urlscan.io logo urlscan.io
SecurityTrails logo

poop.cx Open in urlscan Pro
2606:4700:3030::6815:48cd  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://doodx.pro/d/h7sYoCnsagk
Effective URL: https://poop.cx/d/h7sYoCnsagk
Submission: On December 13 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 22 domains to perform 54 HTTP transactions. The main IP is 2606:4700:3030::6815:48cd, located in United States and belongs to CLOUDFLARENET, US. The main domain is poop.cx.
TLS certificate: Issued by GTS CA 1P5 on December 5th 2023. Valid for: 3 months.
This is the only time poop.cx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 46.250.230.255 141995 (CAPL-AS-A...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 45.133.44.52 39572 (ADVANCEDH...)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 45.133.44.53 39572 (ADVANCEDH...)
2 157.90.84.242 24940 (HETZNER-AS)
8 2a01:4f8:e0:1... 24940 (HETZNER-AS)
2 3 2a00:1450:400... 15169 (GOOGLE)
2 157.90.84.246 24940 (HETZNER-AS)
2 139.45.197.245 9002 (RETN-AS)
4 46.250.228.42 141995 (CAPL-AS-A...)
1 2a01:4f8:c0:2... 24940 (HETZNER-AS)
1 139.45.195.8 9002 (RETN-AS)
8 2a02:b48:8301... 39572 (ADVANCEDH...)
1 23.109.87.0 7979 (SERVERS-COM)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
54 22
1    46.250.230.255 (London, United Kingdom)

ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG)
PTR: vmi1550367.contaboserver.net
doodx.pro
7    2606:4700:3030::6815:48cd (United States)

ASN13335 (CLOUDFLARENET, US)
poop.cx
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
mp4skin.com
4    45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
495720ba1f.79dc3bce9d.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:e6::ac40:c50e (United States)

ASN13335 (CLOUDFLARENET, US)
storage.multstorage.com
1    45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
3484bf3157.55454ed59d.com
2    157.90.84.242 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de
fp.metricswpsh.com
8    2a01:4f8:e0:19cb::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
e6dfdf813a.8b0a9809d8.com
3    2a00:1450:400c:c04::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
2    157.90.84.246 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.84.90.157.clients.your-server.de
nereserv.com
2    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
meenetiy.com
4    46.250.228.42 (London, United Kingdom)

ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG)
PTR: vmi1554307.contaboserver.net
metrolagu.cam
1    2a01:4f8:c0:2306::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
mcpuwpsh.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
8    2a02:b48:8301::24 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
static.bookmsg.com
1    23.109.87.0 (Netherlands)

ASN7979 (SERVERS-COM, US)
fikedaquabib.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700:20::ac43:46be (United States)

ASN13335 (CLOUDFLARENET, US)
img.doodcdn.co
Apex Domain
Subdomains		 Transfer
8 bookmsg.com
static.bookmsg.com — Cisco Umbrella Rank: 40045
8 KB
8 8b0a9809d8.com
e6dfdf813a.8b0a9809d8.com
8 KB
7 poop.cx
poop.cx
300 KB
4 metrolagu.cam
metrolagu.cam — Cisco Umbrella Rank: 157566
3 KB
4 79dc3bce9d.com
495720ba1f.79dc3bce9d.com
199 KB
3 google.com
accounts.google.com — Cisco Umbrella Rank: 23
2 KB
3 mp4skin.com
mp4skin.com — Cisco Umbrella Rank: 192545
2 KB
2 meenetiy.com
meenetiy.com — Cisco Umbrella Rank: 309333
29 KB
2 nereserv.com
nereserv.com — Cisco Umbrella Rank: 38773
401 B
2 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 41404
426 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
293 B
1 doodcdn.co
img.doodcdn.co — Cisco Umbrella Rank: 41132
8 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
33 KB
1 fikedaquabib.com
fikedaquabib.com — Cisco Umbrella Rank: 155707
1 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331
541 B
1 mcpuwpsh.com
mcpuwpsh.com — Cisco Umbrella Rank: 52970
4 KB
1 55454ed59d.com
3484bf3157.55454ed59d.com
207 B
1 multstorage.com
storage.multstorage.com — Cisco Umbrella Rank: 34059
902 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
91 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
28 KB
1 doodx.pro
doodx.pro — Cisco Umbrella Rank: 266372
115 B
54 22
Domain Requested by
8 static.bookmsg.com poop.cx
495720ba1f.79dc3bce9d.com
8 e6dfdf813a.8b0a9809d8.com 495720ba1f.79dc3bce9d.com
poop.cx
7 poop.cx poop.cx
4 metrolagu.cam mp4skin.com
metrolagu.cam
4 495720ba1f.79dc3bce9d.com poop.cx
495720ba1f.79dc3bce9d.com
3 accounts.google.com 2 redirects poop.cx
3 mp4skin.com poop.cx
mp4skin.com
2 meenetiy.com mp4skin.com
meenetiy.com
2 nereserv.com 495720ba1f.79dc3bce9d.com
2 fp.metricswpsh.com 495720ba1f.79dc3bce9d.com
2 region1.google-analytics.com www.googletagmanager.com
1 img.doodcdn.co metrolagu.cam
1 code.jquery.com metrolagu.cam
1 fikedaquabib.com metrolagu.cam
1 my.rtmark.net meenetiy.com
1 mcpuwpsh.com 495720ba1f.79dc3bce9d.com
1 3484bf3157.55454ed59d.com 495720ba1f.79dc3bce9d.com
1 storage.multstorage.com 495720ba1f.79dc3bce9d.com
1 www.googletagmanager.com poop.cx
1 fonts.googleapis.com poop.cx
1 cdnjs.cloudflare.com poop.cx
1 doodx.pro 1 redirects
54 22

This site contains no links.

Subject Issuer Validity Valid
poop.cx
GTS CA 1P5		 2023-12-05 -
2024-03-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
mp4skin.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
495720ba1f.79dc3bce9d.com
R3		 2023-12-10 -
2024-03-09		 3 months crt.sh
multstorage.com
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
3484bf3157.55454ed59d.com
R3		 2023-12-10 -
2024-03-09		 3 months crt.sh
notification.tubecup.net
R3		 2023-12-13 -
2024-03-12		 3 months crt.sh
8b0a9809d8.com
R3		 2023-12-10 -
2024-03-09		 3 months crt.sh
meenetiy.com
R3		 2023-11-20 -
2024-02-18		 3 months crt.sh
www.metrolagu.cam
R3		 2023-10-22 -
2024-01-20		 3 months crt.sh
puwpush.com
R3		 2023-12-11 -
2024-03-10		 3 months crt.sh
rtmark.net
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
static.bookmsg.com
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
fikedaquabib.com
R3		 2023-11-11 -
2024-02-09		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh

This page contains 6 frames:

Primary Page: https://poop.cx/d/h7sYoCnsagk
Frame ID: 26045D208DD21C9099B2F8BE659F8EF5
Requests: 33 HTTP requests in this frame

