDG
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 8w4vo552Ucv Show response
poop.watch/i/ Frame BEAD 517 B
560 B 272ms
271ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://poop.watch/i/8w4vo552Ucv

Requested by

Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac160524f74e8e40ea307c1b396c15afa28589e16f2674cd0478e5a8f6958b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://poop.watch/e/8w4vo552Ucv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82362705e91e8fee-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Nov 2023 12:45:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AW1%2ByoWaj1ODzL3AeDDLORgWXbGr40K2KmhUJgbeWzyW%2FfqCfIKn2oG%2BJjXtxG6pGDsL2Jw%2FuMq%2FeqlkRhWzDfbiuBoMPskeGlpJNGf3JlgxbyqRjAj0J0trtB284fLJPRzOrC1KyzXK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 f09ce45647c8a4561fd21e6c8840e07a.js Show response
ea2f8770c9.3e950d4353.com/ 160 KB
49 KB 80ms
26ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ea2f8770c9.3e950d4353.com/f09ce45647c8a4561fd21e6c8840e07a.js
Requested by: Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: a5dc40057c7904de00b24c12bdf682fb404fe471c78a99d625f89e4c8688d1d2

Request headers

Referer: https://poop.watch/
Origin: https://poop.watch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 09 Nov 2023 12:50:22 GMT
date: Thu, 09 Nov 2023 12:45:22 GMT
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 11:56:41 GMT
server: nginx/1.18.0
etag: W/"654b7779-27e9b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 50ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je3b60v9167878827&_p=1699533922217&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1813852712.1699533922&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699533922&sct=1&seg=0&dl=https%3A%2F%2Fpoop.watch%2Fe%2F8w4vo552Ucv&dr=https%3A%2F%2Ft.co%2F&dt=10%20-%20PoopHD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1190
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 12:45:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://poop.watch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 114039 Show response
ea2f8770c9.3e950d4353.com/ddf9a427c9d6c15efd155a5b309bb7ac/ 2 KB
2 KB 14ms
13ms XHR
application/json 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ea2f8770c9.3e950d4353.com/ddf9a427c9d6c15efd155a5b309bb7ac/114039?version_name=c
Requested by: Host: ea2f8770c9.3e950d4353.com
URL: https://ea2f8770c9.3e950d4353.com/f09ce45647c8a4561fd21e6c8840e07a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4661bb12d08a9eee2c2b1a05f43ca439cb64c8138c639ca593617f918582d2d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Nov 2023 12:45:22 GMT
cache-control: max-age=300
x-proxy-cache: HIT
server: nginx/1.18.0
content-type: application/json
expires: Thu, 09 Nov 2023 12:50:22 GMT

GET
H2 200 advertising.js Show response
js.capndr.com/ 0
238 B 55ms
13ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.capndr.com/advertising.js
Requested by: Host: ea2f8770c9.3e950d4353.com
URL: https://ea2f8770c9.3e950d4353.com/f09ce45647c8a4561fd21e6c8840e07a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 09 Nov 2023 12:50:22 GMT
date: Thu, 09 Nov 2023 12:45:22 GMT
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
server: nginx/1.18.0
etag: "64b105fd-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET /
p.adevbom.com/dcba/ 0
0

GET
H2 200 count.html Show response
storage.multstorage.com/log/ Frame 0248 882 B
904 B 85ms
45ms Document
text/html 2606:4700:e6::ac40:c40e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.multstorage.com/log/count.html
Requested by: Host: ea2f8770c9.3e950d4353.com
URL: https://ea2f8770c9.3e950d4353.com/f09ce45647c8a4561fd21e6c8840e07a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c40e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

Request headers

Referer: https://poop.watch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 823627077cf15d45-FRA
content-encoding: br
content-type: text/html
date: Thu, 09 Nov 2023 12:45:22 GMT
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tyY9uQXMm8%2FRo9UiImpPqFNWi3g%2FD60qOgdq02QKVYbHwCJ%2FnlgFHwVkey1jUYU4YN5Es8aSg1Tu47RmQM4bJGYDkxVOvQiQFh9uUozyJVtFpZKPoSOPS2Mv70NQ5YPJY61AwfGOgkaWgp9WjkNuNRwuFpIJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-request-id: 0c3239092bc33c64df7ae474aeee2743

