poop.com.co Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://poop.com.co/e/yaWQO86yW04
Submission: On March 21 via manual (March 21st 2024, 3:23:21 am UTC) from ID — Scanned from NL

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 22 domains to perform 49 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is poop.com.co. The Cisco Umbrella rank of the primary domain is 77376.
TLS certificate: Issued by E1 on February 11th 2024. Valid for: 3 months.

This is the only time poop.com.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:46be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:303... 2606:4700:3032::6815:1ef2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:400c:c00::54	15169 (GOOGLE) (GOOGLE)
2	157.90.84.246 157.90.84.246	24940 (HETZNER-AS) (HETZNER-AS)
8	2a01:4f8:e0:1... 2a01:4f8:e0:19cb::1	24940 (HETZNER-AS) (HETZNER-AS)
1	2a01:4f8:c0:2... 2a01:4f8:c0:2306::1	24940 (HETZNER-AS) (HETZNER-AS)
2	139.45.197.245 139.45.197.245	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
6	2a02:b48:8301... 2a02:b48:8301::24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	2604:9e00:1:1... 2604:9e00:1:129::2:b1f	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	2a02:26f0:780... 2a02:26f0:780::210:a459	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.109.170.97 23.109.170.97	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
49	20

8 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

poop.com.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mp4skin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrolagu.cam	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:46be (United States)

ASN13335 (CLOUDFLARENET, US)

img.doodcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.poopcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

bd2e9c4479.bea988787c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
89d9c155c8.a8bd627b41.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:1ef2 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.multstorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::54 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.84.90.157.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a01:4f8:e0:19cb::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

4d2c79d385.cec741d143.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:c0:2306::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

mcpuwpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)

meenetiy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:b48:8301::24 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:9e00:1:129::2:b1f (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.qualiclicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a459 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.qualiclicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.170.97 (Netherlands)

ASN7979 (SERVERS-COM, US)

fikedaquabib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cec741d143.com 4d2c79d385.cec741d143.com	14 KB
6	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 26943	10 KB
5	bea988787c.com bd2e9c4479.bea988787c.com	218 KB
4	metrolagu.cam metrolagu.cam — Cisco Umbrella Rank: 86593	6 KB
3	google.com 2 redirects accounts.google.com — Cisco Umbrella Rank: 62	2 KB
3	mp4skin.com mp4skin.com — Cisco Umbrella Rank: 102020	2 KB
2	qualiclicks.com 1 redirects xml.qualiclicks.com — Cisco Umbrella Rank: 293798 static.qualiclicks.com — Cisco Umbrella Rank: 32639	18 KB
2	meenetiy.com meenetiy.com — Cisco Umbrella Rank: 89687	33 KB
2	nereserv.com nereserv.com — Cisco Umbrella Rank: 26516	401 B
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 26585	428 B
2	doodcdn.co img.doodcdn.co — Cisco Umbrella Rank: 25584	85 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 387	56 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143	50 KB
1	fikedaquabib.com fikedaquabib.com — Cisco Umbrella Rank: 92755	1 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 7780	541 B
1	mcpuwpsh.com mcpuwpsh.com — Cisco Umbrella Rank: 43042	9 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1728	251 B
1	a8bd627b41.com 89d9c155c8.a8bd627b41.com	207 B
1	multstorage.com storage.multstorage.com — Cisco Umbrella Rank: 22485	910 B
1	poopcdn.com assets.poopcdn.com — Cisco Umbrella Rank: 87562	853 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	97 KB
1	poop.com.co poop.com.co — Cisco Umbrella Rank: 77376	5 KB
49	22

