urlscan.io logo urlscan.io
SecurityTrails logo

poop.cx Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://poop.cx/d/ecYBglL8mZC
Submission: On January 31 via manual from MY — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 20 domains to perform 55 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is poop.cx.
TLS certificate: Issued by E1 on December 29th 2023. Valid for: 3 months.
This is the only time poop.cx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 45.133.44.52 39572 (ADVANCEDH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 157.90.84.242 24940 (HETZNER-AS)
1 2001:4860:480... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
8 2a01:4f8:c0:2... 24940 (HETZNER-AS)
2 157.90.84.246 24940 (HETZNER-AS)
3 139.45.197.244 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
1 2a01:4f8:c0:2... 24940 (HETZNER-AS)
1 23.109.170.97 7979 (SERVERS-COM)
6 2a02:b48:8301... 39572 (ADVANCEDH...)
1 1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
55 18
13    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
poop.cx
cdn.poop.gold
metrolagu.cam
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
yu2be.com
6    45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
fd35bb45c8.f4823894ba.com
77a5198c32.40209f514e.com
1    2606:4700:3032::ac43:ae33 (United States)

ASN13335 (CLOUDFLARENET, US)
storage.multstorage.com
2    157.90.84.242 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de
fp.metricswpsh.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:400c:c09::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
8    2a01:4f8:c0:2343::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
319317829f.b15560d3a9.com
2    157.90.84.246 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.84.90.157.clients.your-server.de
nereserv.com
3    139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)
mordoops.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    2a01:4f8:c0:2306::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
mcpuwpsh.com
1    23.109.170.97 (Netherlands)

ASN7979 (SERVERS-COM, US)
fikedaquabib.com
6    2a02:b48:8301::24 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
static.bookmsg.com
1    2604:9e00:1:129::2:b1f (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.ezmob.com
1    2a02:26f0:480:f::213:7ec8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static.ezmob.com
Apex Domain
Subdomains		 Transfer
8 b15560d3a9.com
319317829f.b15560d3a9.com
11 KB
7 poop.cx
poop.cx
299 KB
6 bookmsg.com
static.bookmsg.com — Cisco Umbrella Rank: 38343
6 KB
5 f4823894ba.com
fd35bb45c8.f4823894ba.com
210 KB
4 metrolagu.cam
metrolagu.cam — Cisco Umbrella Rank: 104487
5 KB
4 yu2be.com
yu2be.com — Cisco Umbrella Rank: 128229
21 KB
3 mordoops.com
mordoops.com — Cisco Umbrella Rank: 130710
31 KB
3 google.com
accounts.google.com — Cisco Umbrella Rank: 23
2 KB
2 ezmob.com
xml.ezmob.com — Cisco Umbrella Rank: 113872
static.ezmob.com — Cisco Umbrella Rank: 26652
8 KB
2 nereserv.com
nereserv.com — Cisco Umbrella Rank: 35934
401 B
2 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 37830
427 B
2 poop.gold
cdn.poop.gold
11 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
56 KB
1 fikedaquabib.com
fikedaquabib.com — Cisco Umbrella Rank: 106284
1 KB
1 mcpuwpsh.com
mcpuwpsh.com — Cisco Umbrella Rank: 58611
4 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11663
541 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
248 B
1 40209f514e.com
77a5198c32.40209f514e.com
207 B
1 multstorage.com
storage.multstorage.com — Cisco Umbrella Rank: 32053
904 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
92 KB
55 20
Domain Requested by
8 319317829f.b15560d3a9.com fd35bb45c8.f4823894ba.com
7 poop.cx poop.cx
6 static.bookmsg.com fd35bb45c8.f4823894ba.com
5 fd35bb45c8.f4823894ba.com poop.cx
fd35bb45c8.f4823894ba.com
4 metrolagu.cam yu2be.com
poop.cx
metrolagu.cam
4 yu2be.com poop.cx
yu2be.com
3 mordoops.com yu2be.com
mordoops.com
3 accounts.google.com 2 redirects poop.cx
2 nereserv.com fd35bb45c8.f4823894ba.com
2 fp.metricswpsh.com fd35bb45c8.f4823894ba.com
2 cdn.poop.gold poop.cx
metrolagu.cam
2 cdnjs.cloudflare.com poop.cx
metrolagu.cam
1 static.ezmob.com
1 xml.ezmob.com 1 redirects
1 fikedaquabib.com metrolagu.cam
1 mcpuwpsh.com fd35bb45c8.f4823894ba.com
1 my.rtmark.net mordoops.com
1 region1.google-analytics.com www.googletagmanager.com
1 77a5198c32.40209f514e.com fd35bb45c8.f4823894ba.com
1 storage.multstorage.com fd35bb45c8.f4823894ba.com
1 www.googletagmanager.com poop.cx
55 21

This site contains no links.

Subject Issuer Validity Valid
poop.cx
E1		 2023-12-29 -
2024-03-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
cdn.poop.gold
E1		 2024-01-25 -
2024-04-24		 3 months crt.sh
yu2be.com
E1		 2023-12-17 -
2024-03-16		 3 months crt.sh
fd35bb45c8.f4823894ba.com
R3		 2024-01-28 -
2024-04-27		 3 months crt.sh
multstorage.com
GTS CA 1P5		 2024-01-18 -
2024-04-17		 3 months crt.sh
77a5198c32.40209f514e.com
R3		 2024-01-28 -
2024-04-27		 3 months crt.sh
notification.tubecup.net
R3		 2024-01-29 -
2024-04-28		 3 months crt.sh
b15560d3a9.com
R3		 2024-01-27 -
2024-04-26		 3 months crt.sh
mordoops.com
R3		 2023-11-20 -
2024-02-18		 3 months crt.sh
metrolagu.cam
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
puwpush.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
fikedaquabib.com
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
static.bookmsg.com
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://poop.cx/d/ecYBglL8mZC
Frame ID: 37013A5F1C9B1552A934EF043A59FBFF
Requests: 33 HTTP requests in this frame

Frame: https://yu2be.com/video?q=ice+cold+film
Frame ID: ADE886F92AC24026EE8761A38ABF1FB0
Requests: 8 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: A68BC0690A2FDBD534DDF395F718E743
Requests: 1 HTTP requests in this frame

Frame: https://metrolagu.cam/watch?v=ISnyONG1dEc
Frame ID: CB1D1D4511C2645BF2E0C0FEC04DF875
Requests: 7 HTTP requests in this frame

Frame: https://static.ezmob.com/n254/ad/100x100_87RbOqk3cK6MYqrmyDfH.png
Frame ID: 9C5852A4546FF4934E240A3EEBB5A8DF
Requests: 1 HTTP requests in this frame

Frame: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Frame ID: 5D120B12D75327506CECCF7B72DB0BA1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Colok Pakai Jari - PoopHD

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

95 %
HTTPS

67 %
IPv6

20
Domains

21
Subdomains

18
IPs

5
Countries

758 kB
Transfer

2164 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1p_oFtBtc8Fqjnrlt1lycemGMdfYW3Dv8KUMfNrWZx3AWhQ86alDxtkoISF1C7fz4U5im_fQ HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3-VlzB60K20Z1953lBmXweq0mvSWAvtDwC0fbOZlzgUcurRk5R_RRPYoqqMosc5EDjzioZjA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1829337966%3A1706722979705219&theme=glif
Request Chain 47
  • https://xml.ezmob.com/thumbnail?i=eFg3k5-IZBc_0&p=1706722979.483748&imgt=icon&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.01&cpa=22f65c4e-f858-4279-9ea9-06031353f638&prev_step_diff=582 HTTP 302
  • https://static.ezmob.com/n254/ad/100x100_87RbOqk3cK6MYqrmyDfH.png

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ecYBglL8mZC
poop.cx/d/ 		25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poop.cx/d/ecYBglL8mZC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da86b1808179ec7172f5fcbb234f5dc7d036e2e8bac2494b788600d3a6c4204