GET
H2 200 track Show response
e588190a1e.ac09f93506.com/in/ 0
207 B 90ms
26ms XHR
text/plain 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://e588190a1e.ac09f93506.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDA5MDAxNjI3NjE2NDk0NDAwMCIsInRpbWV6b25lIjoxLCJ2ZXIiOiIzLjg2LjAiLCJ0YWdfaWQiOjExNDAzOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV1cm9wZS9CZXJsaW4iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4xLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiIxMCUyQ1Bvb3BIRCJ9
Requested by: Host: ea2f8770c9.3e950d4353.com
URL: https://ea2f8770c9.3e950d4353.com/f09ce45647c8a4561fd21e6c8840e07a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 12:45:22 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 a09f2eff26f7f8c0468499f82c56a9ce.js Show response
ea2f8770c9.3e950d4353.com/ 516 KB
129 KB 46ms
17ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ea2f8770c9.3e950d4353.com/a09f2eff26f7f8c0468499f82c56a9ce.js
Requested by: Host: ea2f8770c9.3e950d4353.com
URL: https://ea2f8770c9.3e950d4353.com/f09ce45647c8a4561fd21e6c8840e07a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: a10247d0f84f7a866bd82fb061cd6f8639bfbfcad43d22854a216ac8fadb10ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 09 Nov 2023 12:50:22 GMT
date: Thu, 09 Nov 2023 12:45:22 GMT
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 12:13:45 GMT
server: nginx/1.18.0
etag: W/"654b7b79-80e2e"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 58 B
429 B 95ms
65ms XHR
application/json 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=114039
Requested by: Host: ea2f8770c9.3e950d4353.com
URL: https://ea2f8770c9.3e950d4353.com/f09ce45647c8a4561fd21e6c8840e07a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: a58323209e3a40d4e8443bf4fbea932d0a7a98dd812ad65810953a732e888a4b

Request headers

Referer: https://poop.watch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 09 Nov 2023 12:45:22 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://poop.watch
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 58

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 57ms
11ms Preflight 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=114039
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.watch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://poop.watch
Connection: keep-alive
Date: Thu, 09 Nov 2023 12:45:22 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 jquery-latest.min.js Show response
code.jquery.com/ Frame BEAD 94 KB
33 KB 14ms
11ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.min.js
Requested by: Host: poop.watch
URL: https://poop.watch/i/8w4vo552Ucv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2613714
x-cache: HIT, HIT
content-length: 33202
x-served-by: cache-lga21983-LGA, cache-fra-eddf8230088-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699533922.499433,VS0,VE0
etag: W/"28feccc0-1762a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 71, 291267

GET
H2 200 embed.css
metrolagu.cam/ Frame BEAD 1 KB
610 B 785ms
251ms Stylesheet
text/css 66.42.53.251
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://metrolagu.cam/embed.css?v=1.1

Requested by

Host: poop.watch
URL: https://poop.watch/i/8w4vo552Ucv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.42.53.251 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

66.42.53.251.vultrusercontent.com

Software

nginx /

Resource Hash

6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 15:07:59 GMT
server: nginx
etag: W/"651596cf-446"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 10 Nov 2023 00:45:23 GMT

GET
H2 200 8w4vo552Ucv Show response
berlagu.com/jembud/ Frame 747D 228 B
600 B 547ms
496ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berlagu.com/jembud/8w4vo552Ucv
Requested by: Host: poop.watch
URL: https://poop.watch/i/8w4vo552Ucv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca07ac3db36ecb368743853ea4fbb4c950c5afbc41df705ddae36bad60d80e5

Request headers

Referer: https://poop.watch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 823627081ad42bdd-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Nov 2023 12:45:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0c8aC8z6vmq7RJhCgXGPgXewIiNLsm33vmlEIAmL0pFRg6gy%2FUzGTqKsAUnhIlYOnL8nzAeLswrkMC87AiY6gdXRdiC8kptg7xdmajKn6CkvaHGZ2tNxpab%2F8g%2B5MjTdtqx8N3x%2FnOrvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyypjl2APokqVTYILCsSJj5JK8edyXbokdyestIWq-OdSvHspGIgrLcQF...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeywDW1Aw6d51Z9D4LQxID7DJPxlVOoFa0nRBj4HMFVphkhH56SL2C9gVcZnFq-gUfHDhHqky_g&passive...

0
0

50ms
48ms

Image
text/html

2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeywDW1Aw6d51Z9D4LQxID7DJPxlVOoFa0nRBj4HMFVphkhH56SL2C9gVcZnFq-gUfHDhHqky_g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S218452224%3A1699533922711087&theme=glif
Requested by: Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv
Protocol: H3
Server: 2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Redirect headers

date: Thu, 09 Nov 2023 12:45:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-YBwsWxDO_RVY-yjqCnYxQQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 403
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeywDW1Aw6d51Z9D4LQxID7DJPxlVOoFa0nRBj4HMFVphkhH56SL2C9gVcZnFq-gUfHDhHqky_g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S218452224%3A1699533922711087&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 51ms
10ms XHR
text/plain 168.119.25.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=d291ba95-80d8-4ac9-91d7-ea1e7fa690d1&subid=357529620&sid=2186918103&spot_id=418774&created_at=2023-11-09&timezone=1&ver=8.113.1&is_native=1
Requested by: Host: ea2f8770c9.3e950d4353.com
URL: https://ea2f8770c9.3e950d4353.com/a09f2eff26f7f8c0468499f82c56a9ce.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.102.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 12:45:22 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
f2e49209b4.bcab4297a6.com/in/ 36 KB
4 KB 544ms
543ms XHR
application/json 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://f2e49209b4.bcab4297a6.com/in/multy
Requested by: Host: ea2f8770c9.3e950d4353.com
URL: https://ea2f8770c9.3e950d4353.com/a09f2eff26f7f8c0468499f82c56a9ce.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 2e2918aacd64e9faafc6daa34edbb632318af4d30d98b12678173c1dfb7b0a80

Request headers

Referer: https://poop.watch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 12:45:23 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 3360