Frame: https://mp4skin.com/video?q=take+a+chance
Frame ID: 7D1C475E42EAD88CBB8287B594D56D4C
Requests: 6 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: D3152047B153C4B5529AC9736CF27F10
Requests: 1 HTTP requests in this frame

Frame: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Frame ID: 4133F2BECB7EFA6D563B499C62C6A4B9
Requests: 7 HTTP requests in this frame

Frame: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Frame ID: 24D53328721C0B40EBBA627DC3400998
Requests: 2 HTTP requests in this frame

Frame: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Frame ID: 0FC047001B957D9DC694AD8F65D86BE6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dicolok Kontol Panjang Mentok - PoopHD

Page URL History Show full URLs

  1. https://doodx.pro/d/h7sYoCnsagk HTTP 301
    https://poop.cx/d/h7sYoCnsagk Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

96 %
HTTPS

59 %
IPv6

22
Domains

22
Subdomains

22
IPs

5
Countries

718 kB
Transfer

2088 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://doodx.pro/d/h7sYoCnsagk HTTP 301
    https://poop.cx/d/h7sYoCnsagk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp0l4DIRCX-KchXFsJsgEqAT0LcdZ8cbwJtX5Tt_yyGtWXDH9NxGQcBtPUCNMJJacpsJtpqB HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0CvqWywrIrwor1hZCoVzm85lGMpamYkByOmB3dP8otcl_ynCnxyXwLQMio8OVznpuyUlIk&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1393110087%3A1702485004210427&theme=glif

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request h7sYoCnsagk
poop.cx/d/
Redirect Chain
  • https://doodx.pro/d/h7sYoCnsagk
  • https://poop.cx/d/h7sYoCnsagk
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47eecf5a3058c1592cb558981545e34c3ade4ede457e02a5760688964452b874

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
MISS
cf-ray
834f96dedaa76405-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Dec 2023 16:30:03 GMT
last-modified
Wed, 13 Dec 2023 16:30:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSrriR%2BYAfFpxa7tKtADFQrgTXc0tlkMKO8cuNGMqmzF8iLzdjRe6nNRDc4y55NiLD6e0Gi9neS63I7ntswJZVlxlQPMtfcum%2Fxv%2BDA4JXicPJFRxh76%2FL19sN8QTeTMBmeanqb7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
162
content-type
text/html
date
Wed, 13 Dec 2023 16:30:01 GMT
location
https://poop.cx/d/h7sYoCnsagk
server
nginx
strict-transport-security
max-age=31536000
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1044132
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27748
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAxrHQlV5I3iaUunDu%2FYuaKiuNf0Jx3bicLlcbGjtZx%2BCK3XsCcEkwuBZ7mAVRD2GeOO%2BE3wI3%2F8Btm4fcDeTyWb9MJojxPA8HRkrCZl0aQQHzAsdemOsLWZDdsGjqNmuV39ibIbsHd2jh%2BrG1PqMeX0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
834f96e5d86c4077-LHR
expires
Mon, 02 Dec 2024 16:30:03 GMT
bootstrap.min.css
poop.cx/theme_2/css/ 		204 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/css/bootstrap.min.css
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10c142c79bbbfe42ce677eedeee70f918de0e759feabc175f423543aee886a6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/d/h7sYoCnsagk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 02:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
19998
etag
W/"6522101c-32faa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqfkAJi9N6bEDMrAkwLCOZ703LopPz4Awns8nFDFGxNxgWgyTsSeYNKlp8j5uxB2M0prtcNUa3aRtJ8AbjJo4SpTQ8LhL2sxpS2z4H8AzXuL80BzMscZdWnzd6Ign8X9nc3z38xF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
834f96e54d446405-LHR
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Dec 2023 22:56:45 GMT
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7c8ae9c7b18adee8a22a5368e7356c09303f88ad6bf59ca66d7bb206236c938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Dec 2023 16:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 16:08:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Dec 2023 16:30:03 GMT
style.css
poop.cx/theme_2/css/ 		253 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/css/style.css
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c109f2e81af1df1cf0c41934f699fa249176cb27c7b554d3bc664c89fc1340

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/d/h7sYoCnsagk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 02:19:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10544
etag
W/"652211c2-3f52d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4al81NJetgxgCfXBCLIIscnXPSnx5X%2F2OvrWMzKx2%2BKTIQRKGg8DCCVnmwUkItvFOLS0FGm0KboY%2BRXxJItO3Ff5BUcQm0JckVCW6sZSSsKlj3w5shtZfqrESDzKyJreIH9CZNMn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
834f96e54d476405-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Dec 2023 01:34:19 GMT
embed2.css
poop.cx/theme_2/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/css/embed2.css
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca2d870794ea0d5902ed97a4c515f4462b63555a5d4e8a2ccca6e1011dfe4db

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/d/h7sYoCnsagk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Oct 2023 23:48:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10750
etag
W/"653c4c47-8db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gF7yoc%2FoI96tzYCInjXwl%2Fnl6uQtZKVYY%2F3oN4o4s2dZvFTjDl4me3x7cSulbksL7lBLuSQdVu4%2FFicyFOCwrSsjfrZmTvMs%2FJrlwyFHXZ9yf1%2BTxkHoJvp9SGDTBp5CX5Skcee1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
834f96e54d486405-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Dec 2023 01:30:53 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c69c82b626e01c17fb10b2fabd6aa70462e6d97759cfc63358199aacea35d870
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92983
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Dec 2023 16:30:03 GMT
6b6761736e436f59733768
mp4skin.com/embud/ Frame 7D1C 		243 B
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mp4skin.com/embud/6b6761736e436f59733768
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89985c5f426611bc4553813dab34bca4306971469abf8598889ae116150158d

Request headers

Referer
https://poop.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
MISS
cf-ray
834f96e73b5345a1-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Dec 2023 16:30:03 GMT
last-modified
Wed, 13 Dec 2023 16:30:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHAvrl7lj97JpbSHn3ZUjstoWkzBMn2FTN52c%2B8Zo6V4CkIYCOBjiP1yRUXaVy6Nk4nLPV%2BywgSyvNNGDpsf9wBzRcKL5LvPSWgoZXdY9gcJNnPQMUVpkXzdCfkH8TX%2BcO7yzfOlJl5YJw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
4f492c46193a70ae62c7951ea56fab27.js
495720ba1f.79dc3bce9d.com/ 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://495720ba1f.79dc3bce9d.com/4f492c46193a70ae62c7951ea56fab27.js
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a3fe69d20064653807d77b80c7a7c6e381f78981258f9878c5724cb06fe2a4ff

Request headers

Referer
https://poop.cx/
Origin
https://poop.cx
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 13 Dec 2023 16:35:03 GMT
date
Wed, 13 Dec 2023 16:30:03 GMT
content-encoding
gzip
last-modified
Mon, 11 Dec 2023 14:56:06 GMT
server
nginx/1.18.0
etag
W/"65772306-196d1"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
avertastd-bold-webfont.woff2
poop.cx/theme_2/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/fonts/avertastd-bold-webfont.woff2
Requested by
Host: poop.cx
URL: https://poop.cx/theme_2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06244cc9cd0c998581b1bf93f5222deee7d2d0b09299190e163961afa973ba91