	Domain	Requested by
8	4d2c79d385.cec741d143.com	bd2e9c4479.bea988787c.com
6	static.bookmsg.com	bd2e9c4479.bea988787c.com
5	bd2e9c4479.bea988787c.com	poop.com.co bd2e9c4479.bea988787c.com
4	metrolagu.cam	mp4skin.com metrolagu.cam
3	accounts.google.com	2 redirects poop.com.co
3	mp4skin.com	poop.com.co mp4skin.com
2	meenetiy.com	mp4skin.com meenetiy.com
2	nereserv.com	bd2e9c4479.bea988787c.com
2	fp.metricswpsh.com	bd2e9c4479.bea988787c.com
2	img.doodcdn.co	poop.com.co metrolagu.cam
2	cdnjs.cloudflare.com	poop.com.co metrolagu.cam
1	pagead2.googlesyndication.com	metrolagu.cam
1	fikedaquabib.com	metrolagu.cam
1	static.qualiclicks.com
1	xml.qualiclicks.com	1 redirects
1	my.rtmark.net	meenetiy.com
1	mcpuwpsh.com	bd2e9c4479.bea988787c.com
1	region1.google-analytics.com	www.googletagmanager.com
1	89d9c155c8.a8bd627b41.com	bd2e9c4479.bea988787c.com
1	storage.multstorage.com	bd2e9c4479.bea988787c.com
1	assets.poopcdn.com	poop.com.co
1	www.googletagmanager.com	poop.com.co
1	poop.com.co
49	23

This site contains no links.

Subject Issuer	Validity	Valid
poop.com.co E1	`2024-02-11` - `2024-05-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
doodcdn.co Cloudflare Inc ECC CA-3	`2024-01-12` - `2024-12-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
assets.poopcdn.com E1	`2024-03-14` - `2024-06-12`	3 months	crt.sh
mp4skin.com GTS CA 1P5	`2024-03-02` - `2024-05-31`	3 months	crt.sh
bd2e9c4479.bea988787c.com R3	`2024-03-18` - `2024-06-16`	3 months	crt.sh
multstorage.com GTS CA 1P5	`2024-03-17` - `2024-06-15`	3 months	crt.sh
89d9c155c8.a8bd627b41.com R3	`2024-03-18` - `2024-06-16`	3 months	crt.sh
notification.tubecup.net R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
cec741d143.com R3	`2024-03-17` - `2024-06-15`	3 months	crt.sh
puwpush.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
meenetiy.com R3	`2024-02-08` - `2024-05-08`	3 months	crt.sh
metrolagu.cam GTS CA 1P5	`2024-02-15` - `2024-05-15`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
static.bookmsg.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
fikedaquabib.com R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://poop.com.co/e/yaWQO86yW04
Frame ID: 3C01B8130C0882CBDC444362B74178D6
Requests: 28 HTTP requests in this frame

Frame: https://mp4skin.com/video?q=kau+rumahku+raissa+anggiani
Frame ID: AE16194CA83AAC78D96244CE685725CE
Requests: 6 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: E90F2F52FC7B98B98865358B7E9867D5
Requests: 1 HTTP requests in this frame

Frame: https://metrolagu.cam/video?q=jinan-laetitia-symbols
Frame ID: 9F39E8C0D1E3232B9B05AF19CFDD5B44
Requests: 8 HTTP requests in this frame

Frame: data://truncated
Frame ID: EF5A8FCBD30139C8E82DBBC196E37401
Requests: 2 HTTP requests in this frame

Frame: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Frame ID: 3068177F7050E9F29F01462975855486
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live Show-Nanaa 19 thn - PoopHD

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

94 %
HTTPS

70 %
IPv6

22
Domains

23
Subdomains

20
IPs

5
Countries

607 kB
Transfer

1745 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKJXeeOb9Wo0TkSpYSdmOpGWrK5sXLC81U3aWB1Kdqom9Uqlow8rXZxjXy0zHzO-soFJfC9m HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJsM65EJqxb6JdgYRx0eKRKc5OJt4ScPQkml8qlHuBrRPaW6FMa6K3KfpTxDzP1xpmyQ1fK&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-939029347%3A1710991396071297&theme=mn&ddm=0

Request Chain 36

https://xml.qualiclicks.com/thumbnail?i=nh4ob*TqDjs_0&p=1710991396.427961&imgt=icon&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.01&cpa=94ef0740-75ec-4ece-9d76-c8f61e66e08b&prev_step_diff=447 HTTP 302
https://static.qualiclicks.com/n254/ad/300x300_53YrhXbCMxpu6VwbenuP.jpeg