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
1688
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
84e3c11c2b8ab950-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 17:42:59 GMT
last-modified
Wed, 31 Jan 2024 17:14:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzBh9ZW2wxJAH0ppE%2FHec11%2BmIwNrG5a0O9A1D5EwP8Xr%2FTBvDDRdfU8uToHRXl%2FZm4qpexO1jqfA6mJpv1Z8HjdTDc26X4kxNevX%2B1jx49CUvDdQdvYOkg5gqjMOowGPs1JZCOL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: poop.cx
URL: https://poop.cx/d/ecYBglL8mZC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3616039
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27748
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQBhCAyuosIWu2bsJOw3l0IkFmVLufv9cf77jzr5ODMMNb0YfSuEU6o%2FqKr77TJbBj11F8lZEoTYIChnCJKoIZgcBxucVcq1%2FAlgURqedKJpXCxuOhFz0pyqbOzBvk4eJ03qKoM9wbN6bAXonN01vIbh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84e3c11c9a27661f-AMS
expires
Mon, 20 Jan 2025 17:42:59 GMT
bootstrap.min.css
poop.cx/theme_2/css/ 		204 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/css/bootstrap.min.css
Requested by
Host: poop.cx
URL: https://poop.cx/d/ecYBglL8mZC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10c142c79bbbfe42ce677eedeee70f918de0e759feabc175f423543aee886a6b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/d/ecYBglL8mZC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 02:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
13436
etag
W/"6522101c-32faa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lde%2BDu96OApUcAY5YKw5a60uL0gkD0jmV%2BieS3W2Y3Fd6vtQ6B1XCisbfQAC12Fg9VVYV75oCQC%2FVlakBaErgj6neWRql7rO22n1krKefh8c78XshT6JpUOer0JdtNtTWvYUf%2Fwn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
84e3c11c5bc9b950-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Feb 2024 01:59:03 GMT
style.css
poop.cx/theme_2/css/ 		204 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/css/style.css
Requested by
Host: poop.cx
URL: https://poop.cx/d/ecYBglL8mZC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5d197171351e1ddaebb1bfe4f70c9103109d98395ff67c3aac7064ac474a22c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/d/ecYBglL8mZC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13436
cf-polished
origSize=259373
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 08 Oct 2023 02:19:46 GMT
server
cloudflare
etag
W/"652211c2-3f52d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEYu489oGOJvuVC%2B7tSn2x7QRcPrsg7wMeP4PYE6i2jyC0Rjd4tgkX27DOIkFA85MHaJiNQ0GWRVaObt10gxeO291FrKs2etv85nT53eMBwm6M%2FemZXgKZeQZ9fj5SNuxoHVCwbk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
84e3c11c5bcbb950-AMS
expires
Thu, 01 Feb 2024 01:59:03 GMT
embed2.css
poop.cx/theme_2/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/css/embed2.css
Requested by
Host: poop.cx
URL: https://poop.cx/d/ecYBglL8mZC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e772b331d8bf7685c6b985af9da4eb0b7390ab159ae3197c3e41638b1f1a638

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/d/ecYBglL8mZC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13436
cf-polished
origSize=2267
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 27 Oct 2023 23:48:23 GMT
server
cloudflare
etag
W/"653c4c47-8db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auilfJJFjr3mzj5sflzE8WB0sjNXp%2Bn0YdugTtAyyi%2B0TwmbS4IzrznXRAwrWNuJ2TJX%2B23cmGUIER3SgtJw7nxS9TZw3Gbp0C%2BrOwSeyuERmHxK5ROiIIvFiS%2FLKczpjSTRmFo1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
84e3c11c5bccb950-AMS
expires
Thu, 01 Feb 2024 01:59:03 GMT
js
www.googletagmanager.com/gtag/ 		278 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Requested by
Host: poop.cx
URL: https://poop.cx/d/ecYBglL8mZC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7cdac23f297dc029a52412ca022d7c063d6def1513425a57402a3d103c7441e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94186
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jan 2024 17:42:59 GMT
oA3Uo.jpg
cdn.poop.gold/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.poop.gold/oA3Uo.jpg
Requested by
Host: poop.cx
URL: https://poop.cx/d/ecYBglL8mZC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cf787af3989357e6c5042df429c1c9bdbfc35b414b1960d6dc65045f47db0a6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Jan 2024 08:42:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6921
etag
"582a86522208dc2ae5a8a855070339da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqO%2FQFpaqhN5Yl%2FilqIG9cX7sLcGcd0bmFTkgUWG8Nq1FE%2BN6fsH6%2F83cqp4jEIOrOJ7CeRMF82xPK8Bq14tDxYg0WT7mjvt%2B%2BlAv5sIMapainsNdEnyNYpQgNXcNzQ92JSFcM8mBO7TTDHn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84e3c11d4c6f6691-AMS
alt-svc
h3=":443"; ma=86400
content-length
5279
avertastd-bold-webfont.woff2
poop.cx/theme_2/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/fonts/avertastd-bold-webfont.woff2
Requested by
Host: poop.cx
URL: https://poop.cx/theme_2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06244cc9cd0c998581b1bf93f5222deee7d2d0b09299190e163961afa973ba91

Request headers

Referer
https://poop.cx/theme_2/css/style.css
Origin
https://poop.cx
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 02:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6038
etag
"6522101c-5c34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVG0EEieOK8JD5wj9wfcb4aU2ZwgCkGRBK%2BenaTB40uGN945rngZ4RAwILlc7lw0sqUthKHXOT5xc6sn2TewBFF5E2qHqhfTQ868dSGEn8sQh%2FNzxqjY7wjHcJmZGDfPKzlpHK%2FJ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84e3c11ceeec0b75-AMS
alt-svc
h3=":443"; ma=86400
content-length
23604
avertastd-regular-webfont.woff2
poop.cx/theme_2/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/fonts/avertastd-regular-webfont.woff2
Requested by
Host: poop.cx
URL: https://poop.cx/theme_2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf

Request headers

Referer
https://poop.cx/theme_2/css/style.css
Origin
https://poop.cx
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 02:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6038
etag
"6522101c-5d04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luzPd4e3M%2FORchplOkDJ06eyIO5mnJIlwEqt3HHtambMG4HSaX3QdSIB4ocs6Wc8rRwlQA%2FyXdwUIEW5M6xr%2FSR%2B6RE91NYyv0uR6uLVSaA65deNL7fhq0UlATw9nH555j0Pu8vt"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84e3c11ceeee0b75-AMS
alt-svc
h3=":443"; ma=86400
content-length
23812
fa-duotone-900.woff2
poop.cx/theme_2/css/fontawesome/webfonts/ 		180 KB
181 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2
Requested by
Host: poop.cx
URL: https://poop.cx/theme_2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e228b909313044a18dec1a674cfd4935071c36eb3eb6a0cd38a45afac6ae3996

Request headers

Referer
https://poop.cx/theme_2/css/style.css
Origin
https://poop.cx
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 02:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6038
etag
"6522101c-2d09c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HT3oWDPBDP%2FdEkRyqfGP7uEYVybmsT%2FGAJlr390HhsXgL13HhhloWqkMZJi%2Bixl59JH0YbOchSBORwdPGOKf6dATdd6Ijt9si%2B3DkycJy1EqjMuBaWbi3gEWHvzpK3WzTfbBIjJ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84e3c11ceef00b75-AMS
alt-svc
h3=":443"; ma=86400
content-length
184476
435a6d384c6c6742596365
yu2be.com/embud/ Frame ADE8 		244 B
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://yu2be.com/embud/435a6d384c6c6742596365
Requested by
Host: poop.cx
URL: https://poop.cx/d/ecYBglL8mZC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8502ebbb0030f3ef452cd5d383f052d3c0f125abb3c0fa6543b5625e6a776aa4

