poops.pink Open in urlscan Pro
15.235.140.189  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request fuyzvTWxzIK Show response poops.pink/e/	8 KB 4 KB	495ms 134ms	Document text/html	15.235.140.189 OVH
General Check archive.org Show headers Download Go to Full URL https://poops.pink/e/fuyzvTWxzIK Protocol H2 Security TLS 1.3, , AES_256_GCM Server 15.235.140.189 , Singapore, ASN16276 (OVH, FR), Reverse DNS vps-5980e16a.vps.ovh.ca Software nginx / Resource Hash 9cf04a8d326135f1f794699b08664f41b4fea2f71ee9c98c5f154ce64219725e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 19 Nov 2023 18:54:48 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	jquery-latest.min.js Show response code.jquery.com/	94 KB 33 KB	819ms 97ms	Script application/javascript	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-latest.min.js Requested by Host: poops.pink URL: https://poops.pink/e/fuyzvTWxzIK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 19 Nov 2023 18:54:49 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 5617889 x-cache HIT, HIT content-length 33202 x-served-by cache-lga21983-LGA, cache-qpg1249-QPG last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1700420089.244306,VS0,VE0 etag W/"28feccc0-1762a" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 6, 900079
GET H/1.1	200 OK	8545349bfe7813a4ad11af6510bcf62a.js Show response pl21224359.toprevenuegate.com/85/45/34/	58 KB 24 KB	1461ms 555ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://pl21224359.toprevenuegate.com/85/45/34/8545349bfe7813a4ad11af6510bcf62a.js Requested by Host: poops.pink URL: https://poops.pink/e/fuyzvTWxzIK Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.19.5 / Resource Hash 27e8bfee072a597686d286151003fa4d94ae9d7d70f273126da3f35a3496ac64 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 19 Nov 2023 18:54:49 GMT Strict-Transport-Security max-age=0; includeSubdomains Content-Encoding gzip Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Cache-Control no-cache Connection keep-alive X-Request-ID 5881579321a06dde2b714bfcb6767a9d Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	274 KB 91 KB	770ms 109ms	Script application/javascript	142.250.4.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X Requested by Host: poops.pink URL: https://poops.pink/e/fuyzvTWxzIK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f97.1e100.net Software Google Tag Manager / Resource Hash c9875ddbe04ce8354c0236660a0b755348d4f93b1b7fea29948018ac0326d222 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 19 Nov 2023 18:54:50 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92857 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 19 Nov 2023 18:54:50 GMT
GET H2	200	sfp.js Show response friendshipmale.com/	83 KB 27 KB	1124ms 435ms	Script application/javascript	104.21.234.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://friendshipmale.com/sfp.js Requested by Host: pl21224359.toprevenuegate.com URL: https://pl21224359.toprevenuegate.com/85/45/34/8545349bfe7813a4ad11af6510bcf62a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.234.33 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 19 Nov 2023 18:54:51 GMT strict-transport-security max-age=0; includeSubdomains content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" alt-svc h3=":443"; ma=86400 x-request-id d182e7beb59ee68fbadff5f1b966dd8d last-modified Sun, 19 Nov 2023 18:54:50 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnoqqAwuDLwMOIIjdpIV9N2O4D5g%2FAAV3bTyC%2BMwU%2B66zB06b7%2FWmmBKOEumg4vhJi3P635sAGYc%2F%2Fy30CQdJayKOA6BY4PvRDDnNFziXRanIuwWf5QpMJhOGFY%2BwqGdQMKALwE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 828aaa005b7c496b-SIN expires Sun, 19 Nov 2023 22:54:51 GMT