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request yaWQO86yW04 Show response
poop.com.co/e/ 11 KB
5 KB 380ms
327ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3eae06a7c260d2074d89a993d602ee61ebbfe67bed85dd43a7a15066a409e2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: EXPIRED
cf-ray: 867ad27cecda672a-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 03:23:15 GMT
last-modified: Tue, 19 Mar 2024 18:07:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dItAJntDXFhr63BBSb76YLrGMuZgEEpoiArgHd2HTo7ERqAScrGPy2tjS5tQE0BSaj1i%2FCSAS4Ugs%2FFYvE01AEywczznhqtGLk6gClTXmWwJEgo2YG2YSX%2FjohrKDqlWl0zykKLGElI25A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 51ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:23:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 83521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27748
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zq06YSU7lmvX80%2FwBnbGoBZOotN0dPyQ3VwLb%2Fbl4yxhm2ksmLZjViFinPT4gTP8OfQsufFDJ5twEkCvxFfyCGQPEKMrzW0Dk3QBpMVrt%2B21dpZnHJTS5e5%2FiDkNZrz22xYKgwem0VHZ3%2B2jsPySMVU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 867ad27f2c889701-AMS
expires: Tue, 11 Mar 2025 03:23:15 GMT

GET
H2 200 yhan777ezktll7tw.jpg
img.doodcdn.co/snaps/ 42 KB
43 KB 171ms
124ms Image
image/jpeg 2606:4700:20::ac43:46be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.doodcdn.co/snaps/yhan777ezktll7tw.jpg
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19aa8a2bfafbf0d70e6a5973b1d7fe8346d4f9e6a4310530297136f913acb84

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:23:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=43338
alt-svc: h3=":443"; ma=86400
content-length: 42992
cf-bgj: imgq:100,h2pri
last-modified: Thu, 04 Jan 2024 12:25:23 GMT
server: cloudflare
etag: "6596a3b3-a94a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sE%2BX9yOe6dlZIfnVyA546IBZzrP7sNs3m4rbOufmDIVh1X6B9iflc3kum1yabRWJKJ92AJfkmNxZwbiaS%2FqcAcwMxLpEN6sniEJodAcB9t%2Fx%2BWsLweLIV6reBRfb1BFK8xCFnjnjCSRGVvLI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 867ad27f4a4a66c0-AMS
expires: Wed, 03 Apr 2024 16:48:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
97 KB 78ms
30ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X

Requested by

Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf8b859a65e3669622e5aa6401f39c89a262f6b612b867e223d72cee57dbe681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:23:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99196
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 03:23:15 GMT

GET
H2 200 play.svg
assets.poopcdn.com/ 633 B
853 B 74ms
24ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.poopcdn.com/play.svg
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:23:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Mar 2024 17:17:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2587
etag: W/"85f08506e5a64050719e7e18a26cd9c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8K%2BIMBvZntFNZ3ZyP6XwZ2DA5V%2B6BiHQMfUxYJ7pD7NFyPEajr4PsPqKGYK8v1mybNwEmI1qPs0kTN6wX6Ucxs0q58maoN5rQhcjt39PfcNgHP9rsoXob0qrodP2WodvBl1Py88pDKrCcOyXPZTz8PY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 867ad27fac52b95c-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 3430577936384f51576179 Show response
mp4skin.com/embud/ Frame AE16 257 B
622 B 267ms
215ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp4skin.com/embud/3430577936384f51576179
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecea67acc924870fea52af37f094820ec38d2d7fe824eb8dc1bfaaaf220d6c45

Request headers

Referer: https://poop.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 867ad27fbd761c87-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 03:23:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zolqAKJkAlAfCRAHSDwEXUx4MT%2FvBvpZPiU7eQmv7Pb88JDhLfilmxvxjQvMkL16Chkt1vyM1jT5pP3MTAZh18jPfWKhyeP4VdPKno%2BE9xfFvYOl3GTJHTS8jI6ZiAfK9zyFdNvEZ1FwaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 177977d9fce0d66cde988f199b998c53.js Show response
bd2e9c4479.bea988787c.com/ 105 KB
35 KB 61ms
13ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bd2e9c4479.bea988787c.com/177977d9fce0d66cde988f199b998c53.js
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 0d41bac5fac83ca33fd47e676088947be85d5877544f5d7a623a6c2594ae663a