Request headers

Referer
https://poop.cx/theme_2/css/style.css
Origin
https://poop.cx
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:03 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 02:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5911
etag
"6522101c-5c34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRDKW3v5bufOC6xm0XAQPt9viUqCXWfvoitIAH%2BmJFqha7ZauviiZ%2BdQTFW0wZhIvXYX%2BNNqwt%2BBYo6ipxPR4WjmsNb60KhfpDpVf4xyXP1bV5NaqW3Y9wcQ5aUDhtaF%2BDiWeHmA"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
834f96e68c49653a-LHR
alt-svc
h3=":443"; ma=86400
content-length
23604
avertastd-regular-webfont.woff2
poop.cx/theme_2/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/fonts/avertastd-regular-webfont.woff2
Requested by
Host: poop.cx
URL: https://poop.cx/theme_2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf

Request headers

Referer
https://poop.cx/theme_2/css/style.css
Origin
https://poop.cx
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:03 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 02:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3864
etag
"6522101c-5d04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2Fw8bChudrF7jcWgvsmfMSengqwmp44U%2BBFDCYbdovyxID7Sut3BoALj1jBNP%2BCA6DbCV5%2F4E%2BH1ejoUMmx36UTr0g6%2B4wJhVcj5hXtRDBBs30Q5OqPYJRf6WzcyHmCPQGDwIOgI"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
834f96e68c4b653a-LHR
alt-svc
h3=":443"; ma=86400
content-length
23812
fa-duotone-900.woff2
poop.cx/theme_2/css/fontawesome/webfonts/ 		180 KB
181 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2
Requested by
Host: poop.cx
URL: https://poop.cx/theme_2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e228b909313044a18dec1a674cfd4935071c36eb3eb6a0cd38a45afac6ae3996

Request headers

Referer
https://poop.cx/theme_2/css/style.css
Origin
https://poop.cx
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:03 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 02:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1290
etag
"6522101c-2d09c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naZzZFqPHuJZVglAxuZMUpLcjIW60nFQiVqRzF%2FTTZy4xv6hNkMJCrcjJj0EUA%2Bya2Tb%2FzkqJdh62z0fgvfIDIX0ZJb7NzzkOTTiE0fCKgPW5alIUfXrUIFx1fQXkYb8lCXq3NBq"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
834f96e68c4d653a-LHR
alt-svc
h3=":443"; ma=86400
content-length
184476
114039
495720ba1f.79dc3bce9d.com/d2077aa526471be3784cc55baefcb0ce/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://495720ba1f.79dc3bce9d.com/d2077aa526471be3784cc55baefcb0ce/114039?version_name=c
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/4f492c46193a70ae62c7951ea56fab27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f29a3f06f780d797b51ea8e1c4ce1182b749f4b531da6dc68e0c96f986df9bbd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 16:30:03 GMT
cache-control
max-age=300
x-proxy-cache
EXPIRED
server
nginx/1.18.0
content-type
application/json
expires
Wed, 13 Dec 2023 16:35:03 GMT
collect
region1.google-analytics.com/g/ 		0
239 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je3bt0v9167878827&_p=1702485003262&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1893828995.1702485004&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702485003&sct=1&seg=0&dl=https%3A%2F%2Fpoop.cx%2Fd%2Fh7sYoCnsagk&dt=Dicolok%20Kontol%20Panjang%20Mentok%20-%20PoopHD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=10570
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 16:30:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://poop.cx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
count.html
storage.multstorage.com/log/ Frame D315 		882 B
902 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.multstorage.com/log/count.html
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/4f492c46193a70ae62c7951ea56fab27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c50e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

Request headers

Referer
https://poop.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
834f96e9bd50419d-LHR
content-encoding
br
content-type
text/html
date
Wed, 13 Dec 2023 16:30:03 GMT
last-modified
Mon, 18 Sep 2023 14:39:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usuL62PZMORdINsCZJdyQfsKRLEZGJM75Zh0957RqHcAiPoFp3ks0ppgnrRnnC5VCwfZoNbBIL%2BVMXFz%2BwBAEukaLY73P3d9Xc7XgoRLOQhMeGBdj5EqSM8UDpDFJAkUkEVyy26WiKnnlW6FLFMO602joToImA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-request-id
8c449fceefc87d936a97aa6723396387
track
3484bf3157.55454ed59d.com/in/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3484bf3157.55454ed59d.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0MDE0MjA1MzAyMTg0MjMxMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuOTUuMSIsInRhZ19pZCI6MTE0MDM5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXVyb3BlL0xvbmRvbiIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjE1LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJEaWNvbG9rJTJDS29udG9sJTJDUGFuamFuZyUyQ01lbnRvayUyQ1Bvb3BIRCJ9
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/4f492c46193a70ae62c7951ea56fab27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 16:30:03 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
592354c837f17810cc29ef78490677f7.js
495720ba1f.79dc3bce9d.com/ 		560 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://495720ba1f.79dc3bce9d.com/592354c837f17810cc29ef78490677f7.js
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/4f492c46193a70ae62c7951ea56fab27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
784769a175e02520593b08e4729433ef3df82b9af4df6bcda86c55da9a056c0d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 13 Dec 2023 16:35:03 GMT
date
Wed, 13 Dec 2023 16:30:03 GMT
content-encoding
gzip
last-modified
Tue, 12 Dec 2023 15:19:49 GMT
server
nginx/1.18.0
etag
W/"65787a15-8bf20"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
a59e6d808923e93abb8254bf2a2893d6.js
495720ba1f.79dc3bce9d.com/ 		88 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://495720ba1f.79dc3bce9d.com/a59e6d808923e93abb8254bf2a2893d6.js
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/4f492c46193a70ae62c7951ea56fab27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
54abd8116ad24070d650866862eee72b406192019759e7ee48f8d8626f841dad

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 13 Dec 2023 16:35:03 GMT
date
Wed, 13 Dec 2023 16:30:03 GMT
content-encoding
gzip
last-modified
Wed, 06 Dec 2023 08:39:45 GMT
server
nginx/1.18.0
etag
W/"65703351-1600a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
fp
fp.metricswpsh.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=114039
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://poop.cx
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://poop.cx
Connection
keep-alive
Date
Wed, 13 Dec 2023 16:30:03 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
fp
fp.metricswpsh.com/ 		58 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=114039
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/4f492c46193a70ae62c7951ea56fab27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
d75f3e6fccd13f6647dc0c4fe37c13492ede13c50ddccec3fa4214f927060dd1

Request headers

Referer
https://poop.cx/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Wed, 13 Dec 2023 16:30:03 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://poop.cx
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
58
video
mp4skin.com/ Frame 7D1C 		633 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mp4skin.com/video?q=take+a+chance
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc524e45f47b5bedaa3f8778cfbaa0cc4e9eba32d893c001cda33cc8587b5e03