OPTIONS
H2 204 multy
f2e49209b4.bcab4297a6.com/in/ Frame 0
0 191ms
17ms Preflight 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://f2e49209b4.bcab4297a6.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.watch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Thu, 09 Nov 2023 12:45:22 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

GET
H2 200 dip Show response
nereserv.com/in/ 0
200 B 50ms
10ms XHR
text/plain 168.119.25.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=89aff549-c35c-4e62-bba7-450b9290c84c&subid=388464194&sid=2919826371&spot_id=418776&created_at=2023-11-09&timezone=1&ver=8.113.1&is_native=1
Requested by: Host: ea2f8770c9.3e950d4353.com
URL: https://ea2f8770c9.3e950d4353.com/a09f2eff26f7f8c0468499f82c56a9ce.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.102.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 12:45:22 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
f2e49209b4.bcab4297a6.com/in/ 36 KB
3 KB 276ms
274ms XHR
application/json 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://f2e49209b4.bcab4297a6.com/in/multy
Requested by: Host: ea2f8770c9.3e950d4353.com
URL: https://ea2f8770c9.3e950d4353.com/a09f2eff26f7f8c0468499f82c56a9ce.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6cd094a2458fbab7e156d4a310fd4f7448c9894b9a631f3c9945130022e819fa

Request headers

Referer: https://poop.watch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 12:45:23 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 3325

OPTIONS
H2 204 multy
f2e49209b4.bcab4297a6.com/in/ Frame 0
0 190ms
16ms Preflight 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://f2e49209b4.bcab4297a6.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.watch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Thu, 09 Nov 2023 12:45:22 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

GET
H2 200 IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 790 B
947 B 145ms
14ms Image
image/webp 168.119.25.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=0a621223-5184-4e41-8651-5f0647862a77
Requested by: Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.20.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:23 GMT
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
server: nginx/1.18.0
etag: "5fbd16bb-316"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 790

GET
H2 200 IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 790 B
947 B 145ms
15ms Image
image/webp 168.119.25.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Requested by: Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.20.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:23 GMT
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
server: nginx/1.18.0
etag: "5fbd16bb-316"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 790

GET
H2 200 /
f2e49209b4.bcab4297a6.com/in/show/ 0
200 B 38ms
12ms Image
text/plain 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f2e49209b4.bcab4297a6.com/in/show/?tag_ab=c&site_id=31418776&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=t.co&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,all&ssp=3964&page=https%3A%2F%2Fpoop.watch%2Fe%2F8w4vo552Ucv&refdom=poop.watch&auction_time=1699533922&subid=388464194&sid=2919826371&tcid=0&ver=8.113.1&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-11-09&iabcat=IAB25-3&keywords=&user_fp=11385211650094762209&score=79.42519308044&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.watch%252Fe%252F8w4vo552Ucv%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fs.viicqujz.com%2Fh%2F1411%2Fm2ueuqov6b4vvexhtsby5lgjwktuk54zycq2h74ewj5hq2d2nj7gieduafrcpd7c7p6e4kxrkkxezw2p75bkzctfqjz7lqcszbf65rxm2dv5fj7nwvfyavz7tjzm4gnnlfhl6quk3tm3vd4nq6xy6s46i6l7t4gbtsejfnnxk7eebn5mswcf7vcvidnxoydwg7bhu6f5jbxem3dptnfwbb3pjoyfiqgcochpd72zzrkldwgempzhd4w6yxbuzpcfnorncstjtp3utecvtpe6bar2vvn5avnloj2jemlt6j6lfwhzyram4vcrpblu4vd7pnsxc4cbmadx23dsmn3ekrctaraeot3aid5gur4okre5c3mhnff3ausayj3ffpsiltkfeqwrodlprgeworbiis3gv6xn6sczr66uiusjozqbu6jt2bctblkq5nykher2yjz2ll3xujxzbhcywfeeefadhr4gkljginsakldkofsxifccarkearsnmalhqxlxb4zsq4crirph5scujhfhdoxuyjn5yvkxzr3xlbndjk6veehukj73sus472ye7hkiqxg63677qpn46zvgkq6rsaiwiiauqv37cetbqniupytcaeyrbqqtqmz2geldugbzg42hq7abdfpuqgybce5aacidgudrw7aaazbqkiajeithcmtvkuqtcjz4dqmbcx2rdqceqyyvfzphcxzrpf6fgqaipuxda6twizrva73lou2caesmkiaucrs6emcsqmjpbbwxu7kqizmx66dhpn5uuyyopzuxatiapnqvga2bjjgweql3lbzvyydspvlecx3ypbxvrk5d2dbkjx7msmsst5o6txgxqgghsstm2raekm54tynx57enxvoinafzh3nuqwv33om7snrra2d24boguwaggimca4lgjydqejjypa7sgbzqlzzgrlkqnnzulae2yhmh42sfijxv5ovainu3zcdkm6zlxi7yiyrjz6dcpvlug4jv3vhs7tjzkcdea5ii3edhialve54sexbhjbbhgu4shwkxw%3D%3D%3D%3Fu%3D&icons=W0OLk6r-oaM-OdKK6lR0ToBKKBaeF0zW70d1-ZMVsMzrF6TSuGrY7aUppsLKPwgu3btIL8jx_JXgWOfNKpJ9VMKPbIp5KhJ2HdaebsWWhTp5Lvbd_L5Os9zAuZKYvlMpv3-1G4FWOVRybxkkObMaSt4U3tlHWEzyrkMSFkVAOMwslVTv0g&ext_cid=0&px_id=53418776&min_cpm=0.0234160646221763&out_id=1&campaign_type=lq-pop&aid=412&cid=14080&uniq=&mid=1052930148905179714&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.08349061727617446&cpm=0&verify_hash=5989884be95e86e63f06e5da457addf0&is_native=2&real_bid=0.001225778362591453&original_bid_usd=0.001385999941859395&original_bid=0.001385999941859395&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.123%20Safari%2F537.36&ip_mismatch=2a00:c98:2050:a007:2::10&geo=DE&carrier=-&label_ids=4,89,108,0&need_redirect_show=0&applied_features=aboba%20test,main-skins-settings&show_count=1&expiration_timestamp=1699620322&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0.001385999941859395&hostname=auc-inpage-hz-6-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.001385999941859395&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=30baa0c5-0e23-4405-a14d-9493c9ead218
Requested by: Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 12:45:23 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ Frame BF3E 790 B
947 B 136ms
14ms Image
image/webp 168.119.25.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Requested by: Host: ea2f8770c9.3e950d4353.com
URL: https://ea2f8770c9.3e950d4353.com/a09f2eff26f7f8c0468499f82c56a9ce.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.20.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:23 GMT
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
server: nginx/1.18.0
etag: "5fbd16bb-316"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 790