GET H/1.1	200 OK	c3f502ab0fff03439f7280b5ccef0c35.js Show response remaincall.com/c3/f5/02/	40 KB 15 KB	1141ms 346ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://remaincall.com/c3/f5/02/c3f502ab0fff03439f7280b5ccef0c35.js Requested by Host: pl21224359.toprevenuegate.com URL: https://pl21224359.toprevenuegate.com/85/45/34/8545349bfe7813a4ad11af6510bcf62a.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.19.5 / Resource Hash 489bd92ace28ef06bf78284003965c975cd89a569d04655045b5dcfb8930eb6b Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 19 Nov 2023 18:54:51 GMT Strict-Transport-Security max-age=0; includeSubdomains Content-Encoding gzip Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Cache-Control no-cache Connection keep-alive X-Request-ID f4ddd1d94ddb6292a7e8038e09f29e0b Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	stats Show response professionalswebcheck.com/	40 B 297 B	461ms 124ms	XHR text/html	52.221.101.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://professionalswebcheck.com/stats Requested by Host: pl21224359.toprevenuegate.com URL: https://pl21224359.toprevenuegate.com/85/45/34/8545349bfe7813a4ad11af6510bcf62a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.221.101.106 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-221-101-106.ap-southeast-1.compute.amazonaws.com Software fasthttp / Resource Hash 0d690733fc9aaa2cb4c6002b7f5ea96a0b9d111ef1b16e4b3e412eb3e0ba2de2 Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-origin https://poops.pink date Sun, 19 Nov 2023 18:54:50 GMT access-control-allow-credentials true server fasthttp content-length 40 vary Origin content-type text/html; charset=UTF-8
GET H/1.1	200 OK	purst remaincall.com/pixel/	0 469 B	1101ms 348ms	Image text/plain	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://remaincall.com/pixel/purst?dl=0&th=0&sc=0&rs=2215&rd=2215&fd=1714.400001525879&bv=23.11.v.1&tmpl=70 Requested by Host: poops.pink URL: https://poops.pink/e/fuyzvTWxzIK Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.19.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 19 Nov 2023 18:54:51 GMT Server nginx/1.19.5 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Content-Length 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	fuyzvTWxzIK Show response poops.pink/i/ Frame ECA9	641 B 517 B	136ms 135ms	Document text/html	15.235.140.189 OVH
General Check archive.org Show headers Download Go to Full URL https://poops.pink/i/fuyzvTWxzIK Requested by Host: poops.pink URL: https://poops.pink/e/fuyzvTWxzIK Protocol H2 Security TLS 1.3, , AES_256_GCM Server 15.235.140.189 , Singapore, ASN16276 (OVH, FR), Reverse DNS vps-5980e16a.vps.ovh.ca Software nginx / Resource Hash 8743c01957d8fa6151736a3f9ddbac65b80f037a349367f1559010149dfe2c1e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://poops.pink/e/fuyzvTWxzIK Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 19 Nov 2023 18:54:50 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	4db46ef47cafb47648fbe92762c9bdc8.js Show response 9a15f0c926.02ce917efd.com/	162 KB 50 KB	2055ms 267ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://9a15f0c926.02ce917efd.com/4db46ef47cafb47648fbe92762c9bdc8.js Requested by Host: poops.pink URL: https://poops.pink/e/fuyzvTWxzIK Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash aca2f10606c86318ec512d911d67e5b8547da46fa04344c8684f1018bf53fbb2 Request headers Referer https://poops.pink/ Origin https://poops.pink accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers expires Sun, 19 Nov 2023 18:59:52 GMT date Sun, 19 Nov 2023 18:54:52 GMT content-encoding gzip last-modified Thu, 16 Nov 2023 11:17:03 GMT server nginx/1.18.0 etag W/"6555fa2f-28925" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
