poop.com.co Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://poop.com.co/e/yaWQO86yW04
Submission: On March 17 via manual (March 17th 2024, 7:08:02 am UTC) from MY — Scanned from NL

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 21 domains to perform 47 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is poop.com.co. The Cisco Umbrella rank of the primary domain is 182010.
TLS certificate: Issued by E1 on February 11th 2024. Valid for: 3 months.

This is the only time poop.com.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:46be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:303... 2606:4700:3032::6815:1ef2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:400c:c09::54	15169 (GOOGLE) (GOOGLE)
2	157.90.84.246 157.90.84.246	24940 (HETZNER-AS) (HETZNER-AS)
8	2a01:4f8:c0:2... 2a01:4f8:c0:2343::2	24940 (HETZNER-AS) (HETZNER-AS)
1	2a01:4f8:c0:2... 2a01:4f8:c0:2306::1	24940 (HETZNER-AS) (HETZNER-AS)
1	23.109.170.224 23.109.170.224	7979 (SERVERS-COM) (SERVERS-COM)
6	2a02:b48:8300... 2a02:b48:8300::24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	2604:9e00:1:1... 2604:9e00:1:129::2:b1f	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.109.170.97 23.109.170.97	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
47	19

5 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

poop.com.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrolagu.cam	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:46be (United States)

ASN13335 (CLOUDFLARENET, US)

img.doodcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.poopcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
berlagu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

40dd6c8f55.5b7cb7236e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0da14cebab.61c3d331bf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:1ef2 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.multstorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c09::54 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.84.90.157.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a01:4f8:c0:2343::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

ec21f1f236.03e41ef81f.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:c0:2306::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

mcpuwpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.170.224 (Netherlands)

ASN7979 (SERVERS-COM, US)

wakenssponged.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:b48:8300::24 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:9e00:1:129::2:b1f (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.qualiclicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.qualiclicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.170.97 (Netherlands)

ASN7979 (SERVERS-COM, US)

fikedaquabib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	03e41ef81f.com ec21f1f236.03e41ef81f.com	14 KB
6	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 55592	6 KB
5	5b7cb7236e.com 40dd6c8f55.5b7cb7236e.com	218 KB
4	metrolagu.cam metrolagu.cam — Cisco Umbrella Rank: 202770	5 KB
3	google.com 2 redirects accounts.google.com — Cisco Umbrella Rank: 26	2 KB
3	berlagu.com berlagu.com — Cisco Umbrella Rank: 249772	2 KB
2	qualiclicks.com 1 redirects xml.qualiclicks.com static.qualiclicks.com — Cisco Umbrella Rank: 146308	12 KB
2	nereserv.com nereserv.com — Cisco Umbrella Rank: 52854	401 B
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 54052	429 B
2	doodcdn.co img.doodcdn.co — Cisco Umbrella Rank: 56196	85 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 253	56 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115	50 KB
1	fikedaquabib.com fikedaquabib.com — Cisco Umbrella Rank: 225265	1 KB
1	wakenssponged.com wakenssponged.com — Cisco Umbrella Rank: 262991	1 KB
1	mcpuwpsh.com mcpuwpsh.com — Cisco Umbrella Rank: 90981	8 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1985	251 B
1	61c3d331bf.com 0da14cebab.61c3d331bf.com	207 B
1	multstorage.com storage.multstorage.com — Cisco Umbrella Rank: 46621	899 B
1	poopcdn.com assets.poopcdn.com	854 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	94 KB
1	poop.com.co poop.com.co — Cisco Umbrella Rank: 182010	5 KB
47	21

	Domain	Requested by
8	ec21f1f236.03e41ef81f.com	40dd6c8f55.5b7cb7236e.com poop.com.co
6	static.bookmsg.com	poop.com.co 40dd6c8f55.5b7cb7236e.com
5	40dd6c8f55.5b7cb7236e.com	poop.com.co 40dd6c8f55.5b7cb7236e.com
4	metrolagu.cam	berlagu.com poop.com.co metrolagu.cam
3	accounts.google.com	2 redirects poop.com.co
3	berlagu.com	poop.com.co berlagu.com
2	nereserv.com	40dd6c8f55.5b7cb7236e.com
2	fp.metricswpsh.com	40dd6c8f55.5b7cb7236e.com
2	img.doodcdn.co	poop.com.co metrolagu.cam
2	cdnjs.cloudflare.com	poop.com.co metrolagu.cam
1	pagead2.googlesyndication.com	metrolagu.cam
1	fikedaquabib.com	metrolagu.cam
1	static.qualiclicks.com
1	xml.qualiclicks.com	1 redirects
1	wakenssponged.com	berlagu.com
1	mcpuwpsh.com	40dd6c8f55.5b7cb7236e.com
1	region1.google-analytics.com	www.googletagmanager.com
1	0da14cebab.61c3d331bf.com	40dd6c8f55.5b7cb7236e.com
1	storage.multstorage.com	40dd6c8f55.5b7cb7236e.com
1	assets.poopcdn.com	poop.com.co
1	www.googletagmanager.com	poop.com.co
1	poop.com.co
47	22

This site contains no links.

Subject Issuer	Validity	Valid
poop.com.co E1	`2024-02-11` - `2024-05-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
doodcdn.co Cloudflare Inc ECC CA-3	`2024-01-12` - `2024-12-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
assets.poopcdn.com E1	`2024-03-14` - `2024-06-12`	3 months	crt.sh
berlagu.com GTS CA 1P5	`2024-03-02` - `2024-05-31`	3 months	crt.sh
40dd6c8f55.5b7cb7236e.com R3	`2024-03-14` - `2024-06-12`	3 months	crt.sh
multstorage.com GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
0da14cebab.61c3d331bf.com R3	`2024-03-14` - `2024-06-12`	3 months	crt.sh
notification.tubecup.net R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
03e41ef81f.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
puwpush.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
wakenssponged.com R3	`2024-02-14` - `2024-05-14`	3 months	crt.sh
metrolagu.cam GTS CA 1P5	`2024-02-15` - `2024-05-15`	3 months	crt.sh
static.bookmsg.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
fikedaquabib.com R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://poop.com.co/e/yaWQO86yW04
Frame ID: 0BF733368E9866A4271D154ADABD42F1
Requests: 28 HTTP requests in this frame

Frame: https://berlagu.com/download/muak+aruma
Frame ID: 63EF8F9443666586BA9BE6A23DF64E3B
Requests: 4 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 09D885FE429CF64342FDB1CF22DD5043
Requests: 1 HTTP requests in this frame

Frame: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Frame ID: 183B81B34D6DE087DE1A4E77EECDDC10
Requests: 8 HTTP requests in this frame

Frame: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Frame ID: 917BD366D5EFCCAEA1DD9E2A30B07276
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4D915709A0B4F394FF69DACE9034DA4E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live Show-Nanaa 19 thn - PoopHD

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

94 %
HTTPS

74 %
IPv6

21
Domains

22
Subdomains

19
IPs

4
Countries

561 kB
Transfer

1644 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ATuJsjx7pyinnJW7GyqOcnjGFVp5mj6uDh-lnkS_5h4-HOX8w-Y6fNy1ASp-bPsKJhdsE6RCNir_1Q HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjx0is-Xs-GX--wc9Mdd68iY2PJRyD37rRYY1q17ign2az8NdxUmPwq60doYvZwJk8rGeKV1HA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S184703847%3A1710659277350738&theme=glif&ddm=0