Request headers

Referer: https://poop.com.co/
Origin: https://poop.com.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 21 Mar 2024 03:28:15 GMT
date: Thu, 21 Mar 2024 03:23:15 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2024 14:19:18 GMT
server: nginx/1.18.0
etag: W/"65faf066-1a301"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 114039 Show response
bd2e9c4479.bea988787c.com/56a9113f589f91ec6fa323a1a3aea8c2/ 3 KB
3 KB 14ms
14ms XHR
application/json 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bd2e9c4479.bea988787c.com/56a9113f589f91ec6fa323a1a3aea8c2/114039?version_name=d
Requested by: Host: bd2e9c4479.bea988787c.com
URL: https://bd2e9c4479.bea988787c.com/177977d9fce0d66cde988f199b998c53.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: add2866f026cbda27b4d165cc318c81d24601f85e529ae5658718b76227d02a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 03:23:15 GMT
cache-control: max-age=300
x-proxy-cache: HIT
server: nginx/1.18.0
content-type: application/json
expires: Thu, 21 Mar 2024 03:28:15 GMT

GET
H2 200 count.html Show response
storage.multstorage.com/log/ Frame E90F 882 B
910 B 67ms
26ms Document
text/html 2606:4700:3032::6815:1ef2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.multstorage.com/log/count.html
Requested by: Host: bd2e9c4479.bea988787c.com
URL: https://bd2e9c4479.bea988787c.com/177977d9fce0d66cde988f199b998c53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1ef2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

Request headers

Referer: https://poop.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 867ad280ad371c86-AMS
content-encoding: br
content-type: text/html
date: Thu, 21 Mar 2024 03:23:15 GMT
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2BziRRL%2Fw0yH38Tfj1n0%2BMQv1vbTgKptF%2BHRjyMG91cbBkSrPzL3JZOM8DXm9ZZvHmBRQ2qWnBVOevzBTqCM%2FdeK3wiRW4UYD5T8dFEsQLkzU0UH7ptTjlhhYGDSwZ%2BpDcPCsWSNq42xv1859VrHfRDtBB%2Brxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-request-id: e510ceea80b4c186897714aa5c43c13f

GET
H2 200 track Show response
89d9c155c8.a8bd627b41.com/in/ 0
207 B 98ms
43ms XHR
text/plain 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://89d9c155c8.a8bd627b41.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI3OTc0MjM0MjM1MzE3ODI2MDAwIiwidGltZXpvbmUiOjEsInZlciI6IjMuMTEyLjAiLCJ0YWdfaWQiOjExNDAzOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV1cm9wZS9BbXN0ZXJkYW0iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4wNiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiTGl2ZSUyQ1Nob3ctTmFuYWElMkMxOSUyQ3RobiUyQ1Bvb3BIRCJ9
Requested by: Host: bd2e9c4479.bea988787c.com
URL: https://bd2e9c4479.bea988787c.com/177977d9fce0d66cde988f199b998c53.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:23:15 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 5f26fe0ce195f7c4b706b93eb9dd9dbd.js Show response
bd2e9c4479.bea988787c.com/ 96 KB
28 KB 42ms
13ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bd2e9c4479.bea988787c.com/5f26fe0ce195f7c4b706b93eb9dd9dbd.js
Requested by: Host: bd2e9c4479.bea988787c.com
URL: https://bd2e9c4479.bea988787c.com/177977d9fce0d66cde988f199b998c53.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: eb4c32eeb8c9131cdcf29a7f976e892c59b387c2aaf9a5a7ca704d2fc1e236df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 21 Mar 2024 03:28:15 GMT
date: Thu, 21 Mar 2024 03:23:15 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2024 12:44:38 GMT
server: nginx/1.18.0
etag: W/"65fada36-17e9c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 63145998d934c9f43e1e60f4427b5a4b.js Show response
bd2e9c4479.bea988787c.com/ 162 KB
45 KB 63ms
38ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bd2e9c4479.bea988787c.com/63145998d934c9f43e1e60f4427b5a4b.js
Requested by: Host: bd2e9c4479.bea988787c.com
URL: https://bd2e9c4479.bea988787c.com/177977d9fce0d66cde988f199b998c53.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: fec602a8e68354fcb170f819b045733ae2d6d8600786489fe7243fad96dd21ee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 21 Mar 2024 03:28:15 GMT
date: Thu, 21 Mar 2024 03:23:15 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2024 13:54:11 GMT
server: nginx/1.18.0
etag: W/"65faea83-288ce"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 102ms
25ms Preflight 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=114039
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.com.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://poop.com.co
Connection: keep-alive
Date: Thu, 21 Mar 2024 03:23:15 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 58 B
428 B 77ms
26ms XHR
application/json 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=114039
Requested by: Host: bd2e9c4479.bea988787c.com
URL: https://bd2e9c4479.bea988787c.com/177977d9fce0d66cde988f199b998c53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: f3fb88af12012a747b199e21f2ff257adfcb58dd20ac92b40c562defc74bea47