POST H2	204	collect www.google-analytics.com/g/	0 251 B	801ms 137ms	Ping text/plain	142.251.10.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je3b81v9167878827&_p=1700420090202&gcd=11l1l1l1l1&dma=0&cid=1809464341.1700420090&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700420090&sct=1&seg=0&dl=https%3A%2F%2Fpoops.pink%2Fe%2FfuyzvTWxzIK&dt=Nayla%20-%20PoopHD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2292 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f138.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 19 Nov 2023 18:54:51 GMT server Golfe2 content-type text/plain access-control-allow-origin https://poops.pink cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jquery-latest.min.js Show response code.jquery.com/ Frame ECA9	94 KB 33 KB	93ms 92ms	Script application/javascript	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-latest.min.js Requested by Host: poops.pink URL: https://poops.pink/i/fuyzvTWxzIK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 19 Nov 2023 18:54:50 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 5617890 x-cache HIT, HIT content-length 33202 x-served-by cache-lga21983-LGA, cache-qpg1249-QPG last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1700420090.387650,VS0,VE0 etag W/"28feccc0-1762a" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 6, 900080
GET H2	200	embed.css metrolagu.cam/ Frame ECA9	1 KB 611 B	487ms 126ms	Stylesheet text/css	165.232.175.61 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://metrolagu.cam/embed.css?v=1.1 Requested by Host: poops.pink URL: https://poops.pink/i/fuyzvTWxzIK Protocol H2 Security TLS 1.3, , AES_256_GCM Server 165.232.175.61 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 19 Nov 2023 18:54:50 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 28 Sep 2023 15:07:59 GMT server nginx etag W/"651596cf-446" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Mon, 20 Nov 2023 06:54:50 GMT
GET H2	200	advertisers.js Show response banquetunarmedgrater.com/	0 563 B	1092ms 428ms	Script application/javascript	104.21.86.121 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://banquetunarmedgrater.com/advertisers.js Requested by Host: pl21224359.toprevenuegate.com URL: https://pl21224359.toprevenuegate.com/85/45/34/8545349bfe7813a4ad11af6510bcf62a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.86.121 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 19 Nov 2023 18:54:51 GMT strict-transport-security max-age=0; includeSubdomains cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 0 x-request-id e01447689bb914ba125b9849024a324d last-modified Sun, 19 Nov 2023 18:54:51 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CE0b%2BGXhH8gbyzeZwx8eeTlutEreLbgB7QgqxUYF7S6C3DhJ6Q8Y86ni%2FSeTcMXkFwuFmRZAwGgq%2BlxXvslQBuK88wJkxfAnXDqcpNCrIxbCI%2BCp0A%2FqIOlGiXPNrJ%2BfBKkDPUFGxLO4ZA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800 accept-ranges bytes cf-ray 828aaa031c0b5c2d-SIN expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	fuyzvTWxzIK Show response berlagu.com/jembud/ Frame 9F21	228 B 588 B	778ms 134ms	Document text/html	104.21.67.123 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://berlagu.com/jembud/fuyzvTWxzIK Requested by Host: poops.pink URL: https://poops.pink/i/fuyzvTWxzIK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.67.123 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc1f885baa6467329fd088d570bfcd3e02f6435dfe2b47d4521ec4e7849dac74 Request headers Referer https://poops.pink/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 828aaa01dce591ad-SIN content-encoding br content-type text/html; charset=UTF-8 date Sun, 19 Nov 2023 18:54:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5YSZ1lBuo5QKnr8DIOnmjMxoR7EaHyapBN1FmItdka4tQ2jxiv99XjAtclQ72LGqdwRPMMV5NeXAX3APff2tDCjmVdZlmPx%2F0aq768mrgbeaDr9Nr%2B1s114HhL%2BIg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