GET
H2 200 IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ Frame BF3E 790 B
948 B 131ms
10ms Image
image/webp 168.119.25.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&st=0.01&cpa=5b8b6a1a-5a79-4a49-9792-cf382a764edf
Requested by: Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.20.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:23 GMT
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
server: nginx/1.18.0
etag: "5fbd16bb-316"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 790

GET
H2 200 /
f2e49209b4.bcab4297a6.com/in/show/ 0
201 B 27ms
11ms Image
text/plain 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f2e49209b4.bcab4297a6.com/in/show/?tag_ab=c&site_id=31418776&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=t.co&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,all&ssp=3964&page=https%3A%2F%2Fpoop.watch%2Fe%2F8w4vo552Ucv&refdom=poop.watch&auction_time=1699533922&subid=388464194&sid=2919826371&tcid=0&ver=8.113.1&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-11-09&iabcat=IAB25-3&keywords=&user_fp=11385211650094762209&score=79.42519308044&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.watch%252Fe%252F8w4vo552Ucv%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fs.viicqujz.com%2Fh%2F1411%2Fm2ueuqov6b4vvexhtsby5lgjwktuk54zycq2h74ewj5hq2d2nj7gieduafrcpd7c7p6e4kxrkkxezw2p75bkzctfqjz7lqcszbf65rxm2dv5fj7nwvfyavz7tjzm4gnnlfhl6quk3tm3vd4nq6xy6s46i6l7t4gbtsejfnnxk7eebn5mswcf7vcvidnxoydwg7bhu6f5jbxem3dptnfwbb3pjoyfiqgcochpd72zzrkldwgempzhd4w6yxbuzpcfnorncstjtp3utecvtpe6bar2vvn5avnloj2jemlt6j6lfwhzyram4vcrpblu4vd7pnsxc4cbmadx23dsmn3ekrctaraeot3aid5gur4okre5c3mhnff3ausayj3ffpsiltkfeqwrodlprgeworbiis3gv6xn6sczr66uiusjozqbu6jt2bctblkq5nykher2yjz2ll3xujxzbhcywfeeefadhr4gkljginsakldkofsxifccarkearsnmalhqxlxb4zsq4crirph5scujhfhdoxuyjn5yvkxzr3xlbndjk6veehukj73sus472ye7hkiqxg63677qpn46zvgkq6rsaiwiiauqv37cetbqniupytcaeyrbqqtqmz2geldugbzg42hq7abdfpuqgybce5aacidgudrw7aaazbqkiajeithcmtvkuqtcjz4dqmbcx2rdqceqyyvfzphcxzrpf6fgqaipuxda6twizrva73lou2caesmkiaucrs6emcsqmjpbbwxu7kqizmx66dhpn5uuyyopzuxatiapnqvga2bjjgweql3lbzvyydspvlecx3ypbxvrk5d2dbkjx7msmsst5o6txgxqgghsstm2raekm54tynx57enxvoinafzh3nuqwv33om7snrra2d24boguwaggimca4lgjydqejjypa7sgbzqlzzgrlkqnnzulae2yhmh42sfijxv5ovainu3zcdkm6zlxi7yiyrjz6dcpvlug4jv3vhs7tjzkcdea5ii3edhialve54sexbhjbbhgu4shwkxw%3D%3D%3D%3Fu%3D&icons=9Rmg46IT2AiPDAPDBTRy5Gj6n__PzruONOmEVpWLCgCHPUfhmHAr_GquJS0zrMHbC2VWfZr9F_9DjqG2KKd8MZesNYFlrGSTtp5du3k8xJ0p0tZclzw556weLFy_HGhqfFs8wruZ9Yt4cPFyZYx8Q66W5ZpVrijXLZPUweEpiaQooIOYFA&ext_cid=0&px_id=53418776&min_cpm=0.0234160646221763&out_id=0&campaign_type=lq-pop&aid=412&cid=14080&uniq=&mid=1052930148905179714&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.08349061727617446&cpm=0&verify_hash=5989884be95e86e63f06e5da457addf0&is_native=2&real_bid=0.001225778362591453&original_bid_usd=0.001385999941859395&original_bid=0.001385999941859395&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.123%20Safari%2F537.36&ip_mismatch=2a00:c98:2050:a007:2::10&geo=DE&carrier=-&label_ids=4,89,108,0&need_redirect_show=0&applied_features=aboba%20test,main-skins-settings&show_count=1&expiration_timestamp=1699620322&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0.001385999941859395&hostname=auc-inpage-hz-6-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.001385999941859395&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&st=0.01&cpa=e44653b7-196d-43f0-ac01-73282c550358
Requested by: Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 12:45:23 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 jQWuyE5jdgI Show response
berlagu.com/media/ Frame 747D 781 B
581 B 247ms
246ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berlagu.com/media/jQWuyE5jdgI
Requested by: Host: poop.watch
URL: https://poop.watch/i/8w4vo552Ucv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1852fd19b7c3e8439b88a907ee721bc64a85993756d107e7e95e1d67770c91fb