Request Chain 39

https://xml.qualiclicks.com/thumbnail?i=YoBP6SD-BW8_0&p=1710659277.427961&imgt=icon&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.01&cpa=64397474-eb22-4a15-b086-38ece364efe8&prev_step_diff=456 HTTP 302
https://static.qualiclicks.com/n254/ad/300x300_B5GdBxejA9siRyTGaYqB.jpeg

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request yaWQO86yW04 Show response
poop.com.co/e/ 11 KB
5 KB 344ms
292ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 837da62a315e9ae7bd8a2e1e074d43ecedd445bbe39fd6ea7ac317854bb03af7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: MISS
cf-ray: 865b261f0ee906c4-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Mar 2024 07:07:56 GMT
last-modified: Sun, 17 Mar 2024 07:07:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qdgaCypH5ceuBa9lmfFIbEvOvIMP6lp6WFgYnPLZchAfP2NcK8BxKnnZp%2FmFlSO78KAYhnc6US6kZzn%2Fw7WVpZ%2FqpPpA2QwjcnAazpR7SAavVRgLu1Pv07whgl5vl9HJiq6Tg2coLn5Zsw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 51ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 07:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 301612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27748
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ymR6SXK94UGrNz8m87Jyv8a4ZjX9TslxXeIVxplfspO%2FDq1p71qQ4%2Fw%2FVRmG1fDN9Vvlcuku4TPDtUxA0W5eKyZHJUstl6DSMGo3UoyYkHS5kPcGiBE%2FwfANi1PWOqNbqq7pVvxCtZ8EIyBL0ZheASKq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 865b26210eafb88e-AMS
expires: Fri, 07 Mar 2025 07:07:56 GMT

GET
H2 200 yhan777ezktll7tw.jpg
img.doodcdn.co/snaps/ 42 KB
43 KB 73ms
25ms Image
image/jpeg 2606:4700:20::ac43:46be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.doodcdn.co/snaps/yhan777ezktll7tw.jpg
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19aa8a2bfafbf0d70e6a5973b1d7fe8346d4f9e6a4310530297136f913acb84

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 07:07:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47283
cf-polished: origSize=43338
alt-svc: h3=":443"; ma=86400
content-length: 42992
cf-bgj: imgq:100,h2pri
last-modified: Thu, 04 Jan 2024 12:25:23 GMT
server: cloudflare
etag: "6596a3b3-a94a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wEw0qwOqTjpQCPeSlmZYVtda2yHOsYUpP%2Bve9sJsdr4uNn7cpXV7S4bziHiPQ518xgQsOxmjjaVFuY%2BQSjhUy6G1OtFQFloijfRSKn4BcJKzg4DN2pWaU5gV8KUijQz2jSoO6lvbwK%2FDGmNX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 865b26212db6775d-AMS
expires: Sat, 30 Mar 2024 16:45:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
94 KB 84ms
37ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X

Requested by

Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59d3b15833f5ed14019ff2d127baf55474c4aff45b198321f454f1803254f0dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 07:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96344
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Mar 2024 07:07:57 GMT

GET
H2 200 play.svg
assets.poopcdn.com/ 633 B
854 B 76ms
26ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.poopcdn.com/play.svg
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 07:07:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Mar 2024 17:17:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4332
etag: W/"85f08506e5a64050719e7e18a26cd9c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7k39qq97tndHr8a79D78QDa%2Fk36ZHsKCQmFNarWfPd%2FuKx7S0rcmUBdX5dInXoG95FrixBC7V8iOesBTT5HfR8SIvTTa%2B3AniKXXqwY%2FcJ3FdnyUr5jHlgduaEhpGp2NIgJ96Ekwc6uV3qk2xQfVlyo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 865b262199231c99-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 3430577936384f51576179 Show response
berlagu.com/jembud/ Frame 63EF 242 B
645 B 271ms
221ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berlagu.com/jembud/3430577936384f51576179
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65c49ac0f9b16538596ba4dd2966a491aa4440f46c507adb37e90bd295a23a05

Request headers

Referer: https://poop.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 865b26219a160b3e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Mar 2024 07:07:57 GMT
last-modified: Sun, 17 Mar 2024 07:07:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKHLAXRNhCsugAHoUoF0jLEQu4ZVCZx76Pk9DSsoPIpEFCCLcgpSaBmins7iiph8c8zgIAi3yezPnFG9VJEdmEqLSEF%2FHmLAYlOLIHiYArLa4%2BSFt5is9YiZBRtzU6%2BC5HXh8EvbNbx1NA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 8900d6ac057b3c8b85ad24000d854b63.js Show response
40dd6c8f55.5b7cb7236e.com/ 104 KB
35 KB 63ms
13ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://40dd6c8f55.5b7cb7236e.com/8900d6ac057b3c8b85ad24000d854b63.js
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f4a6bd7c4c4b744112e7a17254201adcffb90ff1f99d0aff97e059b6af2a84d6

Request headers

Referer: https://poop.com.co/
Origin: https://poop.com.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sun, 17 Mar 2024 07:12:57 GMT
date: Sun, 17 Mar 2024 07:07:57 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 14:52:22 GMT
server: nginx/1.18.0
etag: W/"65e731a6-1a102"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 114039 Show response
40dd6c8f55.5b7cb7236e.com/28ace3d511b664884fba7b5263eec183/ 3 KB
3 KB 14ms
14ms XHR
application/json 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://40dd6c8f55.5b7cb7236e.com/28ace3d511b664884fba7b5263eec183/114039?version_name=d
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/8900d6ac057b3c8b85ad24000d854b63.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 8046915ddf79ff57b1206ec42ac024251b5ada9945df6fb4dbe5f2246edd3f5b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 17 Mar 2024 07:07:57 GMT
cache-control: max-age=300
x-proxy-cache: HIT
server: nginx/1.18.0
content-type: application/json
expires: Sun, 17 Mar 2024 07:12:57 GMT

GET
H2 200 count.html Show response
storage.multstorage.com/log/ Frame 09D8 882 B
899 B 70ms
22ms Document
text/html 2606:4700:3032::6815:1ef2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.multstorage.com/log/count.html
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/8900d6ac057b3c8b85ad24000d854b63.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1ef2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

Request headers

Referer: https://poop.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 865b26228d7d0b85-AMS
content-encoding: br
content-type: text/html
date: Sun, 17 Mar 2024 07:07:57 GMT
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fnTByEOKAqYkU2rujfGMkYL2vsJUJNWIrGwWvnb7Bohgk2VJIY0CeHn5fYpVsBCyygyhF7aSMZbcgPrv6siGUZzohlkht1sMZSm6BedB5Fx05JL0P7JwmEjmA8SkErJaraTq9xu8XKkpBvH29qsCpMxgSgg7MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-request-id: 0cc603f9b48712ddd7482dfcfa7a0365