POST H2	200	Da4P2uT4mVc Show response berlagu.com/media/ Frame 9F21	785 B 597 B	134ms 133ms	Document text/html	104.21.67.123 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://berlagu.com/media/Da4P2uT4mVc Requested by Host: poops.pink URL: https://poops.pink/e/fuyzvTWxzIK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.67.123 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4049975a769cf302b969dcacd152234ec07ada705cbaf39a48201d06c94db78 Request headers Content-Type application/x-www-form-urlencoded Origin https://berlagu.com Referer https://berlagu.com/jembud/fuyzvTWxzIK Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 828aaa02ddaa91ad-SIN content-encoding br content-type text/html; charset=UTF-8 date Sun, 19 Nov 2023 18:54:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIQTkh703%2FeHR%2FDSLIvVk2DzmtUxbv%2FxiQ11p9N9wFtSMKRI%2Fnix93J%2FHWC8vWJuf2h9FtpBxd1t0XQqgenyo%2FlhOR5gJ1O0twwCecY1i5qwEOiLg6ybpIN4Jl8wew%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	embed.css metrolagu.cam/ Frame 9F21	1 KB 610 B	98ms 97ms	Stylesheet text/css	165.232.175.61 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://metrolagu.cam/embed.css Requested by Host: berlagu.com URL: https://berlagu.com/media/Da4P2uT4mVc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 165.232.175.61 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language zh-SG,zh;q=0.9 Referer https://berlagu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 19 Nov 2023 18:54:51 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 28 Sep 2023 15:07:59 GMT server nginx etag W/"651596cf-446" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Mon, 20 Nov 2023 06:54:51 GMT
GET H/1.1	200 OK	mjllA Show response oj.bromisescapose.com/rnmSOUjlOk5UHQ/ Frame 9F21	42 KB 17 KB	634ms 137ms	Script application/javascript	203.195.121.52 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://oj.bromisescapose.com/rnmSOUjlOk5UHQ/mjllA Requested by Host: berlagu.com URL: https://berlagu.com/media/Da4P2uT4mVc Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 203.195.121.52 , Singapore, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash bbb38aca1968a0ed915939eb66635d17c3a40b675418fa26e2c1e3db05cc03bf Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://berlagu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 19 Nov 2023 18:54:51 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=1 Transfer-Encoding chunked Connection keep-alive Server nginx Accept-ch sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version Access-Control-Max-Age 600 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin https://berlagu.com Vary Accept-Encoding Access-Control-Allow-Credentials true Keep-Alive timeout=20 Access-Control-Allow-Headers content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
GET H2	200	7q51ryf9vipp59r8.jpg img.doodcdn.co/snaps/ Frame 9F21	17 KB 18 KB	708ms 103ms	Image image/jpeg	104.26.6.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.doodcdn.co/snaps/7q51ryf9vipp59r8.jpg Requested by Host: berlagu.com URL: https://berlagu.com/media/Da4P2uT4mVc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.6.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f72934fba244024565d27bd0a3cb163b274a717f19a6a109fd3bbd33928d32c Request headers accept-language zh-SG,zh;q=0.9 Referer https://berlagu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 19 Nov 2023 18:54:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8827 cf-polished origSize=17949 alt-svc h3=":443"; ma=86400 content-length 17808 cf-bgj imgq:100,h2pri last-modified Fri, 17 Nov 2023 08:24:26 GMT server cloudflare etag "6557233a-461d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWqSI%2Frqwky87%2BMvvXBff2wndxsdTRaYJsGIj9yXMbRE41IluFa29itKmxVzUHqj2VlkgF2QbO3w8kBqUliQRAiu3oPo7XE6HW40OwR3rZFWVI8Q9qxO3x%2FW2emX6zCw"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes cf-ray 828aaa076afd6bf7-SIN expires Sun, 03 Dec 2023 08:22:51 GMT