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://berlagu.com
Referer: https://berlagu.com/jembud/8w4vo552Ucv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8236270bd8202bdd-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Nov 2023 12:45:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0X9z3bISKrq5TnNmatGrL8dX031h9jnyGqa%2Fig%2BCHrzef7H%2B7uafdRb8oEh1NnWOEdjWYrN4LIOVH9yG9vyAJM4r8aFfVdrcOIXZ12E64u%2FA6sLcBrExOi2CAGBr5WfTc6F0EDQPK0V2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 790 B
947 B 10ms
9ms Image
image/webp 168.119.25.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=ae60953e-c647-4400-aa4a-1806fcfcd86c
Requested by: Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.20.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:23 GMT
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
server: nginx/1.18.0
etag: "5fbd16bb-316"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 790

GET
H2 200 /
f2e49209b4.bcab4297a6.com/in/show/ 0
200 B 12ms
12ms Image
text/plain 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f2e49209b4.bcab4297a6.com/in/show/?tag_ab=c&site_id=31418774&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=t.co&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,all&ssp=3964&page=https%3A%2F%2Fpoop.watch%2Fe%2F8w4vo552Ucv&refdom=poop.watch&auction_time=1699533922&subid=357529620&sid=2186918103&tcid=0&ver=8.113.1&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-11-09&iabcat=IAB25-3&keywords=&user_fp=11385211650094762209&score=77.49140077857484&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.watch%252Fe%252F8w4vo552Ucv%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fs.viicqujz.com%2Fh%2F1411%2Fm3iesqov6b4vvexhtsby5lgjwktuk54zycq2h74ewj5hq2d2nj7gieduafrcpd7c7p6e4kxrkkxezw2p75bkzctfqjz7lqcszbf65rxm2dv5fj7nwvfyavz7tjzm4gnnlfhl6quk3tm3vd4nq6xy6s46i6l7t4gbtsejfnnxk7eebg7ovt2kdo5ixshhj4rqohmhuurub7peire5jfewc52stjffpocaokvtiroyi6fijq3u5iyybw6jkgyet3xa7hru3g3cocp5as26utmhbczvt3j5pbspsf3o2me2of42a42l5zbi56hy4nt6o2kl5jjfe42fnihxq23xnzyugrcsbnceksljiv5vu5k2nfzxavwhnff2uusk3j72gmsmubaf7q3uotvdo5xcpvi5at62rsdlir23sr3gli4k3ffvfhmzd5kvszd7dn5rlbb2dknx76drtspe5xcrs23gnh3mts4f5msdkayfqo3lprssaqkaaeaeaqq3gzeswwzaby3c26qaizphq6toob3uanioplmemvwloookbplr5j5ejtkiphy322eojma4sulttvkf75ncnpde7pva27zon5fqqplxhgstbyrbumq4enywmtqwae6dwltgf4nccubmgm2demiccafrybq5bb7u6oqcpmldsobabmds4jz3hubxkoruaistebjdfvbdircrdynrwozpemfhwdz6hv5fsriopj6tk6tqimyfa5bzoeyscfytkfjugqkkmjehew3vbjuhy3ysaihrkijsovzuoyqhpfwxiztqjbgfecsbingeuocapj3v2y3tprjumxd4pvthq62hmqah62tunzjzrjpby2n7lueucyjo56wd55asthp4x3r3bknxxwgfexsofdcnpa7t67y3d4syacikxm5tvgdkvjnpmbkxoqwqljjfagzhii6we23ygmpbueq4aujqymyyovpk623yjf4yhx664bhgy7kkojf6bpkqmsfly5sytdpztscnehnp6vd7nriewco6biypkckwxzegqhmddntqyqytmuoxmq3soj4fbvb2un4q%3D%3D%3D%3D%3Fu%3D&icons=C-wgPZ8Cq72C8mie8KJL105gL6otx6_gdQAVQeKwBo2PWwgmGGkBd0Bdy7DqaceBamxFBE-sdTth3IYXd9Sb6fSCVLhRCCHnMKqFAW1YUx3gLHgiNlqrXIJQtGyyQUZ5e4ujjL9QREJItmvMoSrE_CEbxKzgaKUQ5vyDCgflU5RMdpnvNw&ext_cid=0&px_id=53418774&min_cpm=0.013268723994635955&out_id=1&campaign_type=lq-pop&aid=412&cid=14080&uniq=&mid=1581873534345828324&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0473099974164823&cpm=0&verify_hash=df7a79e5d0c9a7afbd36813301a606a7&is_native=2&real_bid=0.001225778362591453&original_bid_usd=0.001385999941859395&original_bid=0.001385999941859395&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.123%20Safari%2F537.36&ip_mismatch=2a00:c98:2050:a007:2::10&geo=DE&carrier=-&label_ids=0,4,89,108&need_redirect_show=0&applied_features=main-skins-settings,aboba%20test&show_count=1&expiration_timestamp=1699620322&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0.001385999941859395&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.001385999941859395&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=10d6f025-675b-4307-9bbd-dd1e992bd164
Requested by: Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 12:45:23 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ Frame 74B3 790 B
947 B 11ms
10ms Image
image/webp 168.119.25.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Requested by: Host: ea2f8770c9.3e950d4353.com
URL: https://ea2f8770c9.3e950d4353.com/a09f2eff26f7f8c0468499f82c56a9ce.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.20.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:23 GMT
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
server: nginx/1.18.0
etag: "5fbd16bb-316"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 790