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://mp4skin.com
Referer
https://mp4skin.com/embud/6b6761736e436f59733768
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
834f96ea0f7a45a1-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Dec 2023 16:30:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPcEvJsIvII2t6rVGUXSB7JF22JZyRx8fVq5WMQJhFREYmobALuef73hBY%2FKuud%2FUWywhinklyzhxiFmsUqAVTKM9%2FltaCN93A3%2BZf77IgsHNGXDetFv7dXhOiiDcUhGWhkNR7OKE2NShg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
multy
e6dfdf813a.8b0a9809d8.com/in/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://e6dfdf813a.8b0a9809d8.com/in/multy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://poop.cx
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Wed, 13 Dec 2023 16:30:04 GMT
pragma
no-cache
server
nginx/1.18.0
vary
Origin
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp0l4DIRCX-KchXFsJsgEqAT0LcdZ8cbwJtX5Tt_yyGtWXDH9NxGQcBtP...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0CvqWywrIrwor1hZCoVzm85lGMpamYkByOmB3dP8otcl_ynCnxyXwLQMio8OVznpuyUlIk&passive=t...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0CvqWywrIrwor1hZCoVzm85lGMpamYkByOmB3dP8otcl_ynCnxyXwLQMio8OVznpuyUlIk&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1393110087%3A1702485004210427&theme=glif
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Server
2a00:1450:400c:c04::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date
Wed, 13 Dec 2023 16:30:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-1qLoZE5FsWxtH_rIz0jcbA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
399
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0CvqWywrIrwor1hZCoVzm85lGMpamYkByOmB3dP8otcl_ynCnxyXwLQMio8OVznpuyUlIk&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1393110087%3A1702485004210427&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
dip
nereserv.com/in/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=1&event_id=ba418adb-c751-47ed-935b-a7350cb22774&subid=357529620&sid=1971883847&spot_id=418774&created_at=2023-12-13&timezone=0&ver=8.126.0&is_native=1
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/592354c837f17810cc29ef78490677f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.246 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 16:30:04 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
multy
e6dfdf813a.8b0a9809d8.com/in/ 		36 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e6dfdf813a.8b0a9809d8.com/in/multy
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/592354c837f17810cc29ef78490677f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
be1af4678cb3f928bfaa007a730ac68f4ba488961dd57c3e8145c6dab8868332

Request headers

Referer
https://poop.cx/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 16:30:04 GMT
content-encoding
gzip
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
3347
multy
e6dfdf813a.8b0a9809d8.com/in/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://e6dfdf813a.8b0a9809d8.com/in/multy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://poop.cx
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Wed, 13 Dec 2023 16:30:04 GMT
pragma
no-cache
server
nginx/1.18.0
vary
Origin
dip
nereserv.com/in/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=1&event_id=5524621d-b847-48e1-a3c0-b60a9dea4d9e&subid=388464194&sid=1224491239&spot_id=418776&created_at=2023-12-13&timezone=0&ver=8.126.0&is_native=1
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/592354c837f17810cc29ef78490677f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.246 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 16:30:04 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
multy
e6dfdf813a.8b0a9809d8.com/in/ 		36 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e6dfdf813a.8b0a9809d8.com/in/multy
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/592354c837f17810cc29ef78490677f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
23277218fbc504eb139c48670c8f22bd48181133999d9d75f14c68aeed72373e

Request headers

Referer
https://poop.cx/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 16:30:04 GMT
content-encoding
gzip
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
3335
63ba9f4f-d423-4273-882e-44101df59a39
https://poop.cx/ 		204 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://poop.cx/63ba9f4f-d423-4273-882e-44101df59a39
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
204
Content-Type
text/javascript
embed.css
mp4skin.com/ Frame 7D1C 		755 B
865 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mp4skin.com/embed.css
Requested by
Host: mp4skin.com
URL: https://mp4skin.com/video?q=take+a+chance
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
206d526e32959ce92da664b9e30be583c2500a6427800ecf2f8718b16ede188c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mp4skin.com/video?q=take+a+chance
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3980
cf-polished
origSize=1094
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 21 Nov 2023 14:03:56 GMT
server
cloudflare
etag
W/"655cb8cc-446"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQKnx2lSjP20JdmhM2mjwIEOBIp0Xq8xzQ2TYKB9rAhB1vpOunUU0kN1NryNkYhy%2F8cLF0HlXRE9kyXgtRAjHMghz4W1wktfD6qGNSgoeDsbR73h4HvDd4D8OKKrVpH3sp%2B0S7aEM4CMdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
834f96ec7ed86415-LHR
expires
Thu, 14 Dec 2023 03:23:44 GMT
6678850
meenetiy.com/5/ Frame 7D1C 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meenetiy.com/5/6678850
Requested by
Host: mp4skin.com
URL: https://mp4skin.com/video?q=take+a+chance
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8eff8bf051a31db36f38cb4fea7ab050b1ac4ec1721088885f801ba0af777a80

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mp4skin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:04 GMT
content-encoding
gzip
x-trace-id
0d66aea0d35b2827c66999004ffd22c2
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
6b6761736e436f59733768
metrolagu.cam/jembud/ Frame 4133 		242 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://metrolagu.cam/jembud/6b6761736e436f59733768
Requested by
Host: mp4skin.com
URL: https://mp4skin.com/video?q=take+a+chance
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.250.228.42 London, United Kingdom, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1554307.contaboserver.net
Software
nginx /
Resource Hash
af0fb651abef55d3b17788f161869c6388756ad1547902ae74fe9d490d850868
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://mp4skin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Dec 2023 16:30:05 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
/
mcpuwpsh.com/get/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcpuwpsh.com/get/
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/a59e6d808923e93abb8254bf2a2893d6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2306::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
fe768bc2969d17ae00ec0f7facaf66722c967d8a31658136787863d42a76efbf