GET H2	200	play.svg metrolagu.cam/ Frame 9F21	633 B 790 B	135ms 135ms	Image image/svg+xml	165.232.175.61 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://metrolagu.cam/play.svg Requested by Host: metrolagu.cam URL: https://metrolagu.cam/embed.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 165.232.175.61 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language zh-SG,zh;q=0.9 Referer https://metrolagu.cam/embed.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 19 Nov 2023 18:54:51 GMT strict-transport-security max-age=31536000 last-modified Thu, 21 Sep 2023 10:51:20 GMT server nginx etag "650c2028-279" content-type image/svg+xml accept-ranges bytes content-length 633
OPTIONS H/1.1	200 OK	/ silencyboubous.space/cuid/ Frame	0 0	508ms 118ms	Preflight	203.195.121.71 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://silencyboubous.space/cuid/?f=https%3A%2F%2Fberlagu.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 203.195.121.71 , Singapore, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://berlagu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type, megageocheckolololo, x-forwarded-for Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin https://berlagu.com Access-Control-Max-Age 600 Connection keep-alive Content-Length 0 Date Sun, 19 Nov 2023 18:54:52 GMT Keep-Alive timeout=20 Server nginx Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff
OPTIONS H/1.1	200 OK	65101 barlessclueing.life/gd/ Frame	0 0	546ms 127ms	Preflight text/html	203.195.121.102 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://barlessclueing.life/gd/65101?md=7JSYioDO4IDNsIyciojIxYDMwgXMyADMiwiIiJiOiEjNwADexIDMwICLiInI6ICa0RHczpzLvIWZyxWYnVnLj9WbvoWZtJWdk9iZ1lne2R1V4pXSLJCLiEnI6ICa0RHczpzLvIWZyxWYnVnLj9Wbv0WZklWYvQUY0AlM1RFNtZ1YiwiIoJiOyUTO5wiIsJiOiUmbtU1UiwiI0JiOtQDOwwiI6JiO2gTNxwiIrJiOwwiI1JiOiICLiYmI6Qnc1VGLiUmI6ICayRmZ4l2MjBTdrRXexUjIsIybioDdyVXZsISbioTM3ADM0IDMwkjMwcjNsIydiojIlcjQlIjM0lGdsVWJyITJzEUJyITJyITJyMUJyIzall3dvJHZzViMyUyMBVSNCVSNEViMDViMyQ3bwd3byR2clIjMlMTQlUjQlUDRlcDRiwiIwJnI6EDLig2YioDNsIiYsJiOtEDLiI2YiozMsIid2JiOikkb0VGbgkkbj5iIsIidyJiOikkb0VGbgkkcpNHIPBXZudETgUkbnlmblJCLiE2YioDMsIyY0JiOiUnbr52b35mIsIyYlRnI6ICNnJCLiMGZs1mI60SMsIyYkxmI6EDMsIyYyRHdioDMsICdtNnI6ETf Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 203.195.121.102 , Singapore, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://berlagu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Accept-ch sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin https://berlagu.com Access-Control-Max-Age 600 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 19 Nov 2023 18:54:52 GMT Keep-Alive timeout=20 Server nginx Strict-Transport-Security max-age=1 Transfer-Encoding chunked Vary Accept-Encoding X-Content-Type-Options nosniff
POST H/1.1	200 OK	/ Show response silencyboubous.space/cuid/ Frame 9F21	32 B 673 B	707ms 178ms	Fetch application/json	203.195.121.71 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://silencyboubous.space/cuid/?f=https%3A%2F%2Fberlagu.com Requested by Host: oj.bromisescapose.com URL: https://oj.bromisescapose.com/rnmSOUjlOk5UHQ/mjllA Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 203.195.121.71 , Singapore, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash fb29a33a9c7b8b9e87be71ac3d4552dade772bda9e20b6cb1e6c472b305cff21 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept application/json Referer https://berlagu.com/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers Date Sun, 19 Nov 2023 18:54:53 GMT Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Server nginx Access-Control-Max-Age 600 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/json Access-Control-Allow-Origin https://berlagu.com Access-Control-Allow-Credentials true Connection keep-alive Keep-Alive timeout=20 Content-Length 32 Access-Control-Allow-Headers content-type, megageocheckolololo, x-forwarded-for