Request headers

Referer
https://poop.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84e3c11d58820ba6-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 17:42:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0iPHevyPQhVeD2rvOl7uz4yyvxF%2BDBdgFZtlvk0ws3d9zxTq96iXvG15AxIW2UM8KctJYMVqMpck55y2h9%2FlyPxfTq4p2BP8n5GcUT%2BH5mz5a8snFvt%2BPvQnmij2PeXSa9Rh1ssPF0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
74898f85aef56cb8ccfa7d3fa5655099.js
fd35bb45c8.f4823894ba.com/ 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fd35bb45c8.f4823894ba.com/74898f85aef56cb8ccfa7d3fa5655099.js
Requested by
Host: poop.cx
URL: https://poop.cx/d/ecYBglL8mZC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
91be84b53630582a07db07f063d2f2ace37f1141e75d8ee63b5b75d997840778

Request headers

Referer
https://poop.cx/
Origin
https://poop.cx
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 17:47:59 GMT
date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
gzip
last-modified
Wed, 31 Jan 2024 10:12:54 GMT
server
nginx/1.18.0
etag
W/"65ba1d26-1988e"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
114039
fd35bb45c8.f4823894ba.com/9c5ae57b6079a776ea7133f3bec5304c/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fd35bb45c8.f4823894ba.com/9c5ae57b6079a776ea7133f3bec5304c/114039?version_name=d
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/74898f85aef56cb8ccfa7d3fa5655099.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
83255be8b72edb1b10dd621bf7e5852e4a189575242b9fd6d564265d834cd104

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 17:42:59 GMT
cache-control
max-age=300
x-proxy-cache
HIT
server
nginx/1.18.0
content-type
application/json
expires
Wed, 31 Jan 2024 17:47:59 GMT
count.html
storage.multstorage.com/log/ Frame A68B 		882 B
904 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.multstorage.com/log/count.html
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/74898f85aef56cb8ccfa7d3fa5655099.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ae33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

Request headers

Referer
https://poop.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84e3c11e18aa0b05-AMS
content-encoding
br
content-type
text/html
date
Wed, 31 Jan 2024 17:42:59 GMT
last-modified
Mon, 18 Sep 2023 14:39:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqkXdYdjRvN7BadppU%2FOf7IbaV5eUx9ErXHyEhbe5kO3JWolhpfZ67pI45Ab5w0e3vlWrHrRJ0cDtsVM942U9LK0WmlI5%2Bs5tF%2Bh0BOSh5P98ByyBfhKYex0jNyPbd53HzssjyQe%2FmVzKKZm9BykzKE4%2FxOzkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-request-id
92ba5f25837194cee3e6103c25e4a77f
track
77a5198c32.40209f514e.com/in/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://77a5198c32.40209f514e.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDI5OTQwNDk4MjEyOTc3OTAwMCIsInRpbWV6b25lIjoxLCJ2ZXIiOiIzLjEwMS4wIiwidGFnX2lkIjoxMTQwMzksInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdXJvcGUvQW1zdGVyZGFtIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMDQsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IkNvbG9rJTJDUGFrYWklMkNKYXJpJTJDUG9vcEhEIn0=
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/74898f85aef56cb8ccfa7d3fa5655099.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 17:42:59 GMT
server
nginx/1.20.2
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
d01eac3557a6454ac58b3dbd10912590.js
fd35bb45c8.f4823894ba.com/ 		160 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fd35bb45c8.f4823894ba.com/d01eac3557a6454ac58b3dbd10912590.js
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/74898f85aef56cb8ccfa7d3fa5655099.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ef6381bead0d2c23cc95edfeb5613d626735a4dc4c9c88421bcd4f9fe7cd85c8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 17:47:59 GMT
date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
gzip
last-modified
Wed, 31 Jan 2024 12:28:08 GMT
server
nginx/1.18.0
etag
W/"65ba3cd8-2817d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
d6509ab8a64fdd22b4ca3451360173ad.js
fd35bb45c8.f4823894ba.com/ 		92 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fd35bb45c8.f4823894ba.com/d6509ab8a64fdd22b4ca3451360173ad.js
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/74898f85aef56cb8ccfa7d3fa5655099.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b94ad5d6875fb6e5c9c73d284c3cba440270b7daf41b44dd11037b7bcc52e21e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 17:47:59 GMT
date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
gzip
last-modified
Wed, 31 Jan 2024 09:19:01 GMT
server
nginx/1.18.0
etag
W/"65ba1085-16e63"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
fp
fp.metricswpsh.com/ 		60 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=114039
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/74898f85aef56cb8ccfa7d3fa5655099.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
f2be742ae9cbf4dd3d5be148aac8cd4e964b976d01d85227c916d44483e6ce86

Request headers

Referer
https://poop.cx/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Wed, 31 Jan 2024 17:42:59 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://poop.cx
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
60
fp
fp.metricswpsh.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=114039
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://poop.cx
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://poop.cx
Connection
keep-alive
Date
Wed, 31 Jan 2024 17:42:59 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
collect
region1.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je41t0v9167878827&_p=1706722979342&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1746289443.1706722980&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706722979&sct=1&seg=0&dl=https%3A%2F%2Fpoop.cx%2Fd%2FecYBglL8mZC&dt=Colok%20Pakai%20Jari%20-%20PoopHD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=326
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 17:42:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://poop.cx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video
yu2be.com/ Frame ADE8 		59 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yu2be.com/video?q=ice+cold+film
Requested by
Host: poop.cx
URL: https://poop.cx/d/ecYBglL8mZC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c435fca699191b470a55a2aadb5aed91c25bcdaed094dfa6d93d850f1bb2a0c1

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://yu2be.com
Referer
https://yu2be.com/embud/435a6d384c6c6742596365
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84e3c11e098b0ba6-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 17:42:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRUqJbzI2COt2vicWWhqDW1rD4cK5v%2Bnx49ffYzJH52LsH7ovaw36JRv%2FR7KKv5MyxgLocEhR7WHD23IGtfhqo6AxwHuU2W8rbwZjI1iQ8G7786%2BS6ljfuGNx47wC%2Bui4sp8xf8Ntvw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
070086b03164c6083979a66b36d3a30b.js
fd35bb45c8.f4823894ba.com/ 		435 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fd35bb45c8.f4823894ba.com/070086b03164c6083979a66b36d3a30b.js
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/d01eac3557a6454ac58b3dbd10912590.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f66764ec186ab49165ce4fa6a0d60df7b888566212b1b060c83618c972008f78

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 17:47:59 GMT
date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
gzip
last-modified
Fri, 19 Jan 2024 16:09:32 GMT
server
nginx/1.18.0
etag
W/"65aa9ebc-6cbbe"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1p_oFtBtc8Fqjnrlt1lycemGMdfYW3Dv8KUMfNrWZx3AWhQ86alDxtk...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3-VlzB60K20Z1953lBmXweq0mvSWAvtDwC0fbOZlzgUcurRk5R_RRPYoqqMosc5EDjzioZjA&passive...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3-VlzB60K20Z1953lBmXweq0mvSWAvtDwC0fbOZlzgUcurRk5R_RRPYoqqMosc5EDjzioZjA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1829337966%3A1706722979705219&theme=glif
Requested by
Host: poop.cx
URL: https://poop.cx/d/ecYBglL8mZC
Protocol
H3
Server
2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date
Wed, 31 Jan 2024 17:42:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6TBRqoSoSeorn-juPyWNEg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
405
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3-VlzB60K20Z1953lBmXweq0mvSWAvtDwC0fbOZlzgUcurRk5R_RRPYoqqMosc5EDjzioZjA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1829337966%3A1706722979705219&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
multy
319317829f.b15560d3a9.com/in/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://319317829f.b15560d3a9.com/in/multy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://poop.cx
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Wed, 31 Jan 2024 17:42:59 GMT
pragma
no-cache
server
nginx/1.20.1
vary
Origin
dip
nereserv.com/in/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=1&event_id=f7093c92-4adc-47c1-981d-36923898ac42&subid=357529620&sid=1104467249&spot_id=418774&created_at=2024-01-31&timezone=1&ver=8.138.1&is_native=1
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/d01eac3557a6454ac58b3dbd10912590.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.246 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 17:42:59 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
multy
319317829f.b15560d3a9.com/in/ 		44 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://319317829f.b15560d3a9.com/in/multy
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/d01eac3557a6454ac58b3dbd10912590.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
572fd32b4d814b14d8c905543355a29340ed4b0416bb309b289412838e72d1eb