Request headers

Referer
https://poop.cx/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 16:30:05 GMT
server
nginx/1.16.0
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
3716
gid.js
my.rtmark.net/ Frame 7D1C 		65 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=0112a52362c94aa78a42487cb924904e
Requested by
Host: meenetiy.com
URL: https://meenetiy.com/5/6678850
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
35eac99fad34e42397b947ddf07e12b82346aef2c75838a599a40ec6c95a53aa
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mp4skin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mp4skin.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
/
meenetiy.com/ Frame 7D1C 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://meenetiy.com/?rb=ViUPrITmSuP4CFS_GwWTJzDeCOk8UlJySXcUBlqOp1Ia1rNcxO9ed7aAKbH3QuZrGMGLlB6o8trsJ6oEErp21rV1Q-ZyEGVdz-fFNkI4KC2WOoRQrIP699q-g7r46zQLjC1tB4ErCi44rV6u42qyhBGzY2zJBBMeWe6DZTXqR_te4vrAwg9s6f4GZ0UTZB7QoUNABtxa2PyS1XszR3yei70ux9DECnsLeagJOYbHsLh4Xm3jPf7EPqQKYADxoIdnAWCrTHTpizUCVW6LIPFRdA%3D%3D&request_ab2=0&zoneid=6678850&js_build=iclick-v1.644.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1110&wih=624&wiw=1110&wfc=2&pl=https%3A%2F%2Fmp4skin.com%2Fvideo%3Fq%3Dtake%2Ba%2Bchance&drf=https%3A%2F%2Fmp4skin.com%2Fembud%2F6b6761736e436f59733768&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&btz=Europe%2FLondon&bto=0&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.644.0&bs=053e52fb-7434-448a-b1af-45ead6c33fab&userId=0112a52362c94aa78a42487cb924904e&m=link
Requested by
Host: meenetiy.com
URL: https://meenetiy.com/5/6678850
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d6cf0eb7db7d2cb57fb6deb7d018e8806647ef6d3fa6fde6cc91a442a5eab395
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mp4skin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
ebe5488a8cb6ac260dd5ee48ab4ca4cb
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://mp4skin.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=5bf3bd5a-4fd4-405d-9056-e2c57c4de17b
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 12 Dec 2024 16:30:04 GMT
date
Wed, 13 Dec 2023 16:30:04 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 12 Dec 2024 16:30:04 GMT
date
Wed, 13 Dec 2023 16:30:04 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
/
e6dfdf813a.8b0a9809d8.com/in/show/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e6dfdf813a.8b0a9809d8.com/in/show/?tag_ab=c&site_id=31418774&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fd%2Fh7sYoCnsagk&refdom=poop.cx&auction_time=1702485004&subid=357529620&sid=1971883847&tcid=0&ver=8.126.0&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-13&iabcat=IAB25-3&keywords=&user_fp=17202441562143304764&score=74.87785405672774&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fd%252Fh7sYoCnsagk%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fs.viiqxpnb.com%2Fh%2F1411%2Fm2reuqov6b4vvexg2gjy5lgjwktuk54zyhwlh74ewj5hq2d2nj7gieduafrcpypsv76u4kqhzm344u7mk2pi44wsgp24u6xiohfo5rxm6dan74vnnsbesluqioqhzvsmkkwfnlorx3f4vdmnq6xxdotpvdgjxyvrt2ejfnkj2zfkvtwjr62kpo5ixryokybq3byhufbv7jwg5vcsjkcgg53njj3ymssdqnitpnk2jslubfpi3pwhvid3lb43r5cfms6ncsvzotuzdbf3j6rhbxbuuvnulj2aod2wnpwksxjvnusooz3vwydzpvmuexl2prtxa6scm4ahy2d4mnyustkvqj3hhgsuoljgfntikgzu22pxnbf4au2m2j3fffsiykhl5bl5m6otg6u3xlpxgwuarrcuqstjjexwokvolyqkw5h3g6n2qthhikwiuzo2oosiqwekjngskargpqwqkfqjpj5gc7jeceyvglrzo4yxiqchkufbori3mnchqvtsl5umws3a75x2hcwzjpnhcr4lj5h7hbt3wr3qbdcojoyffj2cxnchxz42ogchl34pvfwlqqgr4pwonahhugqmw5eagegbudbeaa4vi2kdgett6eqpimtscjboemmcguz7fmqt43ifdijb2ticcrwquiy5f4dcacbeciocm7ibgf6cugisiirwwblreaoryakzfunry3iteqmhccbufiwvcrk2p4xdikrhcazakk3povsxisiqkviucrsknbchsvtad4sssfqicnihw7dhpf3emyyhpjvha3twjbbvakbwpbwgcr3ylz2fqzd2prlukxd6pnsxq5semubf3hous3g2xiur537hgigqzts5ctamqcbkhodravftrvwi6lznhium3bxc7wf72gli56e5375hc2dzj32fyukgbebrsotspfttehb4izrtwpdioomhesrqil7mbn63jrkhgzcrkopzc72ns63vcznyt24iy6bj53rhssdvmizdftifbxhqw3vqmzfql7bxjasv4gcceblaeuzwjvmoaj4ojy%3D%3D%3D%3D%3D%3D%3Fu%3D&icons=W17p8oC6bXTOOJvU8ms11weBKd-cB2eXRNHO5i_8fAU8MombR87Gm4MY4IafZYKgcwamIoguFJL261OYZsu19MtJuBXZbYBnayOkr8a_v6_WRkfJv6nO6OmcQeav-4H8Vto0b6SoqDlR9NFFlRGU33bdkNLpWXXF7D8i1b3c8cB_YyZPag&ext_cid=0&px_id=53418774&min_cpm=0.03248792587212838&out_id=1&campaign_type=lq-pop&aid=412&cid=14080&uniq=&mid=1013150794189975250&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.05035725669454531&cpm=0&verify_hash=ab9db67a2522a590c80bd38118925d81&is_native=2&real_bid=0.0012534983349927846&original_bid_usd=0.0013859999418593947&original_bid=0.0013859999418593947&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.109%20Safari%2F537.36&ip_mismatch=2a01:4a0:2c::10&geo=GB&carrier=-&label_ids=76,81,89,27,93,0,123,4,108&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1702571404&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0.0013859999418593947&hostname=auc-inpage-hz-1-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/London&topics=&historical_keywords=&pop_cpc=0.0000013859999418593948&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=342d575a-4975-45a1-b5c5-7ea54f3d90d2
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 16:30:04 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ Frame 24D5 		790 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/592354c837f17810cc29ef78490677f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 12 Dec 2024 16:30:04 GMT
date
Wed, 13 Dec 2023 16:30:04 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ Frame 24D5 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.02&cpa=349b617c-252b-4ef5-8e0a-01390a430b98
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 12 Dec 2024 16:30:04 GMT
date
Wed, 13 Dec 2023 16:30:04 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
/