POST H/1.1	200 OK	65101 Show response barlessclueing.life/gd/ Frame 9F21	615 B 2 KB	1399ms 954ms	Fetch application/json	203.195.121.102 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://barlessclueing.life/gd/65101?md=7JSYioDO4IDNsIyciojIxYDMwgXMyADMiwiIiJiOiEjNwADexIDMwICLiInI6ICa0RHczpzLvIWZyxWYnVnLj9WbvoWZtJWdk9iZ1lne2R1V4pXSLJCLiEnI6ICa0RHczpzLvIWZyxWYnVnLj9Wbv0WZklWYvQUY0AlM1RFNtZ1YiwiIoJiOyUTO5wiIsJiOiUmbtU1UiwiI0JiOtQDOwwiI6JiO2gTNxwiIrJiOwwiI1JiOiICLiYmI6Qnc1VGLiUmI6ICayRmZ4l2MjBTdrRXexUjIsIybioDdyVXZsISbioTM3ADM0IDMwkjMwcjNsIydiojIlcjQlIjM0lGdsVWJyITJzEUJyITJyITJyMUJyIzall3dvJHZzViMyUyMBVSNCVSNEViMDViMyQ3bwd3byR2clIjMlMTQlUjQlUDRlcDRiwiIwJnI6EDLig2YioDNsIiYsJiOtEDLiI2YiozMsIid2JiOikkb0VGbgkkbj5iIsIidyJiOikkb0VGbgkkcpNHIPBXZudETgUkbnlmblJCLiE2YioDMsIyY0JiOiUnbr52b35mIsIyYlRnI6ICNnJCLiMGZs1mI60SMsIyYkxmI6EDMsIyYyRHdioDMsICdtNnI6ETf Requested by Host: oj.bromisescapose.com URL: https://oj.bromisescapose.com/rnmSOUjlOk5UHQ/mjllA Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 203.195.121.102 , Singapore, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 7a4c8031e1a1932d7f344a4038b4c5497686a9aa066c935f003f8e2322d42ea2 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept application/json Referer https://berlagu.com/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers Date Sun, 19 Nov 2023 18:54:53 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=1 Transfer-Encoding chunked Connection keep-alive Server nginx Accept-ch sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version Access-Control-Max-Age 600 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/json Access-Control-Allow-Origin https://berlagu.com Vary Accept-Encoding Access-Control-Allow-Credentials true Keep-Alive timeout=20 Access-Control-Allow-Headers content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
GET H2	200	114039 Show response 9a15f0c926.02ce917efd.com/eac28f792f4fd25eb1fdb0d94e6f1977/	3 KB 3 KB	291ms 291ms	XHR application/json	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://9a15f0c926.02ce917efd.com/eac28f792f4fd25eb1fdb0d94e6f1977/114039?version_name=b Requested by Host: 9a15f0c926.02ce917efd.com URL: https://9a15f0c926.02ce917efd.com/4db46ef47cafb47648fbe92762c9bdc8.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash b23bf6bd8c029a0b2594c4f3f1a0d7d875cf4f05a441eae0a632feccb944f325 Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-origin * date Sun, 19 Nov 2023 18:54:52 GMT cache-control max-age=300 x-proxy-cache HIT server nginx/1.18.0 content-type application/json expires Sun, 19 Nov 2023 18:59:52 GMT
GET H2	200	advertising.js Show response js.capndr.com/	0 240 B	1238ms 512ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.capndr.com/advertising.js Requested by Host: 9a15f0c926.02ce917efd.com URL: https://9a15f0c926.02ce917efd.com/4db46ef47cafb47648fbe92762c9bdc8.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers expires Sun, 19 Nov 2023 18:59:53 GMT date Sun, 19 Nov 2023 18:54:53 GMT last-modified Fri, 14 Jul 2023 08:23:25 GMT server nginx/1.18.0 etag "64b105fd-0" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 0 x-proxy-cache HIT
GET H2	200	count.html Show response storage.multstorage.com/log/ Frame AD66	882 B 901 B	1004ms 300ms	Document text/html	172.67.174.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://storage.multstorage.com/log/count.html Requested by Host: 9a15f0c926.02ce917efd.com URL: https://9a15f0c926.02ce917efd.com/4db46ef47cafb47648fbe92762c9bdc8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.174.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2 Request headers Referer https://poops.pink/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 828aaa1768864487-SIN content-encoding br content-type text/html date Sun, 19 Nov 2023 18:54:54 GMT last-modified Mon, 18 Sep 2023 14:39:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrWd7%2FEUxuYKlYG9lS6tCcRkZhUv7%2Frdp%2BV20hyRuk7YkXxlMALVXkETAcBU6fm1QXLPMONIpfe1iKs7G%2Bv6O68%2F%2FF4u1%2BMy6OS%2B9zv2NcoCGJTUcraZH%2BA6R7x0MkY34wLRGwnQjVjVZg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-request-id 8efc2208a6163c9f5f83bd6c3129b43c