GET
H2 200 track Show response
0da14cebab.61c3d331bf.com/in/ 0
207 B 97ms
50ms XHR
text/plain 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://0da14cebab.61c3d331bf.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI3MzMxNDgxNDM1ODgyMTExMDAwIiwidGltZXpvbmUiOjEsInZlciI6IjMuMTEwLjAiLCJ0YWdfaWQiOjExNDAzOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV1cm9wZS9BbXN0ZXJkYW0iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4wNSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiTGl2ZSUyQ1Nob3ctTmFuYWElMkMxOSUyQ3RobiUyQ1Bvb3BIRCJ9
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/8900d6ac057b3c8b85ad24000d854b63.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 07:07:57 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 76d4d8e55f2ef44ae4b73cab827ba744.js Show response
40dd6c8f55.5b7cb7236e.com/ 95 KB
27 KB 53ms
26ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://40dd6c8f55.5b7cb7236e.com/76d4d8e55f2ef44ae4b73cab827ba744.js
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/8900d6ac057b3c8b85ad24000d854b63.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: a66a26f5c0fcb52fd479ae3b8beaa3286f101559a95f91fb95921bdf43a46e1d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sun, 17 Mar 2024 07:12:57 GMT
date: Sun, 17 Mar 2024 07:07:57 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2024 09:32:50 GMT
server: nginx/1.18.0
etag: W/"65f2c442-17d07"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 17dde3b9e3dbf67f02c4a8b10c4cf408.js Show response
40dd6c8f55.5b7cb7236e.com/ 162 KB
45 KB 62ms
35ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://40dd6c8f55.5b7cb7236e.com/17dde3b9e3dbf67f02c4a8b10c4cf408.js
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/8900d6ac057b3c8b85ad24000d854b63.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7be70ce32b6acc9168a7d51fb282f0f03552dcd31a078778cc9a529a56a07a61

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sun, 17 Mar 2024 07:12:57 GMT
date: Sun, 17 Mar 2024 07:07:57 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 13:51:10 GMT
server: nginx/1.18.0
etag: W/"65f4524e-28789"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 79ms
24ms Preflight 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=114039
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.com.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://poop.com.co
Connection: keep-alive
Date: Sun, 17 Mar 2024 07:07:57 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 58 B
429 B 72ms
24ms XHR
application/json 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=114039
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/8900d6ac057b3c8b85ad24000d854b63.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: f3fb88af12012a747b199e21f2ff257adfcb58dd20ac92b40c562defc74bea47

Request headers

Referer: https://poop.com.co/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Sun, 17 Mar 2024 07:07:57 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://poop.com.co
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 58

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 47ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je43d0v9167878827za200&_p=1710659276999&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=83209998.1710659277&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710659277&sct=1&seg=0&dl=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&dt=Live%20Show-Nanaa%2019%20thn%20-%20PoopHD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=594
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 07:07:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://poop.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ATuJsjx7pyinnJW7GyqOcnjGFVp5mj6uDh-lnkS_5h4-HOX8w-Y6fNy1ASp-b...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjx0is-Xs-GX--wc9Mdd68iY2PJRyD37rRYY1q17ign2az8NdxUmPwq60doYvZwJk8rGeKV1HA&passive...

0
0

42ms
42ms

Image
text/html

2a00:1450:400c:c09::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjx0is-Xs-GX--wc9Mdd68iY2PJRyD37rRYY1q17ign2az8NdxUmPwq60doYvZwJk8rGeKV1HA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S184703847%3A1710659277350738&theme=glif&ddm=0
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H3
Server: 2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

date: Sun, 17 Mar 2024 07:07:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-SywlFDRji1F6XW1GqnvjKg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 427
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjx0is-Xs-GX--wc9Mdd68iY2PJRyD37rRYY1q17ign2az8NdxUmPwq60doYvZwJk8rGeKV1HA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S184703847%3A1710659277350738&theme=glif&ddm=0
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 5dd56790-60ea-43bf-9901-6b16cb45412d
https://poop.com.co/ 204 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://poop.com.co/5dd56790-60ea-43bf-9901-6b16cb45412d
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 204
Content-Type: text/javascript

GET
H2 200 fb6e4d0e396091db4505453da96134d8.js Show response
40dd6c8f55.5b7cb7236e.com/ 459 KB
108 KB 16ms
15ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://40dd6c8f55.5b7cb7236e.com/fb6e4d0e396091db4505453da96134d8.js
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/17dde3b9e3dbf67f02c4a8b10c4cf408.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f76863be1d9a0858e0783b00048d67fbd3e9d372301a6a7b53fd831b4f0455ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sun, 17 Mar 2024 07:12:57 GMT
date: Sun, 17 Mar 2024 07:07:57 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2024 12:50:55 GMT
server: nginx/1.18.0
etag: W/"65f2f2af-72d5b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 115ms
27ms XHR
text/plain 157.90.84.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=c50968cb-dda7-47cb-920a-c4ce4b4f886b&subid=388464194&sid=1751677483&spot_id=418776&created_at=2024-03-17&timezone=1&ver=7.270.0-b&is_native=1
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/17dde3b9e3dbf67f02c4a8b10c4cf408.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 07:07:57 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
ec21f1f236.03e41ef81f.com/in/ 50 KB
7 KB 339ms
339ms XHR
application/json 2a01:4f8:c0:2343::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ec21f1f236.03e41ef81f.com/in/multy
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/17dde3b9e3dbf67f02c4a8b10c4cf408.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 344276771a54b8249f926b93d380ed573c9031d3722946bb1e5e5807cf08bb36

Request headers

Referer: https://poop.com.co/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 07:07:57 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 7299

OPTIONS
H2 204 multy
ec21f1f236.03e41ef81f.com/in/ Frame 0
0 94ms
24ms Preflight 2a01:4f8:c0:2343::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ec21f1f236.03e41ef81f.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.com.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Sun, 17 Mar 2024 07:07:57 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

GET
H2 200 dip Show response
nereserv.com/in/ 0
200 B 116ms
28ms XHR
text/plain 157.90.84.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=57e1caec-5e45-4a0b-be31-3cae351ac270&subid=357529620&sid=2413485536&spot_id=418774&created_at=2024-03-17&timezone=1&ver=7.270.0-b&is_native=1
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/17dde3b9e3dbf67f02c4a8b10c4cf408.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 07:07:57 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
ec21f1f236.03e41ef81f.com/in/ 37 KB
6 KB 342ms
341ms XHR
application/json 2a01:4f8:c0:2343::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ec21f1f236.03e41ef81f.com/in/multy
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/17dde3b9e3dbf67f02c4a8b10c4cf408.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 3663a20f23f494edf51563140e5dcbb2c5ad4773370e0585cd8c786f34da27c3

Request headers

Referer: https://poop.com.co/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 07:07:57 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 5998

OPTIONS
H2 204 multy
ec21f1f236.03e41ef81f.com/in/ Frame 0
0 93ms
24ms Preflight 2a01:4f8:c0:2343::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ec21f1f236.03e41ef81f.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.com.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Sun, 17 Mar 2024 07:07:57 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

POST
H2 200 muak+aruma Show response
berlagu.com/download/ Frame 63EF 651 B
623 B 213ms
213ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berlagu.com/download/muak+aruma
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26edf3923de9e28e5d418e4c41b757d6a770229fc38cec56406a6c84b5ba6f30