GET
H2 200 IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ Frame 74B3 790 B
947 B 11ms
11ms Image
image/webp 168.119.25.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.02&cpa=c329d46e-a547-4862-9979-53d4e7611bac
Requested by: Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.20.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:23 GMT
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
server: nginx/1.18.0
etag: "5fbd16bb-316"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 790

GET
H2 200 /
f2e49209b4.bcab4297a6.com/in/show/ 0
200 B 12ms
12ms Image
text/plain 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f2e49209b4.bcab4297a6.com/in/show/?tag_ab=c&site_id=31418774&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=t.co&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,all&ssp=3964&page=https%3A%2F%2Fpoop.watch%2Fe%2F8w4vo552Ucv&refdom=poop.watch&auction_time=1699533922&subid=357529620&sid=2186918103&tcid=0&ver=8.113.1&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-11-09&iabcat=IAB25-3&keywords=&user_fp=11385211650094762209&score=77.49140077857484&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.watch%252Fe%252F8w4vo552Ucv%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fs.viicqujz.com%2Fh%2F1411%2Fm3iesqov6b4vvexhtsby5lgjwktuk54zycq2h74ewj5hq2d2nj7gieduafrcpd7c7p6e4kxrkkxezw2p75bkzctfqjz7lqcszbf65rxm2dv5fj7nwvfyavz7tjzm4gnnlfhl6quk3tm3vd4nq6xy6s46i6l7t4gbtsejfnnxk7eebg7ovt2kdo5ixshhj4rqohmhuurub7peire5jfewc52stjffpocaokvtiroyi6fijq3u5iyybw6jkgyet3xa7hru3g3cocp5as26utmhbczvt3j5pbspsf3o2me2of42a42l5zbi56hy4nt6o2kl5jjfe42fnihxq23xnzyugrcsbnceksljiv5vu5k2nfzxavwhnff2uusk3j72gmsmubaf7q3uotvdo5xcpvi5at62rsdlir23sr3gli4k3ffvfhmzd5kvszd7dn5rlbb2dknx76drtspe5xcrs23gnh3mts4f5msdkayfqo3lprssaqkaaeaeaqq3gzeswwzaby3c26qaizphq6toob3uanioplmemvwloookbplr5j5ejtkiphy322eojma4sulttvkf75ncnpde7pva27zon5fqqplxhgstbyrbumq4enywmtqwae6dwltgf4nccubmgm2demiccafrybq5bb7u6oqcpmldsobabmds4jz3hubxkoruaistebjdfvbdircrdynrwozpemfhwdz6hv5fsriopj6tk6tqimyfa5bzoeyscfytkfjugqkkmjehew3vbjuhy3ysaihrkijsovzuoyqhpfwxiztqjbgfecsbingeuocapj3v2y3tprjumxd4pvthq62hmqah62tunzjzrjpby2n7lueucyjo56wd55asthp4x3r3bknxxwgfexsofdcnpa7t67y3d4syacikxm5tvgdkvjnpmbkxoqwqljjfagzhii6we23ygmpbueq4aujqymyyovpk623yjf4yhx664bhgy7kkojf6bpkqmsfly5sytdpztscnehnp6vd7nriewco6biypkckwxzegqhmddntqyqytmuoxmq3soj4fbvb2un4q%3D%3D%3D%3D%3Fu%3D&icons=TDAJSuJuN5qq3lfoLxDyaWCN7cP7c7TaejyM4PKBX9Ha7biBW-kmg6UGPesrnYpOKLxppTgQKSXvTGV6acLGmnwMGQkE9Xha7de-FfjL-aAmFjHNk3v-9RBQgnyoMyU8WPlFjKAToaj8N2FoWm_my9Cz8NDOP11N-pv7QZXU882WlvLy7w&ext_cid=0&px_id=53418774&min_cpm=0.013268723994635955&out_id=0&campaign_type=lq-pop&aid=412&cid=14080&uniq=&mid=1581873534345828324&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0473099974164823&cpm=0&verify_hash=df7a79e5d0c9a7afbd36813301a606a7&is_native=2&real_bid=0.001225778362591453&original_bid_usd=0.001385999941859395&original_bid=0.001385999941859395&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.123%20Safari%2F537.36&ip_mismatch=2a00:c98:2050:a007:2::10&geo=DE&carrier=-&label_ids=108,0,4,89&need_redirect_show=0&applied_features=main-skins-settings,aboba%20test&show_count=1&expiration_timestamp=1699620322&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0.001385999941859395&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.001385999941859395&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.02&cpa=a505c833-9a1b-4dd4-9f5e-3c2557cbd876
Requested by: Host: poop.watch
URL: https://poop.watch/e/8w4vo552Ucv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 12:45:23 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 jquery-latest.min.js Show response
code.jquery.com/ Frame 747D 94 KB
33 KB 31ms
30ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.min.js
Requested by: Host: berlagu.com
URL: https://berlagu.com/media/jQWuyE5jdgI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://berlagu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2613715
x-cache: HIT, HIT
content-length: 33202
x-served-by: cache-lga21983-LGA, cache-fra-eddf8230088-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699533923.445782,VS0,VE0
etag: W/"28feccc0-1762a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 71, 291268