OPTIONS H2	204	keywords ntvpforever.com/ Frame	0 0	1168ms 248ms	Preflight	167.235.163.216 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ntvpforever.com/keywords Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.235.163.216 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.216.163.235.167.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://poops.pink Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate date Sun, 19 Nov 2023 18:54:54 GMT pragma no-cache server nginx/1.20.1 vary Origin
POST H2	200	keywords Show response ntvpforever.com/	15 B 239 B	455ms 455ms	XHR application/json	167.235.163.216 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ntvpforever.com/keywords Requested by Host: 9a15f0c926.02ce917efd.com URL: https://9a15f0c926.02ce917efd.com/4db46ef47cafb47648fbe92762c9bdc8.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.235.163.216 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.216.163.235.167.clients.your-server.de Software nginx/1.20.1 / Resource Hash 080040b4937f3f423f32cd7f19b2a79ba1e1e213f1d9f4f4db4f609d4ad778d8 Request headers Referer https://poops.pink/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers pragma no-cache date Sun, 19 Nov 2023 18:54:55 GMT server nginx/1.20.1 vary Origin access-control-allow-methods * content-type application/json access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 15
GET		track de8fe6b459.d8f0d7e2c9.com/in/	0 0
GET H2	200	2959a4020c1cf21e8ed435ac413495ba.js Show response 9a15f0c926.02ce917efd.com/	515 KB 129 KB	1177ms 513ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://9a15f0c926.02ce917efd.com/2959a4020c1cf21e8ed435ac413495ba.js Requested by Host: 9a15f0c926.02ce917efd.com URL: https://9a15f0c926.02ce917efd.com/4db46ef47cafb47648fbe92762c9bdc8.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 2faa9e374a5089a764ecc8e4509409aa9a846b5c141cc9404abd66577adc52cf Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers expires Sun, 19 Nov 2023 18:59:54 GMT date Sun, 19 Nov 2023 18:54:54 GMT content-encoding gzip last-modified Fri, 17 Nov 2023 12:07:03 GMT server nginx/1.18.0 etag W/"65575767-80d54" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	4b7fdf690b6db6afa669268ef59d72e8.js Show response 9a15f0c926.02ce917efd.com/	88 KB 25 KB	1602ms 938ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://9a15f0c926.02ce917efd.com/4b7fdf690b6db6afa669268ef59d72e8.js Requested by Host: 9a15f0c926.02ce917efd.com URL: https://9a15f0c926.02ce917efd.com/4db46ef47cafb47648fbe92762c9bdc8.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash c9738fab836c02101d4b4b6d4932d3ad6c3a1cafcbfea859cc69febe31cfe442 Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers expires Sun, 19 Nov 2023 18:59:54 GMT date Sun, 19 Nov 2023 18:54:54 GMT content-encoding gzip last-modified Tue, 14 Nov 2023 09:59:35 GMT server nginx/1.18.0 etag W/"65534507-15eee" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
OPTIONS H/1.1	204 No Content	fp fp.metricswpsh.com/ Frame	0 0	902ms 247ms	Preflight	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=114039 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://poops.pink Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://poops.pink Connection keep-alive Date Sun, 19 Nov 2023 18:54:54 GMT Server nginx/1.20.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H/1.1	200 OK	fp Show response fp.metricswpsh.com/	60 B 429 B	1172ms 561ms	XHR application/json	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=114039 Requested by Host: 9a15f0c926.02ce917efd.com URL: https://9a15f0c926.02ce917efd.com/4db46ef47cafb47648fbe92762c9bdc8.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash 66d0d7a246f7d200f2dbb4218d225d1fff4999e78ef6e66e64e584b4770bb02b Request headers Referer https://poops.pink/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Date Sun, 19 Nov 2023 18:54:55 GMT Server nginx/1.20.1 Vary Origin Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://poops.pink Access-Control-Allow-Credentials true Connection keep-alive Content-Length 60