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://berlagu.com
Referer: https://berlagu.com/jembud/3430577936384f51576179
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 865b26230b780b3e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Mar 2024 07:07:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WLfrYulOyEcKWXRBHHxcJqtsVLkKMeJklYJrKNQ3IGJVgx2o75Ozs%2FxLNHbUG9VQGif5%2B4Hup2GwGCZzKGntJieDa%2FIaa%2Fy1XKG2JDwI8KbSe1J%2F0OEU3cNS18Vyg1dnjG%2Bs1wmgi0tcBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 / Show response
mcpuwpsh.com/get/ 8 KB
8 KB 599ms
286ms Fetch
application/json 2a01:4f8:c0:2306::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mcpuwpsh.com/get/
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/76d4d8e55f2ef44ae4b73cab827ba744.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2306::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b84d6b3ee73fa2aafdd55cfcaace844e8cadab3b853e709776402d3c518664c9

Request headers

Referer: https://poop.com.co/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 07:07:58 GMT
server: nginx/1.16.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 8272

GET
H3 200 embed.css
berlagu.com/ Frame 63EF 1 KB
871 B 23ms
23ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berlagu.com/embed.css
Requested by: Host: berlagu.com
URL: https://berlagu.com/download/muak+aruma
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://berlagu.com/download/muak+aruma
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 07:07:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 14:04:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8585
etag: W/"655cb90b-446"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69VgJGWXvr2D9IjZrvBHRnC%2BnlAfXld8KVMFn95JieOsGlxrOJIP105tsA8xcx9bNGtkd1Hu9m7Q2fBPQ4CzMhmzO7L48qXtnS1rcDp0SQW1c0X4rTQp%2B%2FzfYJqUQg32SvncfRrqxK%2BFNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 865b26246daad0b9-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Mar 2024 16:44:52 GMT

GET
H/1.1 200
OK 65101 Show response
wakenssponged.com/rizdGR8ExUj7Bb6T/ Frame 63EF 0
1 KB 192ms
16ms Script
application/javascript 23.109.170.224
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://wakenssponged.com/rizdGR8ExUj7Bb6T/65101

Requested by

Host: berlagu.com
URL: https://berlagu.com/download/muak+aruma

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.170.224 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://berlagu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 07:07:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://berlagu.com
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H2 200 3430577936384f51576179 Show response
metrolagu.cam/jembud/ Frame 183B 242 B
606 B 250ms
199ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrolagu.cam/jembud/3430577936384f51576179
Requested by: Host: berlagu.com
URL: https://berlagu.com/download/muak+aruma
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e959470fb83b3abe33b17aa83baa92e472283eb855339f2de19457ffcbc9644f

Request headers

Referer: https://berlagu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 865b2624c950662d-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Mar 2024 07:07:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2FXbFiFkAR7xKjBAHzfW1Xfrw7%2BlHPh4c4qx01Q4sQokCoTfQYg6rEWYPY2vDS%2FSy0lK3ndWwkrkelT6b%2FGkAibxmE3lRmYWc%2FZtcLcm0cSEWPDnyHo%2B6oyx9aPHQQJYjhmLHDFo43RVEyNn"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ 486 B
698 B 344ms
113ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=da40ec95-09ea-41a1-8a77-1132e1f64175&prev_step_diff=438
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Mon, 17 Mar 2025 07:07:57 GMT
date: Sun, 17 Mar 2024 07:07:57 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1e6"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 486
x-proxy-cache: HIT

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ 1 KB
1 KB 346ms
115ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Mon, 17 Mar 2025 07:07:57 GMT
date: Sun, 17 Mar 2024 07:07:57 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-42a"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1066
x-proxy-cache: HIT

GET
H2 200 /
ec21f1f236.03e41ef81f.com/in/show/ 0
200 B 71ms
23ms Image
text/plain 2a01:4f8:c0:2343::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ec21f1f236.03e41ef81f.com/in/show/?tag_ab=d&site_id=31418776&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&refdom=poop.com.co&auction_time=1710659277&subid=388464194&sid=1751677483&tcid=0&ver=7.270.0-b&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-17&iabcat=IAB25-3&keywords=&user_fp=11518571905170895504&score=65.53306189208271&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fe%252FyaWQO86yW04%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDEYxOWDEsDFGRo0WY27AsNGCRhgYOFrgGGPDTIsaNcSUGVOGzMwcYmiIcDhHTBoyCnVsETEDBw4aNmjEyCG0i8MxbpLGgDEDhsMwdcZglKHyxkiuMGhQjfE0rYwZQ0UYJYMxDZ0ybb7EiGvQzsK3UHE4hFNHzMIaM2rI-Arnog4ZMqTaIApHog4aNGTAuJGDoogyeOh8mVMZo1QcN27YiDumjWO1NrZ6NmhmYUO5btwsnBGDBg6qXkW0cePxMg2YizMOLx5D5UqHdfbqGEjH4hwdL16ceeNieBjSbVyMedPmxZw2YeRY3PhiZ04bOcyQ3BwjzIwxZsi8DUPDTO8wN8xQBg4rjUFDUDaEkV8OZQT4UoJkBFWGDDZEhRMZZKQWgxlm_FDHHAglQUYPKuWg4BhNlYGYGWWIUUOAOMiQQ000NIWDGSm9KMYNL8ZIVQ1kJFhDGfmxOKBOOOA0Bg426EeGSFzUAQMMFLaBl05yiNgDEVKEUcMSV8DARBZJXKEHE1ScQYcbaLSRhxNn1EHEGzhsmGENmGnG2VS80cBjFG9AccUVYhSxBBRHFNECFSJmsUQVOeAhRxpa_MfEGmVcccQcWDSRRBVxYDHGHUykJkdrYsBhhBVxHJXHnFk8EcUSQsSghBBJsAFFFE8sQYMaQqiBxwxxJHEHG1GIcQQReWhRRhNyuNFCEnBEdcYUWqCIxRNPoHEFGUSIsUQdQVCBxhlLBJHGF2dUkQSXVaQR5ZQUzvFGHaeWoWWem3U2L5U2wCFDD785NeO_FMIRQw9OMIFwwDP0EBcZ5GGk0UbikZcxa2FYtgVvVmV06kIwuDDlZjM4JEZtOpRcowxbpSzCGHDkBcfILbtgg2Y1OCSHHY7F0PNnNLdBsgsBQldHGhjFIDRbL04FQw3NwZQDTmnFlYZjIlztAswxuOB1ZDLEVUcYGDXxhh5psMFGGC_UYDIIKFyRhhsU3zEHCE5QAcJWJu8Agt1uRCU4HlGlAEIQjbGRaYtL2BX3DDe4MIMNdC-BBBVNMMECCGykgSkIR-y0xhuKD4GGHOSV8UIMkJmsM4Vhw44DCFMomF4ak1d-OWtiTddwXG_I8cUYwYswvENsJL-8CAfZ8YUcZbAx0YtU19BWcHKcodtjUTsU_RdiyLGQYNCXIX0bb9D1WJ00iM_6RA69kVT8Ir-BRx4L4U89y9SxDnZecDE4ZCw842nPC_IQhivwikl5CJNQiPIzjLCODh0rXgvq4Aa7tKRyZEgJ8eZQwcccZwaYwZ74kneQL4TwBnGhg9F00Jyt2KAGOSDLbWRYNhqaZSU41GFibmOQ6ZWBNF_o2ER-eMMcpsYh6kui49STlI_VIGRhEINl0mcGsLBBIoNpHsmuUhwY9EEBAQE%253D%26s%3D66a067065de6f3370c663e11e6f078d27d3d518ab8631ad0d3b181b15df5650e1710659277&icons=SICgaDLi47YtNBEa_oytzxkDih-pY86We-rJSH7jM2iiiSHi81Iz0M8I2TDyc0OhYoruXV1LeRv0OlV04ymyBMcDiTUJMx6h_aKoaQeBtYXYwwiR3T2ePM6s6uBAWLA9qhjzKXHHrmYjqynv4X3TsA1FuIZMaICnmQcDUe2K0RgpQkC0ng&ext_cid=496101&pop_price=0.0006205&pop_ecpm=0.03564022495774518&px_id=418776&min_cpm=0.02755534053645637&out_id=1&campaign_type=lq-pop-ext&aid=2010&cid=10966&uniq=&mid=2707160304941840423&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.5588843333125088&cpm=0&verify_hash=74bbb21dc33da76182db1c128b875ef2&is_native=3&real_bid=0.5588843333125088&pop_real_cpm=0.6205&pop_real_bid=0.0005588843333125087&original_bid_usd=0.6205&original_bid=0.6205&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&ip_mismatch=2001:1af8:4020:a034:1000::2&geo=NL&carrier=-&label_ids=4,20,27,108,0&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.6205&hostname=auc-inpage-hz-5-c&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0006205&ext_campaign_id_str=496101&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=09436504-21ca-4ecb-8be8-fef1a237cad8&prev_step_diff=438
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 07:07:57 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ Frame 917B 1 KB
1 KB 327ms
102ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/17dde3b9e3dbf67f02c4a8b10c4cf408.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Mon, 17 Mar 2025 07:07:57 GMT
date: Sun, 17 Mar 2024 07:07:57 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-42a"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1066
x-proxy-cache: HIT