e6dfdf813a.8b0a9809d8.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e6dfdf813a.8b0a9809d8.com/in/show/?tag_ab=c&site_id=31418774&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fd%2Fh7sYoCnsagk&refdom=poop.cx&auction_time=1702485004&subid=357529620&sid=1971883847&tcid=0&ver=8.126.0&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-13&iabcat=IAB25-3&keywords=&user_fp=17202441562143304764&score=74.87785405672774&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fd%252Fh7sYoCnsagk%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fs.viiqxpnb.com%2Fh%2F1411%2Fm2reuqov6b4vvexg2gjy5lgjwktuk54zyhwlh74ewj5hq2d2nj7gieduafrcpypsv76u4kqhzm344u7mk2pi44wsgp24u6xiohfo5rxm6dan74vnnsbesluqioqhzvsmkkwfnlorx3f4vdmnq6xxdotpvdgjxyvrt2ejfnkj2zfkvtwjr62kpo5ixryokybq3byhufbv7jwg5vcsjkcgg53njj3ymssdqnitpnk2jslubfpi3pwhvid3lb43r5cfms6ncsvzotuzdbf3j6rhbxbuuvnulj2aod2wnpwksxjvnusooz3vwydzpvmuexl2prtxa6scm4ahy2d4mnyustkvqj3hhgsuoljgfntikgzu22pxnbf4au2m2j3fffsiykhl5bl5m6otg6u3xlpxgwuarrcuqstjjexwokvolyqkw5h3g6n2qthhikwiuzo2oosiqwekjngskargpqwqkfqjpj5gc7jeceyvglrzo4yxiqchkufbori3mnchqvtsl5umws3a75x2hcwzjpnhcr4lj5h7hbt3wr3qbdcojoyffj2cxnchxz42ogchl34pvfwlqqgr4pwonahhugqmw5eagegbudbeaa4vi2kdgett6eqpimtscjboemmcguz7fmqt43ifdijb2ticcrwquiy5f4dcacbeciocm7ibgf6cugisiirwwblreaoryakzfunry3iteqmhccbufiwvcrk2p4xdikrhcazakk3povsxisiqkviucrsknbchsvtad4sssfqicnihw7dhpf3emyyhpjvha3twjbbvakbwpbwgcr3ylz2fqzd2prlukxd6pnsxq5semubf3hous3g2xiur537hgigqzts5ctamqcbkhodravftrvwi6lznhium3bxc7wf72gli56e5375hc2dzj32fyukgbebrsotspfttehb4izrtwpdioomhesrqil7mbn63jrkhgzcrkopzc72ns63vcznyt24iy6bj53rhssdvmizdftifbxhqw3vqmzfql7bxjasv4gcceblaeuzwjvmoaj4ojy%3D%3D%3D%3D%3D%3D%3Fu%3D&icons=7qxdaEb_XZBf_7ldelF7xE0zRiRvipTO-WvTYw2F4DLXyN2cunTD8DKW9cBBDgxEuUPGCTWkKklOqmb9Zx1Rv-jPUbzqJUdMd4M0dGCt1N4ltI1_s0mo4OFGtlYVXilQld0CeqBOX8Gkyo9EFpesWJ9znx9Lka3jUDrDHQ04myQLGVQcTA&ext_cid=0&px_id=53418774&min_cpm=0.03248792587212838&out_id=0&campaign_type=lq-pop&aid=412&cid=14080&uniq=&mid=1013150794189975250&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.05035725669454531&cpm=0&verify_hash=ab9db67a2522a590c80bd38118925d81&is_native=2&real_bid=0.0012534983349927846&original_bid_usd=0.0013859999418593947&original_bid=0.0013859999418593947&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.109%20Safari%2F537.36&ip_mismatch=2a01:4a0:2c::10&geo=GB&carrier=-&label_ids=76,81,89,123,93,27,108,4,0&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1702571404&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0.0013859999418593947&hostname=auc-inpage-hz-1-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/London&topics=&historical_keywords=&pop_cpc=0.0000013859999418593948&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.02&cpa=caafaa2a-43e4-4fbd-9cc5-e46df7163827
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 16:30:04 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/592354c837f17810cc29ef78490677f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 12 Dec 2024 16:30:04 GMT
date
Wed, 13 Dec 2023 16:30:04 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=cec03178-e1ae-44a7-8673-4292912c4584
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 12 Dec 2024 16:30:04 GMT
date
Wed, 13 Dec 2023 16:30:04 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
/
e6dfdf813a.8b0a9809d8.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e6dfdf813a.8b0a9809d8.com/in/show/?tag_ab=c&site_id=31418776&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fd%2Fh7sYoCnsagk&refdom=poop.cx&auction_time=1702485004&subid=388464194&sid=1224491239&tcid=0&ver=8.126.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-13&iabcat=IAB25-3&keywords=&user_fp=17202441562143304764&score=84.97636120722679&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fd%252Fh7sYoCnsagk%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fs.viiqxpnb.com%2Fh%2F1411%2Fm27uuqov6b4vvexg2gjy5lgjwktuk54zyhwlh74ewj5hq2d2nj7gieduafrcpypsv76u4kqgzm344u7mk2pi44wsgp24u6xiohfo5rxm6dan74vnnsbesluqioqhzvsmkkwfnlorx3f4vdmnq6xxdotpvdgjxyvrt2ejfnkj2zfindhq75fmqrsv5fzxojtxyjyfbhlsjjxemu4ajfejc5lmwjff5ccbs7hi7e2qszkexhppme5hxahckouet2u5uc6uzklc2fx2es2xxbaxfuzsyhqkh7cf4fywhedwnbewoqdylj7fsyd3pviecxl6prsh66sbmyhxq2dumr5mc4ld2b3hbyc4qbhg7ptildfuyyh7nbhnqu2j4j3mt7fetzeeln3qpwf7b7lrnc7luy3wi5ghqe2dagiwkivbkhqehjndh36vtgniismxjngcpkehs4yteqmcocbrpiwvsq2ufrytokt2ii3a46diprrhiq2cknlraqcpnbbx6cggnzi4gs4iwxretucult7xcrebtrqicvjbz5evxz3qmxhycsf2nsb3zvfuwltybdrvvjktmkqhe5dd4ytlparb2ayrjjob6ejccyvqknqjei4cycczdestq6lxgipw4tbefmwt2mzsdaivsokfge3uiiqea4md46aii4kacizlhulswf3okurs4jjtejabcwqgjmkecmisojpsgvdfpnyviqc7pv4tgktqirvqk6b6misdmezkbnle6q2mmfax4w3wlvtxs7kyijkhy6smbregoyqbp5uhmy3xibafiacdizfwgqd6lfyfqqeo3gqptn45xofmiqzl2ofofz2og7gz3lx2ganhgcgq6d5o7rxyshfwggpmupxlz2wcvxkpsn3pj5gm6t3lpifembqcij7v6oqbfeoh4kbrlzdyitlakr4m5s5utvfwe4k7iju2her2kkxyov25wcb23vtfhlr5itkujjefmch5byhisdcywjovqp6agqgtuzriiqmf4h2gnriex3irxjja%3D%3D%3D%3D%3Fu%3D&icons=TyrQLgk0XL0zNY7zkjXH4kpFPVsTgJyW8CZBuT2W-3Q8P2Vs8pZzT6JSPhifTauUe6jD9whT-uBCpak8VNMfBznE7ueU5IgXIWKW_g4f1wB4yx_jsELAvmPWXHk_J5s1qlPqqqIBsmPjNOcZvCPBQ25lZHk9u9fQVVlXKY5r9n4AU5FUPA&ext_cid=0&px_id=53418776&min_cpm=0.07174949268768281&out_id=1&campaign_type=lq-pop&aid=412&cid=14080&uniq=&mid=1499091657750945184&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.11121385942574917&cpm=0&verify_hash=9051be9850f762593887312d51fed20e&is_native=2&real_bid=0.0012534983349927846&original_bid_usd=0.0013859999418593947&original_bid=0.0013859999418593947&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.109%20Safari%2F537.36&ip_mismatch=2a01:4a0:2c::10&geo=GB&carrier=-&label_ids=81,27,108,0,123,4,93,76,89&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1702571404&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0.0013859999418593947&hostname=auc-inpage-hz-4-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/London&topics=&historical_keywords=&pop_cpc=0.0000013859999418593948&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=a9d0d9c6-2095-421c-8e57-68feaddf5495
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 16:30:04 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ Frame 0FC0 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Requested by
Host: 495720ba1f.79dc3bce9d.com
URL: https://495720ba1f.79dc3bce9d.com/592354c837f17810cc29ef78490677f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 12 Dec 2024 16:30:04 GMT
date
Wed, 13 Dec 2023 16:30:04 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ Frame 0FC0 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&st=0.02&cpa=ab8a871a-7eea-4fcd-b931-2d3933f97e86
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 12 Dec 2024 16:30:04 GMT
date
Wed, 13 Dec 2023 16:30:04 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
/