Request headers

Referer
https://poop.cx/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 17:43:00 GMT
content-encoding
gzip
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
4824
dip
nereserv.com/in/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=1&event_id=a25c4e08-daf7-4d74-bef2-a85cdb0cd74f&subid=388464194&sid=2977548732&spot_id=418776&created_at=2024-01-31&timezone=1&ver=8.138.1&is_native=1
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/d01eac3557a6454ac58b3dbd10912590.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.246 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 17:42:59 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
multy
319317829f.b15560d3a9.com/in/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://319317829f.b15560d3a9.com/in/multy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://poop.cx
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Wed, 31 Jan 2024 17:42:59 GMT
pragma
no-cache
server
nginx/1.20.1
vary
Origin
multy
319317829f.b15560d3a9.com/in/ 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://319317829f.b15560d3a9.com/in/multy
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/d01eac3557a6454ac58b3dbd10912590.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
519ee61092988c1de66682eb054ff4d0a15a4920497c9167ceeafe6c6cadfeb3

Request headers

Referer
https://poop.cx/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 17:43:00 GMT
content-encoding
gzip
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
4664
7b689eca-9fea-47bf-ba5b-63e30d404871
https://poop.cx/ 		204 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://poop.cx/7b689eca-9fea-47bf-ba5b-63e30d404871
Requested by
Host: poop.cx
URL: https://poop.cx/d/ecYBglL8mZC
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
204
Content-Type
text/javascript
embed.css
yu2be.com/ Frame ADE8 		1 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yu2be.com/embed.css
Requested by
Host: yu2be.com
URL: https://yu2be.com/video?q=ice+cold+film
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yu2be.com/video?q=ice+cold+film
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 00:03:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40213
etag
W/"655e96c3-446"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rp3rUFAXoXozDZyfsUwfzqAeghsiDL37eXcfH%2BM0lMTI%2BrWz1Q9PliqddT6QiiXy8jlY%2BlJ%2FWTclmWVUJ2RGjZA2USPUkLspTvKcLi7WOTrQSs%2BZKh2YlbdR9t3WZrVg7LkUpXDvDYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
84e3c11e781d6692-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 Jan 2024 18:32:46 GMT
video
yu2be.com/ Frame ADE8 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yu2be.com/video?q=ice+cold+film
Requested by
Host: yu2be.com
URL: https://yu2be.com/video?q=ice+cold+film
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yu2be.com/video?q=ice+cold+film
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 31 Jan 2024 15:42:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LAs3yI%2FNGYE6At7DCi0PSv3OqtutJtzgfrks0uLx6glgNA9ZAH4qyi1n0jfQAGd90TYxhsDo7sgJ3usocfLWSANDBHVQBeR4hkBNb7lAvPsH4Ht1QaffJwR4CK22oYpvFeJ0hcXdYc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
84e3c11ed8aa6692-AMS
alt-svc
h3=":443"; ma=86400
/
mordoops.com/5/6651943/ Frame ADE8 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mordoops.com/5/6651943/?oo=1&aab=1
Requested by
Host: yu2be.com
URL: https://yu2be.com/video?q=ice+cold+film
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8e7f3deb964d0194be6750c0856179835503e7b4fdeac98aa6716451d584ed4a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yu2be.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
gzip
x-trace-id
07e58b1f61ea54872b21eb77ef07d9a0
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://yu2be.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
mordoops.com/ Frame ADE8 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mordoops.com/tag.min.js
Requested by
Host: yu2be.com
URL: https://yu2be.com/video?q=ice+cold+film
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8cc0a5bb23ce3f7936f60507462c24a2b855cefed82781f23adfead0fee253e4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yu2be.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
26005
x-trace-id
e9b005e95559d02969c40fe2b7338a63
pragma
no-cache
last-modified
Tue, 30 Jan 2024 11:59:07 GMT
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
435a6d384c6c6742596365
metrolagu.cam/jembud/ Frame CB1D 		242 B
615 B 		Document
General
Check archive.org
Download Go to
Full URL
https://metrolagu.cam/jembud/435a6d384c6c6742596365
Requested by
Host: yu2be.com
URL: https://yu2be.com/video?q=ice+cold+film
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e379447104034c139ee5945c4814299ea02b8f81c9590267f1b17a1c0fdf38

Request headers

Referer
https://yu2be.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84e3c11f0f5e5c49-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 17:42:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tyki5sHqoBeoR6XpNRsTXLVbY%2BHzwGWOEy6EHYiafSzivUVJBL78CeTdhP0SXGY7C6NQKZICpmFdU0xruboiV138z8NTPqrVTLfDFGOcx6%2B8wi91jfHiN%2F27Q2myIKJTkLDhJ4Yvl8bNqC85"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gid.js
my.rtmark.net/ Frame ADE8 		65 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=904510bfe6b441deb45a333bdb84dcc7
Requested by
Host: mordoops.com
URL: https://mordoops.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
01129d7e273077ec972d6f0e3f211859b9eea39ca6f9734484c562d0bee275a0
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yu2be.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yu2be.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
watch
metrolagu.cam/ Frame CB1D 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://metrolagu.cam/watch?v=ISnyONG1dEc
Requested by
Host: poop.cx
URL: https://poop.cx/d/ecYBglL8mZC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2621c675d92a63b2f315149bdaaf7840709294b326c5195e791d152d0eda92e5

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://metrolagu.cam
Referer
https://metrolagu.cam/jembud/435a6d384c6c6742596365
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84e3c11fb8aa5c49-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 17:42:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2WsOb%2BwGcAtRsMdigomfsm6thFjADhTGsUPBQEZ87NLSooYTzDXcPEFN7qBwKcAf5rP2Du5o%2F5WPfvd1p5Vu4RPMcz2zHDIZz3lakdydvbO4h9c2Z5jz1hAumXeWhKUPD83ITSoaPOoZnMz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
mcpuwpsh.com/get/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcpuwpsh.com/get/
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/d6509ab8a64fdd22b4ca3451360173ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2306::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a3eeeab200a6041a01063c024d9dad5bbebcadadba195877fc5c56569b05fdf8