GET
H2 200 embed.css
metrolagu.cam/ Frame 747D 1 KB
609 B 251ms
251ms Stylesheet
text/css 66.42.53.251
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://metrolagu.cam/embed.css

Requested by

Host: berlagu.com
URL: https://berlagu.com/media/jQWuyE5jdgI

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.42.53.251 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

66.42.53.251.vultrusercontent.com

Software

nginx /

Resource Hash

6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://berlagu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 15:07:59 GMT
server: nginx
etag: W/"651596cf-446"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 10 Nov 2023 00:45:23 GMT

GET
H/1.1 200
OK mjllA Show response
oj.bromisescapose.com/rnmSOUjlOk5UHQ/ Frame 747D 0
1 KB 273ms
28ms Script
application/javascript 142.91.159.93
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://oj.bromisescapose.com/rnmSOUjlOk5UHQ/mjllA

Requested by

Host: berlagu.com
URL: https://berlagu.com/media/jQWuyE5jdgI

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

142.91.159.93 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://berlagu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 12:45:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://berlagu.com
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H2 200 72z4t70z70ivj8vr.jpg
img.doodcdn.co/snaps/ Frame 747D 59 KB
59 KB 117ms
77ms Image
image/jpeg 2606:4700:20::681a:74a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.doodcdn.co/snaps/72z4t70z70ivj8vr.jpg
Requested by: Host: berlagu.com
URL: https://berlagu.com/media/jQWuyE5jdgI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b5cae07384bb705f9d7476d58b95baadf5cc1267e2f4b76c14c212209d1016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://berlagu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=62638
alt-svc: h3=":443"; ma=86400
content-length: 60004
cf-bgj: imgq:100,h2pri
last-modified: Wed, 08 Nov 2023 18:03:42 GMT
server: cloudflare
etag: "654bcd7e-f4ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YM8rGuSmAqJBq3YjrG46HL99ayzUHr93p76W8mueKML6TXZCPnSyWeobbXNi9ohDRTHPPkHdYa%2B4nPi3kL%2B5tMFlJ5N1UCj0YgUcSbqrgCkQFnb3rMJDuLu8Y9mwuyPIVNjrC0eDSSO4byF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8236270daff01c85-FRA
expires: Thu, 23 Nov 2023 08:42:52 GMT

GET
H2 200 play.svg
metrolagu.cam/ Frame 747D 633 B
789 B 253ms
253ms Image
image/svg+xml 66.42.53.251
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrolagu.cam/play.svg

Requested by

Host: metrolagu.cam
URL: https://metrolagu.cam/embed.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.42.53.251 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

66.42.53.251.vultrusercontent.com

Software

nginx /

Resource Hash

b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrolagu.cam/embed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:45:23 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 21 Sep 2023 10:51:20 GMT
server: nginx
etag: "650c2028-279"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 633

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je3b60v9167878827&_p=1699533922217&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1813852712.1699533922&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699533922&sct=1&seg=0&dl=https%3A%2F%2Fpoop.watch%2Fe%2F8w4vo552Ucv&dr=https%3A%2F%2Ft.co%2F&dt=10%20-%20PoopHD&en=scroll&epn.percent_scrolled=90&_et=4&tfd=6198
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poop.watch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 12:45:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://poop.watch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: p.adevbom.com
URL: https://p.adevbom.com/dcba/