GET
H2 200 /
ec21f1f236.03e41ef81f.com/in/show/ 0
201 B 62ms
23ms Image
text/plain 2a01:4f8:c0:2343::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ec21f1f236.03e41ef81f.com/in/show/?tag_ab=d&site_id=31418776&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&refdom=poop.com.co&auction_time=1710659277&subid=388464194&sid=1751677483&tcid=0&ver=7.270.0-b&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-17&iabcat=IAB25-3&keywords=&user_fp=11518571905170895504&score=65.53306189208271&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fe%252FyaWQO86yW04%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDEYxOWDEsDFGRo0WY27AsNGCRhgYOFrgGGPDTIsaNcSUGVOGzMwcYmiIcDhHTBoyCnVsETEDBw4aNmjEyCG0i8MxbpLGgDEDhsMwdcZglKHyxkiuMGhQjfE0rYwZQ0UYJYMxDZ0ybb7EiGvQzsK3UHE4hFNHzMIaM2rI-Arnog4ZMqTaIApHog4aNGTAuJGDoogyeOh8mVMZo1QcN27YiDumjWO1NrZ6NmhmYUO5btwsnBGDBg6qXkW0cePxMg2YizMOLx5D5UqHdfbqGEjH4hwdL16ceeNieBjSbVyMedPmxZw2YeRY3PhiZ04bOcyQ3BwjzIwxZsi8DUPDTO8wN8xQBg4rjUFDUDaEkV8OZQT4UoJkBFWGDDZEhRMZZKQWgxlm_FDHHAglQUYPKuWg4BhNlYGYGWWIUUOAOMiQQ000NIWDGSm9KMYNL8ZIVQ1kJFhDGfmxOKBOOOA0Bg426EeGSFzUAQMMFLaBl05yiNgDEVKEUcMSV8DARBZJXKEHE1ScQYcbaLSRhxNn1EHEGzhsmGENmGnG2VS80cBjFG9AccUVYhSxBBRHFNECFSJmsUQVOeAhRxpa_MfEGmVcccQcWDSRRBVxYDHGHUykJkdrYsBhhBVxHJXHnFk8EcUSQsSghBBJsAFFFE8sQYMaQqiBxwxxJHEHG1GIcQQReWhRRhNyuNFCEnBEdcYUWqCIxRNPoHEFGUSIsUQdQVCBxhlLBJHGF2dUkQSXVaQR5ZQUzvFGHaeWoWWem3U2L5U2wCFDD785NeO_FMIRQw9OMIFwwDP0EBcZ5GGk0UbikZcxa2FYtgVvVmV06kIwuDDlZjM4JEZtOpRcowxbpSzCGHDkBcfILbtgg2Y1OCSHHY7F0PNnNLdBsgsBQldHGhjFIDRbL04FQw3NwZQDTmnFlYZjIlztAswxuOB1ZDLEVUcYGDXxhh5psMFGGC_UYDIIKFyRhhsU3zEHCE5QAcJWJu8Agt1uRCU4HlGlAEIQjbGRaYtL2BX3DDe4MIMNdC-BBBVNMMECCGykgSkIR-y0xhuKD4GGHOSV8UIMkJmsM4Vhw44DCFMomF4ak1d-OWtiTddwXG_I8cUYwYswvENsJL-8CAfZ8YUcZbAx0YtU19BWcHKcodtjUTsU_RdiyLGQYNCXIX0bb9D1WJ00iM_6RA69kVT8Ir-BRx4L4U89y9SxDnZecDE4ZCw842nPC_IQhivwikl5CJNQiPIzjLCODh0rXgvq4Aa7tKRyZEgJ8eZQwcccZwaYwZ74kneQL4TwBnGhg9F00Jyt2KAGOSDLbWRYNhqaZSU41GFibmOQ6ZWBNF_o2ER-eMMcpsYh6kui49STlI_VIGRhEINl0mcGsLBBIoNpHsmuUhwY9EEBAQE%253D%26s%3D66a067065de6f3370c663e11e6f078d27d3d518ab8631ad0d3b181b15df5650e1710659277&icons=YfTwT9EGugyZQbN8wJ4dr2-SKzyGaZLbve3_jkBEDJ5kVdKE0w3ZGWSS3ehdu-_Xl1gG1zyJiMhQ9iFk72mamYfVPjjheRGmenn4bkj2AbTeis6o-0QUMg-BE3Zwe1_GNcA5nNcr_fHvSmjlB5xIVTVkRPaTgy_IEQucUgIDZUsgo40vKw&ext_cid=496101&pop_price=0.0006205&pop_ecpm=0.03564022495774518&px_id=418776&min_cpm=0.02755534053645637&out_id=0&campaign_type=lq-pop-ext&aid=2010&cid=10966&uniq=&mid=2707160304941840423&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.5588843333125088&cpm=0&verify_hash=74bbb21dc33da76182db1c128b875ef2&is_native=3&real_bid=0.5588843333125088&pop_real_cpm=0.6205&pop_real_bid=0.0005588843333125087&original_bid_usd=0.6205&original_bid=0.6205&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&ip_mismatch=2001:1af8:4020:a034:1000::2&geo=NL&carrier=-&label_ids=4,27,20,108,0&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.6205&hostname=auc-inpage-hz-5-c&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0006205&ext_campaign_id_str=496101&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&st=0.01&cpa=1ca35753-cd84-4e0f-8b03-b23396d52ae4&prev_step_diff=438
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 07:07:57 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ Frame 917B 486 B
698 B 328ms
105ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&st=0.01&cpa=2089864e-b396-4d32-95fd-2956538331fc&prev_step_diff=438
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Mon, 17 Mar 2025 07:07:57 GMT
date: Sun, 17 Mar 2024 07:07:57 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1e6"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 486
x-proxy-cache: HIT