Request headers

Referer
https://poop.cx/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 17:43:00 GMT
server
nginx/1.16.0
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
3795
/
mordoops.com/ Frame ADE8 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mordoops.com/?rb=H0lEj0IMr27KYnN04xNDgg7K6AdG26loHFKGYBu2XUrWLOkCzEYmSIs7BQE7ZvKP0iXi7edhSX_lbUFeyMW33H1-ny8LXXeWieXDQWWsHn7oI_tdBxHrM0yNPG_BZjshOMIYZVslfI2FHQBknwtyughpeIsR2gDofxojm8toG73e2R3fvKGp0XKaz8Ix8uenaaO3JeN0nlCfDTDViZUqABoVihn1HyUIAg3m4F7xxMuL1fqHJfA2f0cX-E0yUxFdrS-dz7K_-IRgBFncKoc3rco2mCmhg5S5GW006Bsu-NhCCyVRXRhkwPEGIe2UitAZ&request_ab2=0&zoneid=6651943&js_build=iclick-v1.670.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1110&wih=624&wiw=1110&wfc=2&pl=https%3A%2F%2Fyu2be.com%2Fvideo%3Fq%3Dice%2Bcold%2Bfilm&drf=https%3A%2F%2Fyu2be.com%2Fembud%2F435a6d384c6c6742596365&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&btz=Europe%2FAmsterdam&bto=-60&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.670.0&navlng=en-US&pnt=0&pnrc=0&bs=7c13b46d-dcee-41a3-a1d1-871cbedc23bd&userId=904510bfe6b441deb45a333bdb84dcc7&m=link
Requested by
Host: mordoops.com
URL: https://mordoops.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4df4dfbc538dd8eb7419c36f07b5c299efe3a2af6f5d0b8112e222c420d6f235
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yu2be.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
f41d6217ec4bf5b09d7292a3d5906dfb
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://yu2be.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
64343
fikedaquabib.com/rotaInGRWQGA24/ Frame CB1D 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fikedaquabib.com/rotaInGRWQGA24/64343
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=ISnyONG1dEc
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.97 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://metrolagu.cam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:43:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://metrolagu.cam
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ Frame CB1D 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=ISnyONG1dEc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://metrolagu.cam/
Origin
https://metrolagu.cam
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1022470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgWS22fGeoNVNDL5ndwNzL3kqVha0%2FAKzJHpuYDpiRQ96LUmWtyx39IrgDFrRGxHHUwOy60WrweYRY9mhCi3FY%2FGJHgfmQDreOmeAw%2BcJkZIt1vlKEQfNKUc8D8%2FhxYT8ZE7YzPXylHzRZl1VzsVXja5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84e3c12038181aff-AMS
expires
Mon, 20 Jan 2025 17:42:59 GMT
embed.css
metrolagu.cam/ Frame CB1D 		1 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://metrolagu.cam/embed.css
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=ISnyONG1dEc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://metrolagu.cam/watch?v=ISnyONG1dEc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 15:07:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
41765
etag
W/"651596cf-446"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGix27ieEH1bUgJevxlivrOvJPVtdy%2FfIA3frzKY0uwHLcISvLp5UjjgdpibDOyEVy0ECXVYd69JJ7TREhaHKCgTmuUgz%2FVgqaju7DoGh2BElY21DwQ%2FfKRbAzlDjp%2ByKLoRwKDkGLBtwiMw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
84e3c12019e10a51-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 Jan 2024 18:06:54 GMT
oA3Uo.jpg
cdn.poop.gold/ Frame CB1D 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.poop.gold/oA3Uo.jpg
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=ISnyONG1dEc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cf787af3989357e6c5042df429c1c9bdbfc35b414b1960d6dc65045f47db0a6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://metrolagu.cam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Jan 2024 08:42:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6921
etag
"582a86522208dc2ae5a8a855070339da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFjSshWZHckD9FOwAYTetZwATCPLr5fmNTJTJdpcHy8w03MXqdITRqfpt9oNeYBrmKcaKgFPKlK%2FgB0vYAN4p5kkNWMyxztry2cX8N%2B8avoxeUfFLcRd5lfRB9fh%2FhbVoe63UKVE2MuOwU5P"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84e3c120197f6691-AMS
alt-svc
h3=":443"; ma=86400
content-length
5279
play.svg
metrolagu.cam/ Frame CB1D 		633 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrolagu.cam/play.svg
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/embed.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://metrolagu.cam/embed.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 10:51:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4818
etag
W/"650c2028-279"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBwGXs1Yxy9bkJu1OQcU8lo5pPK1%2BbQeqCRM1WDw56MMpvth6DGiGxuU6n4jQPD2%2F6OioDZajyFmkWA79tkYH0sRPENq5hlry22%2FHLTbwyoPhWqPxLk44jdM4W%2BwcYNOc3UcBjtOINgINNba"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84e3c120aaad0a51-AMS
alt-svc
h3=":443"; ma=86400
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=c732f496-1807-4a24-b108-d04bcd9ef60b&prev_step_diff=582
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 30 Jan 2025 17:43:00 GMT
date
Wed, 31 Jan 2024 17:43:00 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 		790 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 30 Jan 2025 17:43:00 GMT
date
Wed, 31 Jan 2024 17:43:00 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
/