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-21 01:35:48	Name: muc Value: c1c25285-2401-4a23-9e15-29f1750149e8
.poop.watch/	1970-01-21 01:41:33	Name: _ga Value: GA1.1.1813852712.1699533922
.poop.watch/	1970-01-21 01:41:33	Name: _ga_RRBBHD087X Value: GS1.1.1699533922.1.0.1699533922.0.0.0
fp.metricswpsh.com/	1970-01-21 00:51:09	Name: id Value: 16743490489863910996
oj.bromisescapose.com/	1970-01-20 16:07:00	Name: GL_UI4 Value: eJw9jVtOwzAURPNOgSYwUhbAEmK1peQTsQg%2BIz9uUtPErhyTiN1jIcHXHI3OaKIoSppHxGuRIf3iJzwf1XDo5LEbOBftQbUnxpSgl%2FOr7Fpxlgp3euk9FxP5DLtl5s73fs2wH8mQ07KXVlGFp2D9NVdjN5MhF44bVSGfgzFVKIWz20KuSZEZPhOK94uzIfOZf1qHlLEusDaB4xaJXZq0vkf5oY0Kw3qPhLV1XUR4uE3cD9bNvVZFjHx0XBHiN%2Bwk9zRa941S0XL19gbYSfX%2F%2Fu9vurEWhaJVy3Bu%2FYXcD8BHTuk%3D
oj.bromisescapose.com/	1970-01-20 16:07:00	Name: GL_GI10 Value: eJw1yz0KwkAQhuGdKaKCoB%2FmAJ4gJIv4UxoVGy9gOYnLksJNmE0i3l4tbN7igdcYw%2Bkc3HRYFLt9VmxtZvNDVmwsyIPPF3AdMLk6fUp4gxRc3sH6tVJG0UZANabHwcdqUA9qsLw5ie7lqvX%2F4hAxO7XatSq9A3UJgfv21%2FhIDWhMVh840yBi

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://poop.watch/e/8w4vo552Ucv Message: Access to XMLHttpRequest at 'https://p.adevbom.com/dcba/' from origin 'https://poop.watch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://p.adevbom.com/dcba/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeywDW1Aw6d51Z9D4LQxID7DJPxlVOoFa0nRBj4HMFVphkhH56SL2C9gVcZnFq-gUfHDhHqky_g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S218452224%3A1699533922711087&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
berlagu.com
cdn.adevbom.com
code.jquery.com
dood.boo
e588190a1e.ac09f93506.com
ea2f8770c9.3e950d4353.com
f2e49209b4.bcab4297a6.com
fp.metricswpsh.com
img.doodcdn.co
js.capndr.com
metrolagu.cam
nereserv.com
oj.bromisescapose.com
p.adevbom.com
poop.watch
region1.google-analytics.com
static.bookmsg.com
storage.multstorage.com
t.co
www.googletagmanager.com
p.adevbom.com
104.244.42.197
142.91.159.93
157.90.84.242
168.119.25.102
168.119.25.20
2001:4860:4802:34::36
2400:52e0:1e00::1080:1
2606:4700:20::681a:74a
2606:4700:e6::ac40:c40e
2a00:1450:4001:80e::2008
2a00:1450:4001:827::200d
2a01:4f8:252:561a::2
2a04:4e42:400::649
2a06:98c1:3120::3
45.133.44.53
66.42.53.251
06b5cae07384bb705f9d7476d58b95baadf5cc1267e2f4b76c14c212209d1016
1852fd19b7c3e8439b88a907ee721bc64a85993756d107e7e95e1d67770c91fb
20f34c27d0772eedf7f68b8439bc79cbd513c09595aecb3e0916b6d2e87bd87c
2e2918aacd64e9faafc6daa34edbb632318af4d30d98b12678173c1dfb7b0a80
4661bb12d08a9eee2c2b1a05f43ca439cb64c8138c639ca593617f918582d2d4
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf
6cd094a2458fbab7e156d4a310fd4f7448c9894b9a631f3c9945130022e819fa
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
a10247d0f84f7a866bd82fb061cd6f8639bfbfcad43d22854a216ac8fadb10ab
a58323209e3a40d4e8443bf4fbea932d0a7a98dd812ad65810953a732e888a4b
a5dc40057c7904de00b24c12bdf682fb404fe471c78a99d625f89e4c8688d1d2
aa978ec6f6ef7cbcaba876669be806e3dcce1104f67dc99fc2d03ba5a1f47117
ac160524f74e8e40ea307c1b396c15afa28589e16f2674cd0478e5a8f6958b70
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
bca07ac3db36ecb368743853ea4fbb4c950c5afbc41df705ddae36bad60d80e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18
f51575c1095e52ee4600a37e8f632b63c9e621f7b49348e460b4c4befcf1f433

poop.watch Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

95 %HTTPS

56 %IPv6

20 Domains

21 Subdomains

17 IPs

4 Countries

496 kBTransfer

1497 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

poop.watch Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

56 %
IPv6

20
Domains

21
Subdomains

17
IPs

4
Countries

496 kB
Transfer

1497 kB
Size

6
Cookies

44 HTTP transactions
0 data transactions