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ 1 KB
1 KB 322ms
106ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Requested by: Host: 40dd6c8f55.5b7cb7236e.com
URL: https://40dd6c8f55.5b7cb7236e.com/17dde3b9e3dbf67f02c4a8b10c4cf408.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Mon, 17 Mar 2025 07:07:57 GMT
date: Sun, 17 Mar 2024 07:07:57 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-42a"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1066
x-proxy-cache: HIT

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ 486 B
698 B 328ms
114ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.01&cpa=2fdb541b-2e05-4fe3-8d97-928257005b0d&prev_step_diff=456
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Mon, 17 Mar 2025 07:07:57 GMT
date: Sun, 17 Mar 2024 07:07:57 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1e6"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 486
x-proxy-cache: HIT

GET
H2 200 /
ec21f1f236.03e41ef81f.com/in/show/ 0
200 B 75ms
44ms Image
text/plain 2a01:4f8:c0:2343::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ec21f1f236.03e41ef81f.com/in/show/?tag_ab=d&site_id=31418774&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&refdom=poop.com.co&auction_time=1710659277&subid=357529620&sid=2413485536&tcid=0&ver=7.270.0-b&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-17&iabcat=IAB25-3&keywords=&user_fp=11518571905170895504&score=69.90307907414376&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fe%252FyaWQO86yW04%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDMYxMWiImSHGRowWOXLUGNOCBg4YNVqEsTGGTAscOWboHDMmR80bZUQ4nCMmDRmFOraImFHjRg0ZOWzIgCGii8MxbpDGgDEDhsMwdcZgxCEVBw2YNnLQmHFjrcsbOGIIFVGUDMY0dMq0-SL3Kxk7C2XMoGEDh0M4dcQsrMFUxlc4F3XIkEEjho2hcCTqoEFjatrLIsrgofNlTmaMlXHcaDt3TJvINKJupfiQjJmFDem6cbNwRkicZx22ceNx81kcjjMOLx7jBgwYoOvI1TGQjsU5Ol68OPPGxfAwptu4GPOmzYs5bcLIsbjxRZkxNUrmMEMTxo0YYWaMMUNGcBgaZoQUxg0zlPESTSIRFgZ_OZRBYBjQGSQGDWXIYIMNNNRQAxlkrBaDGWb8UMccCCVBRg_O5bDgGDPgUAZjZpQhRlMtQmWDGWvhgIMZYzh1gxg-IqfWhjaEUUMZ_MVooBgGajgGWf2RAUMMXNTxnIVt6MWkHCb2QIQURi5xBQxMZJHEFXowQcUZdLiBRht5OHFGHUS8ERd_TnHmWVQ5heRUFG9AccUVRcRxQxVNvFHEXlllYUcQWSCBhg15KIGFb1TEwEQVacAxBx050NFEHkvQIYYSYtiJxRVj5IEGEWrI4QQeTOChRQ1NBFHEFXI0YcUdWNhwQxxF2GCEGV8QcUcYZ0TxRRQmKnGFbUG0IUYdUpiBB601pPEEHENUwRkUbERBgxFFNEEFG1-cUUUSX3Ja5ZU2zPFGHXKMUUaXekIX1bwwWAiHDD3gpOO_VgZsAxwx9OAEEwALPEMPc5FRHkYabTReeRu3FoZmW_hmVUb5LgSDC8_ZN4NDYtymw8lrybDVyiKMAcdecJT8sgtSweSQHHZEFkMNDr13s8kuEOhQHXWkgVEMQ8eAQ1Mx5ABTczDgpCEMNMzVKUYquSBzDC6ETZkMc9URBkaJ6pEGG2yE8UINKIOAwhVpuGHxHXOA4AQVIGyF8g4g4O0GhoTjgWEKIAQBGRtlXCHjEnjNzZYLM9hg9xJIUNEEEyyAwEYaa5QBwhHvrfEG40OgIUd5ZbwQw2Qo82wh2bPjAMIUC6qXhuU3YG5Da2JR9_Bcb8jxBU8YHe8QG8WL4LwIB9nxhRxlsDFRUzUMbdZzP5_Bm2RUO1T9F2LIsZBh1JdhfRtv2CVZXDSY__pEDr2BVP0kv4FHHgvhH_ZcVp3rZOcFGYPDxsRDHve8IA9huEIUnkCWPIypa0MBGkZeR4ePJa8FdXADXlrQPReQoUfIm4MGdTA7wtxAMNABzQkxcpAvnPAGc6FDGyZyH-jUIAcyWE1F2oA2FvbQBj8MIoGa4pfrlcE0X_gYD7eCRCAKMTTWCwPk1oOUkNVgZGEQg2baZwawsEEih4Geya5SHBj0QQEBAQ%253D%253D%26s%3D931ff14264ea94909ec3132883998eb3a0bc3cd67e8d1475b6ffa922a17160fc1710659277&icons=jJnYZ3BTCMKv7oV3OC0Zeqi2wBuJus2iDdIVZ9z4iMtultzs3h841nCZYBUlQwJQ1e9jmobKT-GJUrmoSvqSFMEYX9baPm_WtYZOP3LugOvIDhJFA8tvwqcVg2zG4qgdKlwQnijvnrZSTtMVMVh_bwf3XAk69MOTQ-v0teH_2UaSzcc2GA&ext_cid=496101&pop_price=0.0006205&pop_ecpm=0.03204496024120145&px_id=418774&min_cpm=0.024775651471627965&out_id=1&campaign_type=lq-pop-ext&aid=2010&cid=10966&uniq=&mid=8628405694374348781&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.5588843333125088&cpm=0&verify_hash=7a4c7433e6334ff64fd122fa67a9483d&is_native=3&real_bid=0.5588843333125088&pop_real_cpm=0.6205&pop_real_bid=0.0005588843333125087&original_bid_usd=0.6205&original_bid=0.6205&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&ip_mismatch=2001:1af8:4020:a034:1000::2&geo=NL&carrier=-&label_ids=4,20,27,108,0&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.6205&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0006205&ext_campaign_id_str=496101&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.01&cpa=76e1f5c2-eb47-420b-b302-5a1396e02495&prev_step_diff=456
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 07:07:57 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
DATA 200
OK truncated
/ Frame 4D91 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
ec21f1f236.03e41ef81f.com/in/show/ 0
200 B 67ms
45ms Image
text/plain 2a01:4f8:c0:2343::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ec21f1f236.03e41ef81f.com/in/show/?tag_ab=d&site_id=31418774&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&refdom=poop.com.co&auction_time=1710659277&subid=357529620&sid=2413485536&tcid=0&ver=7.270.0-b&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-17&iabcat=IAB25-3&keywords=&user_fp=11518571905170895504&score=69.90307907414376&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fe%252FyaWQO86yW04%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=4265ddc8e5d3b2c8d2ab4506b9ed9ee1&url=https%3A%2F%2Fxml.qualiclicks.com%2Fclick%3Fi%3DYoBP6SD-BW8_0%26p%3D1710659277.427961&icons=LLGRYv291jP7cSK9lRxeZ2kXMqlK4S5_UO7azw-4YTb3PBwuBP8TinG8k86bwrs0ZZhJdV-0TpfpYloOHeE6T9H6WQAg8f2mECV5uimsjOT83bJXXWt0SLxX2s7KFDkzcAn8PCDKFd4KgtPJUPqa7IbFqJ7QtsMnD42a&ext_cid=1314976&px_id=73418774&min_cpm=0.0009755849429457903&out_id=0&campaign_type=hq&aid=3330&cid=15125&uniq=&mid=8628405694374348781&skin_id=71&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.005418624409156836&cpm=0&verify_hash=d445f25e3b8d1b4a0bc5a77fd7b8acaa&is_native=1&real_bid=0.0024&original_bid_usd=0.0024&original_bid=0.0024&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&ip_mismatch=2001:1af8:4020:a034:1000::2&geo=NL&carrier=-&label_ids=5,83,90,106,4,98&need_redirect_show=0&applied_features=main-skins-settings,coef_098&show_count=1&expiration_timestamp=1710745677&image_url=&site=native-push-adult&price=0.0024&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0000024&ext_campaign_id_str=1314976&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.01&cpa=ba29ec34-7c9f-4386-a4e2-2701cb28626d&prev_step_diff=456
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 07:07:57 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1