319317829f.b15560d3a9.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://319317829f.b15560d3a9.com/in/show/?tag_ab=d&site_id=31418776&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fd%2FecYBglL8mZC&refdom=poop.cx&auction_time=1706722979&subid=388464194&sid=2977548732&tcid=0&ver=8.138.1&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-31&iabcat=IAB25-3&keywords=&user_fp=2467503881187178753&score=54.64702504189208&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fd%252FecYBglL8mZC%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=popunderAd&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fkts.vasstycom.com%2Fin%2F769%2F%3Fkatds_ep%3D8Gz3GM2VU8OUFsFkwQbVcs2fq5Q8VBTTubAcmLB3dCoz1s8o8FBJuy7odR7fva9FFCE8RvXhu2icOMAs4bfpzCz_W_nUdGth7oW7J_C2jjXHIzV6zwmkoca28KBMvklFeBKMrwqj0_xL_GdGQBn-tYGqq9pXHFRWNhPA7MiKkb9yj2ybK-IeUL9zO8FOGgdn-bP0YaXpHzSCWAGpa0qyHdXBd9FoMRJVxip5hw3_9XzEfqzKO_QFnd0KfDAlwBxoAfDe_kcfTK-6QA0m_TJ1unQ_iiCBqvb0UZHahaQzvnRPyVLnQroLfX9bzryO36fU_cJHTHxtUqAYCJR4RFioeTQX6tqIZyIU-bI2yl4Xfd-CQ2lHJNgAK1OsOKvehX5vy-_LcO6Cf6OQSP2lT-sZj-Tz8o1pd03xuQ5LIG8oqVuTlQFA44T8Tr3KBMlYCvHG07Lnhx-VWcwo8Q3l3gwXM4ya_Q290P8sNRzh7A3NaIPiBG4Rlp8uZkPZxACSvv9Jk7LzPRhFq6-ePQJCfGspMVDWgJpXf6JHu8k_bbnMUKXswMub8lE2W7Y6Jtfx7H5tZxaVqIe1Fn9O9wNzfuzqoC1BOj7iHvMMQBCA1HTPLIU8yJGMcXjHnfjwWlZ29Y7axd99h5WAEicWQlLcDPb-FZ0RARmRZ0oLArFrLEueff67iu2nGWm_lreOiWQ8cAwV-mi4CvOqP0TCBEMr_bZTcZ8hR1WfHgDf_hJWSJUYkai632RXRBkg7z3qxnLfjU8T5RGA8r3MkLp4Px5gg4M3lZY_itHqBGRUt527mMs6M2-8I2nFX1eMGCh4h0utKn39wCvR3xSL-HJ17uC0xzD4UyomwPIukWxDgV-e43Q6lwi6zIcK2g1mBPkMemNhCa1ZHIl4NihYFOBvbGBmsyaIGAEOCMVDQIoc2PNp1H2-C3auPF57KUVScywZL8X3nHTAT6nP8W3OqXvJOGe5JJHmqtHm5UGY8syX5ZkGjBMkByJkwyImtwn-mwSvTxPSpWhuiqNLRD6yRhSRkR3RXdTLSChuAyEbzkTxgTd3Ti_iJjXF9isjqQvbaxBeNHtWlWmIuNjMcQisCswYLJiu05g7gaqwuC_43-11dz1_EQ6-dgvIEGQf6xDRBUK14ZAF1khHUdnddMj-LD1hgAb0V2gRjAB_v1KAAEvXp2ymvRAsb0vBM8hzDmhpbCchVhWzFTpX8mgDDnMHKdOCyLMfw0SlWws0GCcv2WnAuZEJDGXCITeYiFV9u15NCKFSwdXKB5543l_5N2QG9WnYyq8s5XZHG4fzPGZComc4IdeEZ8zZcwnQHa2fe_FqWKsSvsrN9bRkLsGIPiXNNvakY94DbtplximoWNm3pQEFM1Y--GUYAMmRVKuhpPBVFV9NsnB9vgj3O1b-mknzisJYwRydS29itIqzDVdVAMyT9Rdo33y1zsPbZjlk7tTRv2ZdJLuJlh4tyFGHS2q1yNOrAuTq_kZ2YeXTGI_C8Fyc8O8BBqN8ZHn2OwAzNXGxAk8FEv2E-WbhiPGuLrtev-5_GjNym6gUIDTgLCl3dsOa6MQfk5P-nFqLQvU138yL&icons=zNoBAkTQIyciUZm_gi4719QfIuCG-QUchbH_9F1w7uQqAXmQfp8GsD90B0BLMhZ9FhN9qwi0O4DZpkO88IRwZT4wE7-G2oJWo1dCRuo1faw8HEEsGDtnmytPKMzwN1fACY150M7zbQaYcD-ELhTE67ex2GF-xTl9s6tEm8N9cf43O-jH3Q&ext_cid=0&pop_price=0.00051&pop_ecpm=0.02340144900613041&px_id=418776&min_cpm=0.02263415678989411&out_id=1&campaign_type=lq-pop-ext&aid=3404&cid=15048&uniq=&mid=46100163643761306&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.51&cpm=0.51&verify_hash=7663f3eb22f89ed7b67e519848cdc53f&is_native=3&real_bid=0.51&pop_real_cpm=0.51&pop_real_bid=0.00051&original_bid_usd=0.51&original_bid=0.51&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.224%20Safari%2F537.36&ip_mismatch=2a00:1630:2:608::15&geo=NL&carrier=-&label_ids=93,108,0,4,77,7,27&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0&hostname=auc-inpage-hz-8-a&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.00051&ext_campaign_id_str=25871&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=972644ca-c0aa-4c33-92d9-30c6b83001d1&prev_step_diff=582
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 17:43:00 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
/
319317829f.b15560d3a9.com/in/show/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://319317829f.b15560d3a9.com/in/show/?tag_ab=d&site_id=31418776&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fd%2FecYBglL8mZC&refdom=poop.cx&auction_time=1706722979&subid=388464194&sid=2977548732&tcid=0&ver=8.138.1&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-31&iabcat=IAB25-3&keywords=&user_fp=2467503881187178753&score=54.64702504189208&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fd%252FecYBglL8mZC%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=6251150&crtid=f0881c3b182cb0dde75dc27302484b2a&url=https%3A%2F%2Fxml.ezmob.com%2Fclick%3Fi%3DeFg3k5-IZBc_0%26p%3D1706722979.483748&icons=4TQ4acK-epsjfI84b3e54zT3Z72Rm0jcgOaDIyTovBLs7DRogp7Ko05NPO8Ie66s-Nb00WJqBu1CBMkjvIlMgz5EP41WQ02jFrBm4gCiv6O-TXn_ngGwcZEPavj1KlCY_jvvbS-buQNvhFEIEXps3Rv5zJ29&ext_cid=1267034&px_id=73418776&min_cpm=0.00048688138592968246&out_id=0&campaign_type=hq&aid=3330&cid=14052&uniq=&mid=46100163643761306&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.001480548653891971&cpm=0&verify_hash=dc21c55f62807bdf7955c78c46b110a7&is_native=1&real_bid=0.0015&original_bid_usd=0.0015&original_bid=0.0015&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.224%20Safari%2F537.36&ip_mismatch=2a00:1630:2:608::15&geo=NL&carrier=-&label_ids=4,90,98,130,5&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1706809379&image_url=&site=native-push-adult&price=0.0015&hostname=auc-inpage-hz-8-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0000015&ext_campaign_id_str=1267034&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.01&cpa=9a282111-8339-4d04-b272-2ebacc043de1&prev_step_diff=582
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 17:43:00 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
100x100_87RbOqk3cK6MYqrmyDfH.png
static.ezmob.com/n254/ad/ Frame 9C58
Redirect Chain
  • https://xml.ezmob.com/thumbnail?i=eFg3k5-IZBc_0&p=1706722979.483748&imgt=icon&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.01&cpa=22f65c4e-f858-4279-9ea9...
  • https://static.ezmob.com/n254/ad/100x100_87RbOqk3cK6MYqrmyDfH.png
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ezmob.com/n254/ad/100x100_87RbOqk3cK6MYqrmyDfH.png
Protocol
HTTP/1.1
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ffbc7f912c564ab80d7343f88ad2ff29df0eed528bc5b9065f5fa5db96b6b183