e6dfdf813a.8b0a9809d8.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e6dfdf813a.8b0a9809d8.com/in/show/?tag_ab=c&site_id=31418776&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fd%2Fh7sYoCnsagk&refdom=poop.cx&auction_time=1702485004&subid=388464194&sid=1224491239&tcid=0&ver=8.126.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-13&iabcat=IAB25-3&keywords=&user_fp=17202441562143304764&score=84.97636120722679&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fd%252Fh7sYoCnsagk%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fs.viiqxpnb.com%2Fh%2F1411%2Fm27uuqov6b4vvexg2gjy5lgjwktuk54zyhwlh74ewj5hq2d2nj7gieduafrcpypsv76u4kqgzm344u7mk2pi44wsgp24u6xiohfo5rxm6dan74vnnsbesluqioqhzvsmkkwfnlorx3f4vdmnq6xxdotpvdgjxyvrt2ejfnkj2zfindhq75fmqrsv5fzxojtxyjyfbhlsjjxemu4ajfejc5lmwjff5ccbs7hi7e2qszkexhppme5hxahckouet2u5uc6uzklc2fx2es2xxbaxfuzsyhqkh7cf4fywhedwnbewoqdylj7fsyd3pviecxl6prsh66sbmyhxq2dumr5mc4ld2b3hbyc4qbhg7ptildfuyyh7nbhnqu2j4j3mt7fetzeeln3qpwf7b7lrnc7luy3wi5ghqe2dagiwkivbkhqehjndh36vtgniismxjngcpkehs4yteqmcocbrpiwvsq2ufrytokt2ii3a46diprrhiq2cknlraqcpnbbx6cggnzi4gs4iwxretucult7xcrebtrqicvjbz5evxz3qmxhycsf2nsb3zvfuwltybdrvvjktmkqhe5dd4ytlparb2ayrjjob6ejccyvqknqjei4cycczdestq6lxgipw4tbefmwt2mzsdaivsokfge3uiiqea4md46aii4kacizlhulswf3okurs4jjtejabcwqgjmkecmisojpsgvdfpnyviqc7pv4tgktqirvqk6b6misdmezkbnle6q2mmfax4w3wlvtxs7kyijkhy6smbregoyqbp5uhmy3xibafiacdizfwgqd6lfyfqqeo3gqptn45xofmiqzl2ofofz2og7gz3lx2ganhgcgq6d5o7rxyshfwggpmupxlz2wcvxkpsn3pj5gm6t3lpifembqcij7v6oqbfeoh4kbrlzdyitlakr4m5s5utvfwe4k7iju2her2kkxyov25wcb23vtfhlr5itkujjefmch5byhisdcywjovqp6agqgtuzriiqmf4h2gnriex3irxjja%3D%3D%3D%3D%3Fu%3D&icons=oxCB-Cns7EosdEqGPS25vj_zi-CI7Z93lQpSwXCTIpfV2xLrQLkqAYNcmNXNAwikowT6F4waJ5q5aL7qnBQVcq3d_-Jml3SnD6xP57J_vxQcrJMigLi4yi5rvMM0GKVdfbkYVxUbFFu6sUU_agtqaw91TjTX-yq_ll7Zp0bQkjyuoD7LQg&ext_cid=0&px_id=53418776&min_cpm=0.07174949268768281&out_id=0&campaign_type=lq-pop&aid=412&cid=14080&uniq=&mid=1499091657750945184&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.11121385942574917&cpm=0&verify_hash=9051be9850f762593887312d51fed20e&is_native=2&real_bid=0.0012534983349927846&original_bid_usd=0.0013859999418593947&original_bid=0.0013859999418593947&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.109%20Safari%2F537.36&ip_mismatch=2a01:4a0:2c::10&geo=GB&carrier=-&label_ids=89,93,123,4,76,81,27,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1702571404&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0.0013859999418593947&hostname=auc-inpage-hz-4-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/London&topics=&historical_keywords=&pop_cpc=0.0000013859999418593948&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&st=0.02&cpa=933c7e0d-60b5-4024-b3a0-be391498161e
Requested by
Host: poop.cx
URL: https://poop.cx/d/h7sYoCnsagk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 16:30:04 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
watch
metrolagu.cam/ Frame 4133 		2 KB
1020 B 		Document
General
Check archive.org
Download Go to
Full URL
https://metrolagu.cam/watch?v=Ay04zDYuaZA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.250.228.42 London, United Kingdom, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1554307.contaboserver.net
Software
nginx /
Resource Hash
f95ac2a8a868bdb37a4d786a2a6c329643e3be06623557e7c65d7fa7518824da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://metrolagu.cam
Referer
https://metrolagu.cam/jembud/6b6761736e436f59733768
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Dec 2023 16:30:05 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
64343
fikedaquabib.com/rotaInGRWQGA24/ Frame 4133 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fikedaquabib.com/rotaInGRWQGA24/64343
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.87.0 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://metrolagu.cam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 16:30:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://metrolagu.cam
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
jquery-latest.min.js
code.jquery.com/ Frame 4133 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://metrolagu.cam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3046751
x-cache
HIT, HIT
content-length
33202
x-served-by
cache-lga21983-LGA, cache-lcy-eglc8600020-LCY
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1702485006.788139,VS0,VE0
etag
W/"28feccc0-1762a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
45, 142753
embed.css
metrolagu.cam/ Frame 4133 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://metrolagu.cam/embed.css
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.250.228.42 London, United Kingdom, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1554307.contaboserver.net
Software
nginx /
Resource Hash
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://metrolagu.cam/watch?v=Ay04zDYuaZA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:05 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 15:07:59 GMT
server
nginx
etag
"651596cf-446"
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
1094
expires
Thu, 14 Dec 2023 04:30:05 GMT
3vlvz59cbszwsgnn.jpg
img.doodcdn.co/snaps/ Frame 4133 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.doodcdn.co/snaps/3vlvz59cbszwsgnn.jpg
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
661a2d725f24db0a0ec1d1a5fa0f0979185379f253df942e8e661ffa3fb8ec2b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://metrolagu.cam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=7489
alt-svc
h3=":443"; ma=86400
content-length
7386
cf-bgj
imgq:100,h2pri
last-modified
Mon, 20 Nov 2023 10:56:42 GMT
server
cloudflare
etag
"655b3b6a-1d41"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gouPgbtWqvWzU4qFYXJhynziMQPbl%2BA4NCDCHz0wQrpSVK65VAeZLtkNSIKurifkIjZqeOrtoaj2auymAwf0DFNc9Kiz%2BrKGB77fAnockuOUPFWIDotgKH9Ovx877b5ofNpOXaImL2HIY2xA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
834f96f62d7048bf-LHR
expires
Wed, 27 Dec 2023 06:59:08 GMT
play.svg
metrolagu.cam/ Frame 4133 		633 B
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrolagu.cam/play.svg
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/embed.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.250.228.42 London, United Kingdom, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1554307.contaboserver.net
Software
nginx /
Resource Hash
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://metrolagu.cam/embed.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:30:06 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 21 Sep 2023 10:51:20 GMT
server
nginx
etag
"650c2028-279"
content-type
image/svg+xml
accept-ranges
bytes
content-length
633
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je3bt0v9167878827&_p=1702485003262&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1893828995.1702485004&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702485003&sct=1&seg=0&dl=https%3A%2F%2Fpoop.cx%2Fd%2Fh7sYoCnsagk&dt=Dicolok%20Kontol%20Panjang%20Mentok%20-%20PoopHD&en=scroll&epn.percent_scrolled=90&_et=2&tfd=15574
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 16:30:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://poop.cx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture function| $ function| jQuery function| R function| X function| gtag object| dataLayer object| __adFormats object| __formatsGetters object| _admSptsInVw object| AdManager object| a3klsam object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| activesInpages function| __fp-init object| popunderMetricsForSurvey