200
OK

300x300_B5GdBxejA9siRyTGaYqB.jpeg
static.qualiclicks.com/n254/ad/ Frame 4D91
Redirect Chain

https://xml.qualiclicks.com/thumbnail?i=YoBP6SD-BW8_0&p=1710659277.427961&imgt=icon&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.01&cpa=64397...
https://static.qualiclicks.com/n254/ad/300x300_B5GdBxejA9siRyTGaYqB.jpeg

11 KB
12 KB

111ms
20ms

Image
image/jpeg

2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.qualiclicks.com/n254/ad/300x300_B5GdBxejA9siRyTGaYqB.jpeg
Protocol: HTTP/1.1
Server: 2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: bafc3622dead6e7df54b80724628e6c79927d7c9cad94e82859e3687c2274e96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 07:07:58 GMT
Last-Modified: Fri, 12 Jan 2024 05:49:29 GMT
Server: nginx
ETag: "65a0d2e9-2d7a"
CDN-Origin-Protocol: HTTP
Content-Type: image/jpeg
Cache-Control: max-age=85947
Connection: keep-alive
Accept-Ranges: bytes
X-Forward-Proto: http
Content-Length: 11642
Expires: Mon, 18 Mar 2024 07:00:25 GMT

Redirect headers

Location: https://static.qualiclicks.com/n254/ad/300x300_B5GdBxejA9siRyTGaYqB.jpeg
Date: Sun, 17 Mar 2024 07:07:58 GMT
Cache-Control: no-store
Server: nginx
Connection: keep-alive
Content-Length: 0

POST
H2 200 watch Show response
metrolagu.cam/ Frame 183B 7 KB
3 KB 102ms
102ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c6939784f1d807476125389212d990ac97dc4598acd8bc3b19bb7e22535dd86

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://metrolagu.cam
Referer: https://metrolagu.cam/jembud/3430577936384f51576179
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 865b26260a47662d-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Mar 2024 07:07:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XsyVDPpsvIEyiBXnlTOlBamEAKMr7XqTgKOKZbd165FOfMqEO5Yy7bJe%2BviMCIKfGJD8Tm7m5QWzQgPr0ZBz7Co1we%2FzNFTsEHrmNa2zJ4fytl9qp9J%2F6Njlb8R1E2de0ZVL1EbHiwDtWVxv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK 64343 Show response
fikedaquabib.com/rotaInGRWQGA24/ Frame 183B 0
1 KB 85ms
17ms Script
application/javascript 23.109.170.97
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://fikedaquabib.com/rotaInGRWQGA24/64343

Requested by

Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.170.97 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 07:07:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://metrolagu.cam
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ Frame 183B 87 KB
28 KB 42ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://metrolagu.cam/
Origin: https://metrolagu.cam
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 07:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 311114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MXD7ISz7YzoYP16hwj7u5XY0DY3V5xB3DqySfNrnQd5MMBGhw%2FHKhI5pMr0VNdE6rkCYa7hKVRCrmvU6VEcRYxme3eRbHX3yV89YfGVCkndiwhMj7lHlFnHJu19LHoEdPPdVWi5ibs3ORZlQkufuYbIN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 865b2626d9566727-AMS
expires: Fri, 07 Mar 2025 07:07:57 GMT

GET
H3 200 embed.css
metrolagu.cam/ Frame 183B 1 KB
829 B 23ms
22ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrolagu.cam/embed.css
Requested by: Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/watch?v=Ay04zDYuaZA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 07:07:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Sep 2023 15:07:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4055
etag: W/"651596cf-446"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hoCkv1fHuWTVcjD0NLvbtQq8HejmvCcdTanE3lv%2BUaYm7d5DMX0cwLhwATIuNmSeP9oOHOFhKAlybG8ZXIwaTKYRDEMT2f%2FBwhnNkt6MZPNl2dU8HhWf4bDK6Ys2G11dadg77qziB2hmDh6B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 865b2626b95fb8b5-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Mar 2024 18:00:22 GMT

GET
H2 200 yhan777ezktll7tw.jpg
img.doodcdn.co/snaps/ Frame 183B 42 KB
42 KB 26ms
26ms Image
image/jpeg 2606:4700:20::ac43:46be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.doodcdn.co/snaps/yhan777ezktll7tw.jpg
Requested by: Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19aa8a2bfafbf0d70e6a5973b1d7fe8346d4f9e6a4310530297136f913acb84

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 07:07:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47284
cf-polished: origSize=43338
alt-svc: h3=":443"; ma=86400
content-length: 42992
cf-bgj: imgq:100,h2pri
last-modified: Thu, 04 Jan 2024 12:25:23 GMT
server: cloudflare
etag: "6596a3b3-a94a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBNiyOhY2cNLYY7PRQz%2F571kNP9n%2BGr4U8QTvrwWsfbf2vI8DjxJ2HzAfRDdwz0VJM16svOhckTlJ2i%2BFUKBIuX6A5XhKmhXWM1u9fUl8v7fHLXR6RpIy0eewLoRB0Rf32hZf%2BJmjkKq6XLa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 865b2626bb1e775d-AMS
expires: Sat, 30 Mar 2024 16:45:13 GMT