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:43:00 GMT
Last-Modified
Sat, 27 Jan 2024 20:20:15 GMT
Server
nginx
ETag
"65b5657f-1e55"
CDN-Origin-Protocol
HTTP
Content-Type
image/png
Cache-Control
max-age=17466
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
7765
Expires
Wed, 31 Jan 2024 22:34:06 GMT

Redirect headers

Location
https://static.ezmob.com/n254/ad/100x100_87RbOqk3cK6MYqrmyDfH.png
Date
Wed, 31 Jan 2024 17:43:00 GMT
Cache-Control
no-store
Server
nginx
Connection
keep-alive
Content-Length
0
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/d01eac3557a6454ac58b3dbd10912590.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 30 Jan 2025 17:43:00 GMT
date
Wed, 31 Jan 2024 17:43:00 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=9fec032f-13ec-4271-829e-5b3df6508f8d&prev_step_diff=789
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 30 Jan 2025 17:43:00 GMT
date
Wed, 31 Jan 2024 17:43:00 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
/
319317829f.b15560d3a9.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://319317829f.b15560d3a9.com/in/show/?tag_ab=d&site_id=31418774&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fd%2FecYBglL8mZC&refdom=poop.cx&auction_time=1706722979&subid=357529620&sid=1104467249&tcid=0&ver=8.138.1&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-31&iabcat=IAB25-3&keywords=&user_fp=2467503881187178753&score=64.04827260352614&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fd%252FecYBglL8mZC%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=popunderAd&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fkts.vasstycom.com%2Fin%2F769%2F%3Fkatds_ep%3DFCBQlwPOoqhlbamq4-FLMjNo5yKKWG2e_lbpY0v8wRhIFITrzy6kPbca-FZ-wmwuk_Wiob1f3izgRYPKM-R8TQ21oGCDCFfVBNuZMAQ7Dy6ezv_bR5AVQxT36PfgnH59fg7DQSUHMqYvymcY1hSYl1gjbn21QXZlOeLSEP0WTsh_ZUFtcFpnCd6cSn_jo3CGEER7gcprnvrI_gmHYE3KXqWSs1kNhtemztIXveUT5T7sRdM_-LMjYSqRxBC3lXZbWAXX3hXTepXO50TB3ML-R-jyG1wmmGOH3QwFK4Uc1kcatWAS4dBIyc_MOLwes3TZdwMMySryqgyqRb1kSnZJ7SA2rzROWRTZpzWHRgzWdaJXnhFTyGvRx-1kAa1p8L_Lp-OrNTpVkpX2FymoTkzrU21cx7bxRPWX1krvUHfTLlqXlwHmYL0ppy5J6aAoRQVVIzF6ho-jlxTFkKKQ0yyeYaZVeiA65QyBnwQbd9V6EfaQ2GmjE7zt_kolfDHTt4JV5srtgSN3dVRr65KkmHWsv2KtDAER-VwNOJ56x8sFv5mOjlfjuP-UbIeTJcnmiIApTGk4Leu4TMBg0e690sIXMxm9Axtl0XqmenXFyBN6zLHS9vSzGx5JyYP-cita60TSNQxV6mkUkvU_BYCYOGudbveINJsi0CGJU4xRtLaUCHr2GGl03vMyX7suKjZfmRzxVqYOXqU-PZmdSHuW0tKs8Gqw4CbHWlI072Gabj6uWAt-h6I7w6jfQHB1OzDt8ErHfORUUilGCtlBVvA8hAdIZYSD9uBHG4YqJAQN_G1tg-bBcmxPZGvlodfgbuo_unRqtud8Gvju-icBBfsbC8FVhXFZkA_7zsTHnbV7IlyAUghqGW3Sqe3tcQtNnhTOV73aEz4RuNMGMPEkq_9XcJVwF2K_cCd1DFGyQ8rGqqlsokXB1EPakhcBDlMnLJ4miLDS3dsgPgti1cXULPLQNiJG75AQYDY3brA27i7Xs655XZhUVikvJs3F_T2fveiLGvlvJCjLf7E_eSFyFJVFh_8NQQ7-90YEz4VFZotSAPDA18IZPPml3-U93OGRQNR_p1NCfzKnTQmNsZgdTdHp1s8ZKlVIplUqIPi_4QwY-NS959viCzhLdRHq2iGRIXEMBLInUtZQnskZTwveIuExGNkmWZodd_37cVYr8916EWHBwtA9JBFh3OWKaYGXgMZENyE8E-Z2sGhykODufSoE3NR1jgp-jQtgqsP3pi_svC6MJqLpkncE-M5CCCJpgcXdWfIhOBoyjHvzusUrNOuWqo7X-FdkG3TIURQUm0LUzvvLGh6l1g-wkkPaRU1E2pIL4J1DfO9SJx9w7QpAk5_fTMs7FA63P1hdGnqlktPWvnnTbkbIa9w-B5UujtLBCDz03tshPuJnNHO-9DQYY4_uS5oMprrNLp2GiBUgeeoen-7AF6CBUEzUeflZNsF8HVYhtp8tviWNhLrwTIUT-RYcoBTKkRZUgIa4_Ufs6INIJjftsJRHW3EXNZNM1aWvkR6do4xO9Swv49zQvDMfl82TKouBIQ1akZTzLt_cc_Z81dGLbdEog72GVoAhcFc&icons=ZMWZOhqGxUfZHnUVr_eZRuyuWY1Vw0wirOlsnjox91lXQXw9lzOp02QyIpJEecSWSdXu4DHtrTlgfS52nREIvR6AjNiaq2gIB0oHuEfvUEcciAUXZwH5YNZ68LRqkyCpO_qw3gdTozl_sdnJ2f_Qz1jc0rTKh9S0iGvs28jFI26rpW952g&ext_cid=0&pop_price=0.00051&pop_ecpm=0.018716544352265475&px_id=418774&min_cpm=0.018102861892150605&out_id=1&campaign_type=lq-pop-ext&aid=3404&cid=15048&uniq=&mid=7340595375461169359&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.51&cpm=0.51&verify_hash=459cafe8f6110201d7617e0c9be1d4b6&is_native=3&real_bid=0.51&pop_real_cpm=0.51&pop_real_bid=0.00051&original_bid_usd=0.51&original_bid=0.51&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.224%20Safari%2F537.36&ip_mismatch=2a00:1630:2:608::15&geo=NL&carrier=-&label_ids=93,108,0,77,4,7,27&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.00051&ext_campaign_id_str=25871&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=94b6524b-c532-4e22-a810-08d2de298faf&prev_step_diff=789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 17:43:00 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ Frame 5D12 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Requested by
Host: fd35bb45c8.f4823894ba.com
URL: https://fd35bb45c8.f4823894ba.com/d01eac3557a6454ac58b3dbd10912590.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 30 Jan 2025 17:43:00 GMT
date
Wed, 31 Jan 2024 17:43:00 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ Frame 5D12 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.02&cpa=01a3ba12-d067-4d8e-853f-218b83fb49a6&prev_step_diff=789
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 30 Jan 2025 17:43:00 GMT
date
Wed, 31 Jan 2024 17:43:00 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
/
319317829f.b15560d3a9.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://319317829f.b15560d3a9.com/in/show/?tag_ab=d&site_id=31418774&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fd%2FecYBglL8mZC&refdom=poop.cx&auction_time=1706722979&subid=357529620&sid=1104467249&tcid=0&ver=8.138.1&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-31&iabcat=IAB25-3&keywords=&user_fp=2467503881187178753&score=64.04827260352614&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fd%252FecYBglL8mZC%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=popunderAd&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fkts.vasstycom.com%2Fin%2F769%2F%3Fkatds_ep%3DFCBQlwPOoqhlbamq4-FLMjNo5yKKWG2e_lbpY0v8wRhIFITrzy6kPbca-FZ-wmwuk_Wiob1f3izgRYPKM-R8TQ21oGCDCFfVBNuZMAQ7Dy6ezv_bR5AVQxT36PfgnH59fg7DQSUHMqYvymcY1hSYl1gjbn21QXZlOeLSEP0WTsh_ZUFtcFpnCd6cSn_jo3CGEER7gcprnvrI_gmHYE3KXqWSs1kNhtemztIXveUT5T7sRdM_-LMjYSqRxBC3lXZbWAXX3hXTepXO50TB3ML-R-jyG1wmmGOH3QwFK4Uc1kcatWAS4dBIyc_MOLwes3TZdwMMySryqgyqRb1kSnZJ7SA2rzROWRTZpzWHRgzWdaJXnhFTyGvRx-1kAa1p8L_Lp-OrNTpVkpX2FymoTkzrU21cx7bxRPWX1krvUHfTLlqXlwHmYL0ppy5J6aAoRQVVIzF6ho-jlxTFkKKQ0yyeYaZVeiA65QyBnwQbd9V6EfaQ2GmjE7zt_kolfDHTt4JV5srtgSN3dVRr65KkmHWsv2KtDAER-VwNOJ56x8sFv5mOjlfjuP-UbIeTJcnmiIApTGk4Leu4TMBg0e690sIXMxm9Axtl0XqmenXFyBN6zLHS9vSzGx5JyYP-cita60TSNQxV6mkUkvU_BYCYOGudbveINJsi0CGJU4xRtLaUCHr2GGl03vMyX7suKjZfmRzxVqYOXqU-PZmdSHuW0tKs8Gqw4CbHWlI072Gabj6uWAt-h6I7w6jfQHB1OzDt8ErHfORUUilGCtlBVvA8hAdIZYSD9uBHG4YqJAQN_G1tg-bBcmxPZGvlodfgbuo_unRqtud8Gvju-icBBfsbC8FVhXFZkA_7zsTHnbV7IlyAUghqGW3Sqe3tcQtNnhTOV73aEz4RuNMGMPEkq_9XcJVwF2K_cCd1DFGyQ8rGqqlsokXB1EPakhcBDlMnLJ4miLDS3dsgPgti1cXULPLQNiJG75AQYDY3brA27i7Xs655XZhUVikvJs3F_T2fveiLGvlvJCjLf7E_eSFyFJVFh_8NQQ7-90YEz4VFZotSAPDA18IZPPml3-U93OGRQNR_p1NCfzKnTQmNsZgdTdHp1s8ZKlVIplUqIPi_4QwY-NS959viCzhLdRHq2iGRIXEMBLInUtZQnskZTwveIuExGNkmWZodd_37cVYr8916EWHBwtA9JBFh3OWKaYGXgMZENyE8E-Z2sGhykODufSoE3NR1jgp-jQtgqsP3pi_svC6MJqLpkncE-M5CCCJpgcXdWfIhOBoyjHvzusUrNOuWqo7X-FdkG3TIURQUm0LUzvvLGh6l1g-wkkPaRU1E2pIL4J1DfO9SJx9w7QpAk5_fTMs7FA63P1hdGnqlktPWvnnTbkbIa9w-B5UujtLBCDz03tshPuJnNHO-9DQYY4_uS5oMprrNLp2GiBUgeeoen-7AF6CBUEzUeflZNsF8HVYhtp8tviWNhLrwTIUT-RYcoBTKkRZUgIa4_Ufs6INIJjftsJRHW3EXNZNM1aWvkR6do4xO9Swv49zQvDMfl82TKouBIQ1akZTzLt_cc_Z81dGLbdEog72GVoAhcFc&icons=agfBfV_8H-BHlAWeFjVA41aJf-a4Jc5JGu8otPjBD4JdgxqpP00Q5e-d5oqhuKZA4Sh-ejBs_LsCgZ32vfAwRzvBUGqAsbhkub9Q-VfjWrOlgzlxBN4toECoX1zlIGGqaTri2k3MtFGCQ2x2aQ0axJqtwBEDtntKzFAYONvJx5grd7xpdw&ext_cid=0&pop_price=0.00051&pop_ecpm=0.018716544352265475&px_id=418774&min_cpm=0.018102861892150605&out_id=0&campaign_type=lq-pop-ext&aid=3404&cid=15048&uniq=&mid=7340595375461169359&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.51&cpm=0.51&verify_hash=459cafe8f6110201d7617e0c9be1d4b6&is_native=3&real_bid=0.51&pop_real_cpm=0.51&pop_real_bid=0.00051&original_bid_usd=0.51&original_bid=0.51&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.224%20Safari%2F537.36&ip_mismatch=2a00:1630:2:608::15&geo=NL&carrier=-&label_ids=0,4,77,7,27,93,108&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.00051&ext_campaign_id_str=25871&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.02&cpa=fb120cd8-6042-490a-b90d-429e544d175f&prev_step_diff=789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 17:43:00 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery function| R function| X function| _0x4b01d3 function| _0xeb07 string| iframeId object| iframeSources function| getRandomElement function| setRandomIframeSource function| _0xd607 function| gtag object| dataLayer object| __adFormats object| __formatsGetters object| _admSptsInVw object| AdManager object| a3klsam object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| activesInpages function| __fp-init object| popunderMetricsForSurvey object| __inpageSkins