10 Cookies

Domain/Path Name / Value
.poop.cx/ Name: _ga
Value: GA1.1.1893828995.1702485004
.poop.cx/ Name: _ga_RRBBHD087X
Value: GS1.1.1702485003.1.0.1702485003.0.0.0
fp.metricswpsh.com/ Name: id
Value: 18385070538085215204
meenetiy.com/ Name: OAID
Value: 0112a52362c94aa78a42487cb924904e
meenetiy.com/ Name: oaidts
Value: 1702485004
my.rtmark.net/ Name: ID
Value: 0112a52362c94aa78a42487cb924904e
meenetiy.com/ Name: syncedCookie
Value: true
metrolagu.cam/ Name: PHPSESSID
Value: 7m5o4gudoi0fq2hqpkne32j050
fikedaquabib.com/ Name: GL_UI4
Value: eJw9jVtugzAURHmTtIF0JBbQJfAQRP2suoh%2BImNfiBOwI%2BOCuvtaldqvORqd0XieFxRn%2BFsSI%2FxiLV7Hlsau4qyititZ3VwuYhQdr5tuFA0NbzjKtbdsmMlGOKwLM7a3W4TTRIqM5D3XgjK8OOuvuSu9qwjxYJgSGeLFGXOGdDB6X8kUISLFFkLycTXaZbywmzYIq7p0LJVjv0Sg1yLMn5B%2BSiXcMD8hqMo8Tzw8P2ZmR22WXorERzwZJgj%2BOw6cWZq0%2BUYqaL1b%2FQD0LPp%2F%2F%2Fc33KsSiaBNcneu7ZXMD8STTuk%3D
fikedaquabib.com/ Name: GL_GI10
Value: eJwVyEEOgjAQRuHOLDAmdvFHrmEDwkK2IuEctTaGEKfNQEy8vbB43%2BIZY7g8gacMe7u6uutc3VSurUBv8GMAB8FhjPrx8gOpBatYUNiaYPuk8XL3YX4miWBZcNxWTurXCMoFgde0u7xKA%2FoW5z%2F%2Bihf5

1 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0CvqWywrIrwor1hZCoVzm85lGMpamYkByOmB3dP8otcl_ynCnxyXwLQMio8OVznpuyUlIk&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1393110087%3A1702485004210427&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3484bf3157.55454ed59d.com
495720ba1f.79dc3bce9d.com
accounts.google.com
cdnjs.cloudflare.com
code.jquery.com
doodx.pro
e6dfdf813a.8b0a9809d8.com
fikedaquabib.com
fonts.googleapis.com
fp.metricswpsh.com
img.doodcdn.co
mcpuwpsh.com
meenetiy.com
metrolagu.cam
mp4skin.com
my.rtmark.net
nereserv.com
poop.cx
region1.google-analytics.com
static.bookmsg.com
storage.multstorage.com
www.googletagmanager.com
139.45.195.8
139.45.197.245
157.90.84.242
157.90.84.246
2001:4860:4802:32::36
23.109.87.0
2606:4700:20::ac43:46be
2606:4700:3030::6815:48cd
2606:4700::6811:190e
2606:4700:e6::ac40:c50e
2a00:1450:4001:810::200a
2a00:1450:4001:828::2008
2a00:1450:400c:c04::54
2a01:4f8:c0:2306::1
2a01:4f8:e0:19cb::1
2a02:b48:8301::24
2a04:4e42:600::649
2a06:98c1:3121::3
45.133.44.52
45.133.44.53
46.250.228.42
46.250.230.255
06244cc9cd0c998581b1bf93f5222deee7d2d0b09299190e163961afa973ba91
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10c142c79bbbfe42ce677eedeee70f918de0e759feabc175f423543aee886a6b
206d526e32959ce92da664b9e30be583c2500a6427800ecf2f8718b16ede188c
23277218fbc504eb139c48670c8f22bd48181133999d9d75f14c68aeed72373e
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee
35eac99fad34e42397b947ddf07e12b82346aef2c75838a599a40ec6c95a53aa
47eecf5a3058c1592cb558981545e34c3ade4ede457e02a5760688964452b874
4ca2d870794ea0d5902ed97a4c515f4462b63555a5d4e8a2ccca6e1011dfe4db
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54abd8116ad24070d650866862eee72b406192019759e7ee48f8d8626f841dad
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf
661a2d725f24db0a0ec1d1a5fa0f0979185379f253df942e8e661ffa3fb8ec2b
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
784769a175e02520593b08e4729433ef3df82b9af4df6bcda86c55da9a056c0d
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
8eff8bf051a31db36f38cb4fea7ab050b1ac4ec1721088885f801ba0af777a80
a3fe69d20064653807d77b80c7a7c6e381f78981258f9878c5724cb06fe2a4ff
a89985c5f426611bc4553813dab34bca4306971469abf8598889ae116150158d
af0fb651abef55d3b17788f161869c6388756ad1547902ae74fe9d490d850868
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
be1af4678cb3f928bfaa007a730ac68f4ba488961dd57c3e8145c6dab8868332
c69c82b626e01c17fb10b2fabd6aa70462e6d97759cfc63358199aacea35d870
d6cf0eb7db7d2cb57fb6deb7d018e8806647ef6d3fa6fde6cc91a442a5eab395
d75f3e6fccd13f6647dc0c4fe37c13492ede13c50ddccec3fa4214f927060dd1
e228b909313044a18dec1a674cfd4935071c36eb3eb6a0cd38a45afac6ae3996
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18
f29a3f06f780d797b51ea8e1c4ce1182b749f4b531da6dc68e0c96f986df9bbd
f4c109f2e81af1df1cf0c41934f699fa249176cb27c7b554d3bc664c89fc1340
f7c8ae9c7b18adee8a22a5368e7356c09303f88ad6bf59ca66d7bb206236c938
f95ac2a8a868bdb37a4d786a2a6c329643e3be06623557e7c65d7fa7518824da
fc524e45f47b5bedaa3f8778cfbaa0cc4e9eba32d893c001cda33cc8587b5e03
fe768bc2969d17ae00ec0f7facaf66722c967d8a31658136787863d42a76efbf