GET
H3 200 adus.js Show response
metrolagu.cam/ Frame 183B 532 B
780 B 21ms
21ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrolagu.cam/adus.js
Requested by: Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edd026699ef3c73fff84b39eb624af3bcb6d5732513ceef2ef1c36068e311eea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/watch?v=Ay04zDYuaZA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 07:07:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 02:26:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8609
etag: W/"657bb94e-214"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nEWAt8xRhsAFQzXA7%2BQ4fFkbfz0iFgEHtuHZBCdMtkYkn2fW50mfLQB6gKwpwjMu4FdI9JScEwU04Q84oTfZ8q9iq7KvmOVW8A4PhoXzDaATx8u2DtiQiwhVAuOX7G9oR30R8K8MMLhX%2FER7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 865b2626b962b8b5-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Mar 2024 16:44:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 183B 145 KB
50 KB 89ms
35ms Fetch
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da1f643df7397473818bb9048d080459f51915afdcfd846f1a1c7cdfa3f5fca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 07:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50711
x-xss-protection: 0
server: cafe
etag: 12411430058844177818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 17 Mar 2024 07:07:58 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.poop.com.co/	1970-01-21 04:46:59	Name: _ga_RRBBHD087X Value: GS1.1.1710659277.1.0.1710659277.0.0.0
.poop.com.co/	1970-01-21 04:46:59	Name: _ga Value: GA1.1.83209998.1710659277
fp.metricswpsh.com/	1970-01-21 03:56:35	Name: id Value: 5028786589465548562
wakenssponged.com/	1970-01-20 19:12:25	Name: GL_UI4 Value: eJw9jU1ugzAYRPknSQPpSBwgR7BRQeqy6iG6RAZ%2FEDdgR8YF9fa1KrWreRq90QRBEFUXhFt2RPwlGlyHemRSEO%2Bpbljbtoy9NKwem57z5lUKhqNaOyf6mVyCw7oI6zq3JThPpMmqoRuMpALP3vpr7trsOkHaW6FlgXTxxlwg763ZV7JVjESLhZC936zxmS7i01jEvK49K%2B05ZIjMWsXlCfmH0tIPyzMizsoyC%2FD0mIUbjV06JbMQ6WSFJIRvOAzC0WTsN3JJ692ZB2Bm2f37v7%2FxzhkySZsa%2FLlxN7I%2F9elODQ%3D%3D
wakenssponged.com/	1970-01-20 19:12:25	Name: GL_GI10 Value: eJxNijELwjAUBvPeUBAM8mEXt%2F6CQIsOrrqWTqJzbB%2B2IEl4Cf5%2B7eZwd8sZY7jegpcEez65rm3dmmMHeoGHHjwG7G6zNIOUWfTtw5RBasEaLGj8seDQi8%2FykOf%2F1Vzc3YFDxuYaNUX1RUCpInCJq%2FNUG9Cn2n8BsmIe8A%3D%3D
fikedaquabib.com/	1970-01-20 19:12:25	Name: GL_UI4 Value: eJw9jU1ugzAYRPknSQPpSBwgR7BRQeqy6iG6RAZ%2FEDdgR8YF9fa1KrWreRq90QRBEFUXhFt2RPwlGlyHemRSEO%2Bpbljbtoy9NKwem57z5lUKhqNaOyf6mVyCw7oI6zq3JThPpMmqoRuMpALP3vpr7trsOkHaW6FlgXTxxlwg763ZV7JVjESLhZC936zxmS7i01jEvK49K%2B05ZIjMWsXlCfmH0tIPyzMizsoyC%2FD0mIUbjV06JbMQ6WSFJIRvOAzC0WTsN3JJ692ZB2Bm2f37v7%2FxzhkySZsa%2FLlxN7I%2F9elODQ%3D%3D
fikedaquabib.com/	1970-01-20 19:12:25	Name: GL_GI10 Value: eJxNijELwjAUBvPeUBAM8mEXt%2F6CQIsOrrqWTqJzbB%2B2IEl4Cf5%2B7eZwd8sZY7jegpcEez65rm3dmmMHeoGHHjwG7G6zNIOUWfTtw5RBasEaLGj8seDQi8%2FykOf%2F1Vzc3YFDxuYaNUX1RUCpInCJq%2FNUG9Cn2n8BsmIe8A%3D%3D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjx0is-Xs-GX--wc9Mdd68iY2PJRyD37rRYY1q17ign2az8NdxUmPwq60doYvZwJk8rGeKV1HA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S184703847%3A1710659277350738&theme=glif&ddm=0 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0da14cebab.61c3d331bf.com
40dd6c8f55.5b7cb7236e.com
accounts.google.com
assets.poopcdn.com
berlagu.com
cdnjs.cloudflare.com
ec21f1f236.03e41ef81f.com
fikedaquabib.com
fp.metricswpsh.com
img.doodcdn.co
mcpuwpsh.com
metrolagu.cam
nereserv.com
pagead2.googlesyndication.com
poop.com.co
region1.google-analytics.com
static.bookmsg.com
static.qualiclicks.com
storage.multstorage.com
wakenssponged.com
www.googletagmanager.com
xml.qualiclicks.com
157.90.84.242
157.90.84.246
2001:4860:4802:34::36
23.109.170.224
23.109.170.97
2604:9e00:1:129::2:b1f
2606:4700:20::ac43:46be
2606:4700:3032::6815:1ef2
2606:4700::6811:190e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:400c:c09::54
2a01:4f8:c0:2306::1
2a01:4f8:c0:2343::2
2a02:26f0:480:f::213:7edb
2a02:b48:8300::24
2a06:98c1:3120::3
2a06:98c1:3121::3
45.133.44.53
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
26edf3923de9e28e5d418e4c41b757d6a770229fc38cec56406a6c84b5ba6f30
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee
344276771a54b8249f926b93d380ed573c9031d3722946bb1e5e5807cf08bb36
3663a20f23f494edf51563140e5dcbb2c5ad4773370e0585cd8c786f34da27c3
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
59d3b15833f5ed14019ff2d127baf55474c4aff45b198321f454f1803254f0dd
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf
65c49ac0f9b16538596ba4dd2966a491aa4440f46c507adb37e90bd295a23a05
7be70ce32b6acc9168a7d51fb282f0f03552dcd31a078778cc9a529a56a07a61
8046915ddf79ff57b1206ec42ac024251b5ada9945df6fb4dbe5f2246edd3f5b
837da62a315e9ae7bd8a2e1e074d43ecedd445bbe39fd6ea7ac317854bb03af7
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
9c6939784f1d807476125389212d990ac97dc4598acd8bc3b19bb7e22535dd86
a66a26f5c0fcb52fd479ae3b8beaa3286f101559a95f91fb95921bdf43a46e1d
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
b84d6b3ee73fa2aafdd55cfcaace844e8cadab3b853e709776402d3c518664c9
bafc3622dead6e7df54b80724628e6c79927d7c9cad94e82859e3687c2274e96
c19aa8a2bfafbf0d70e6a5973b1d7fe8346d4f9e6a4310530297136f913acb84
da1f643df7397473818bb9048d080459f51915afdcfd846f1a1c7cdfa3f5fca4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e959470fb83b3abe33b17aa83baa92e472283eb855339f2de19457ffcbc9644f
edd026699ef3c73fff84b39eb624af3bcb6d5732513ceef2ef1c36068e311eea
f3fb88af12012a747b199e21f2ff257adfcb58dd20ac92b40c562defc74bea47
f4a6bd7c4c4b744112e7a17254201adcffb90ff1f99d0aff97e059b6af2a84d6
f76863be1d9a0858e0783b00048d67fbd3e9d372301a6a7b53fd831b4f0455ea
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

poop.com.co Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

94 %HTTPS

74 %IPv6

21 Domains

22 Subdomains

19 IPs

4 Countries

561 kBTransfer

1644 kBSize

7 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

poop.com.co Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

94 %
HTTPS

74 %
IPv6

21
Domains

22
Subdomains

19
IPs

4
Countries

561 kB
Transfer

1644 kB
Size

7
Cookies

47 HTTP transactions
1 data transactions