9 Cookies

Domain/Path Name / Value
.poop.cx/ Name: _ga
Value: GA1.1.1746289443.1706722980
.poop.cx/ Name: _ga_RRBBHD087X
Value: GS1.1.1706722979.1.0.1706722979.0.0.0
fp.metricswpsh.com/ Name: id
Value: 1586286244635128804
mordoops.com/ Name: OAID
Value: 904510bfe6b441deb45a333bdb84dcc7
mordoops.com/ Name: oaidts
Value: 1706722979
my.rtmark.net/ Name: ID
Value: 904510bfe6b441deb45a333bdb84dcc7
mordoops.com/ Name: syncedCookie
Value: true
fikedaquabib.com/ Name: GL_UI4
Value: eJw9jd1Og0AUhKH8qoU6CQ%2FgIywNtuHS%2BBBekmXPKcXCbrOsEN%2FejYlezZfJN5kgCHbVAeGa5oi%2B5CteREvUXM4s2oYEScltezqehBLnRvXEEg%2Fj0jnZT%2Bxi5MssrevcGmM%2FsGY7qk4Z4gLP3vprbtpsOkbSW6mpQDJ7YyqQ9dZsC9sqQqzlzEjfr9b4TGb5aSyi%2Big8j9pzKLAzSxWVj8g%2BRk1%2BWO6xq0VZpgGe7pN0F2PnbqQ0RDJYSYzwDbmSjgdjv5ERLzdn7oCZqPv3f3%2BjrRZIiddR%2BXPjrmx%2FAL9jTuc%3D
fikedaquabib.com/ Name: GL_GI10
Value: eJwVyb0OgjAUBtDeO2BI%2FMkXeQCeoBFR464Dg2FQJ7cGGiHBtmmvPr9hOctRSnGxBI8B67rS%2B91BV8daV%2BcT6A1ub%2BDOYfMcbNlaGWycjOsTKIJfDTg6rB7%2BK0PZ%2BGkuUIf87kVs7M0HNGIx1lftrIBdQn7xMfhoxIJCRmDxs6kvFOiXbf8x3CIX

1 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3-VlzB60K20Z1953lBmXweq0mvSWAvtDwC0fbOZlzgUcurRk5R_RRPYoqqMosc5EDjzioZjA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1829337966%3A1706722979705219&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

319317829f.b15560d3a9.com
77a5198c32.40209f514e.com
accounts.google.com
cdn.poop.gold
cdnjs.cloudflare.com
fd35bb45c8.f4823894ba.com
fikedaquabib.com
fp.metricswpsh.com
mcpuwpsh.com
metrolagu.cam
mordoops.com
my.rtmark.net
nereserv.com
poop.cx
region1.google-analytics.com
static.bookmsg.com
static.ezmob.com
storage.multstorage.com
www.googletagmanager.com
xml.ezmob.com
yu2be.com
139.45.195.8
139.45.197.244
157.90.84.242
157.90.84.246
2001:4860:4802:34::36
23.109.170.97
2604:9e00:1:129::2:b1f
2606:4700:3032::ac43:ae33
2606:4700::6811:180e
2a00:1450:4001:80e::2008
2a00:1450:400c:c09::54
2a01:4f8:c0:2306::1
2a01:4f8:c0:2343::2
2a02:26f0:480:f::213:7ec8
2a02:b48:8301::24
2a06:98c1:3120::3
2a06:98c1:3121::3
45.133.44.52
01129d7e273077ec972d6f0e3f211859b9eea39ca6f9734484c562d0bee275a0
06244cc9cd0c998581b1bf93f5222deee7d2d0b09299190e163961afa973ba91
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10c142c79bbbfe42ce677eedeee70f918de0e759feabc175f423543aee886a6b
2621c675d92a63b2f315149bdaaf7840709294b326c5195e791d152d0eda92e5
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee
3cf787af3989357e6c5042df429c1c9bdbfc35b414b1960d6dc65045f47db0a6
4df4dfbc538dd8eb7419c36f07b5c299efe3a2af6f5d0b8112e222c420d6f235
519ee61092988c1de66682eb054ff4d0a15a4920497c9167ceeafe6c6cadfeb3
572fd32b4d814b14d8c905543355a29340ed4b0416bb309b289412838e72d1eb
5da86b1808179ec7172f5fcbb234f5dc7d036e2e8bac2494b788600d3a6c4204
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
83255be8b72edb1b10dd621bf7e5852e4a189575242b9fd6d564265d834cd104
8502ebbb0030f3ef452cd5d383f052d3c0f125abb3c0fa6543b5625e6a776aa4
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
8cc0a5bb23ce3f7936f60507462c24a2b855cefed82781f23adfead0fee253e4
8e7f3deb964d0194be6750c0856179835503e7b4fdeac98aa6716451d584ed4a
91be84b53630582a07db07f063d2f2ace37f1141e75d8ee63b5b75d997840778
9e772b331d8bf7685c6b985af9da4eb0b7390ab159ae3197c3e41638b1f1a638
a3eeeab200a6041a01063c024d9dad5bbebcadadba195877fc5c56569b05fdf8
b5d197171351e1ddaebb1bfe4f70c9103109d98395ff67c3aac7064ac474a22c
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
b94ad5d6875fb6e5c9c73d284c3cba440270b7daf41b44dd11037b7bcc52e21e
c435fca699191b470a55a2aadb5aed91c25bcdaed094dfa6d93d850f1bb2a0c1
c7cdac23f297dc029a52412ca022d7c063d6def1513425a57402a3d103c7441e
e228b909313044a18dec1a674cfd4935071c36eb3eb6a0cd38a45afac6ae3996
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18
ef6381bead0d2c23cc95edfeb5613d626735a4dc4c9c88421bcd4f9fe7cd85c8
f2be742ae9cbf4dd3d5be148aac8cd4e964b976d01d85227c916d44483e6ce86
f2e379447104034c139ee5945c4814299ea02b8f81c9590267f1b17a1c0fdf38
f66764ec186ab49165ce4fa6a0d60df7b888566212b1b060c83618c972008f78
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ffbc7f912c564ab80d7343f88ad2ff29df0eed528bc5b9065f5fa5db96b6b183