POST H2	204	collect www.google-analytics.com/g/	0 55 B	133ms 132ms	Ping text/plain	142.251.10.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je3b81v9167878827&_p=1700420090202&gcd=11l1l1l1l1&dma=0&cid=1809464341.1700420090&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1700420090&sct=1&seg=0&dl=https%3A%2F%2Fpoops.pink%2Fe%2FfuyzvTWxzIK&dt=Nayla%20-%20PoopHD&en=scroll&epn.percent_scrolled=90&_et=4&tfd=7300 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f138.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 19 Nov 2023 18:54:55 GMT server Golfe2 content-type text/plain access-control-allow-origin https://poops.pink cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		ServiceLogin accounts.google.com/	0 0
GET BLOB	200 OK	2703271e-c3ce-461a-b1dd-223d1a274840 https://poops.pink/	204 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://poops.pink/2703271e-c3ce-461a-b1dd-223d1a274840 Requested by Host: poops.pink URL: https://poops.pink/e/fuyzvTWxzIK Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Length 204 Content-Type text/javascript
OPTIONS		multy af32b1a3d4.c3ffbe5534.com/in/ Frame	0 0
GET H2	200	dip Show response nereserv.com/in/	0 201 B	315ms 310ms	XHR text/plain	167.235.163.216 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nereserv.com/in/dip?site=native-push&wl=1&event_id=3bc9d64d-8a27-4473-98a2-eedf4d585ce0&subid=357529620&sid=2399703915&spot_id=418774&created_at=2023-11-20&timezone=8&ver=8.116.1&is_native=1 Requested by Host: 9a15f0c926.02ce917efd.com URL: https://9a15f0c926.02ce917efd.com/2959a4020c1cf21e8ed435ac413495ba.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.235.163.216 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.216.163.235.167.clients.your-server.de Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 19 Nov 2023 18:54:55 GMT server nginx/1.20.1 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
POST		multy af32b1a3d4.c3ffbe5534.com/in/	0 0
GET H2	200	dip Show response nereserv.com/in/	0 201 B	315ms 311ms	XHR text/plain	167.235.163.216 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nereserv.com/in/dip?site=native-push&wl=1&event_id=40e80f8e-88cd-4731-9455-b54da48cb5e1&subid=388464194&sid=74497475&spot_id=418776&created_at=2023-11-20&timezone=8&ver=8.116.1&is_native=1 Requested by Host: 9a15f0c926.02ce917efd.com URL: https://9a15f0c926.02ce917efd.com/2959a4020c1cf21e8ed435ac413495ba.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.235.163.216 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.216.163.235.167.clients.your-server.de Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://poops.pink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 19 Nov 2023 18:54:55 GMT server nginx/1.20.1 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
OPTIONS		multy af32b1a3d4.c3ffbe5534.com/in/ Frame	0 0
POST		multy af32b1a3d4.c3ffbe5534.com/in/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

de8fe6b459.d8f0d7e2c9.com

URL

https://de8fe6b459.d8f0d7e2c9.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0MTU3NDA1NjIzMTczOTM5MCIsInRpbWV6b25lIjo4LCJ2ZXIiOiIzLjkwLjAiLCJ0YWdfaWQiOjExNDAzOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkFzaWEvU2luZ2Fwb3JlIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMjcsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6Ik5heWxhJTJDUG9vcEhEIn0=

Domain

accounts.google.com

URL

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

Domain

af32b1a3d4.c3ffbe5534.com

URL

https://af32b1a3d4.c3ffbe5534.com/in/multy

Domain

af32b1a3d4.c3ffbe5534.com

URL

https://af32b1a3d4.c3ffbe5534.com/in/multy

Domain

af32b1a3d4.c3ffbe5534.com

URL

https://af32b1a3d4.c3ffbe5534.com/in/multy

Domain

af32b1a3d4.c3ffbe5534.com

URL

https://af32b1a3d4.c3ffbe5534.com/in/multy