Request headers

Referer: https://poop.com.co/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 21 Mar 2024 03:23:16 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://poop.com.co
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 58

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 48ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je43k0v9167878827za200&_p=1710991395736&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=423636126.1710991396&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710991395&sct=1&seg=0&dl=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&dt=Live%20Show-Nanaa%2019%20thn%20-%20PoopHD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=640
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:23:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://poop.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKJXeeOb9Wo0TkSpYSdmOpGWrK5sXLC81U3aWB1Kdqom9Uqlow8rXZxjX...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJsM65EJqxb6JdgYRx0eKRKc5OJt4ScPQkml8qlHuBrRPaW6FMa6K3KfpTxDzP1xpmyQ1fK&passive=t...

0
0

33ms
32ms

Image
text/html

2a00:1450:400c:c00::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJsM65EJqxb6JdgYRx0eKRKc5OJt4ScPQkml8qlHuBrRPaW6FMa6K3KfpTxDzP1xpmyQ1fK&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-939029347%3A1710991396071297&theme=mn&ddm=0
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H3
Server: 2a00:1450:400c:c00::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

date: Thu, 21 Mar 2024 03:23:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5twesToN2A5bI064MkpjTQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 426
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJsM65EJqxb6JdgYRx0eKRKc5OJt4ScPQkml8qlHuBrRPaW6FMa6K3KfpTxDzP1xpmyQ1fK&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-939029347%3A1710991396071297&theme=mn&ddm=0
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 8ea5114e-f883-4acf-9e76-4c2463cf6769
https://poop.com.co/ 204 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://poop.com.co/8ea5114e-f883-4acf-9e76-4c2463cf6769
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 204
Content-Type: text/javascript

GET
H2 200 2739f5851c97253f256b150dd81ec3c2.js Show response
bd2e9c4479.bea988787c.com/ 459 KB
108 KB 17ms
17ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bd2e9c4479.bea988787c.com/2739f5851c97253f256b150dd81ec3c2.js
Requested by: Host: bd2e9c4479.bea988787c.com
URL: https://bd2e9c4479.bea988787c.com/63145998d934c9f43e1e60f4427b5a4b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e48f9fa2d05db0d1c450fea8f640b1aebc6c4430ef1a5b54bb6506679f334030

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 21 Mar 2024 03:28:16 GMT
date: Thu, 21 Mar 2024 03:23:16 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2024 10:31:25 GMT
server: nginx/1.18.0
etag: W/"65fabafd-72c52"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 98ms
29ms XHR
text/plain 157.90.84.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=587a3ffe-88a1-4abe-96dd-b79b0f761ef4&subid=388464194&sid=1674597962&spot_id=418776&created_at=2024-03-21&timezone=1&ver=8.154.1&is_native=1
Requested by: Host: bd2e9c4479.bea988787c.com
URL: https://bd2e9c4479.bea988787c.com/63145998d934c9f43e1e60f4427b5a4b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:23:16 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
4d2c79d385.cec741d143.com/in/ 50 KB
8 KB 359ms
359ms XHR
application/json 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4d2c79d385.cec741d143.com/in/multy
Requested by: Host: bd2e9c4479.bea988787c.com
URL: https://bd2e9c4479.bea988787c.com/63145998d934c9f43e1e60f4427b5a4b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: cb7fa2ecd0768c6dd7bec924cabbb3482aaa94170aa090e615671b51538d002d

Request headers

Referer: https://poop.com.co/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:23:16 GMT
content-encoding: gzip
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 7477

OPTIONS
H2 204 multy
4d2c79d385.cec741d143.com/in/ Frame 0
0 100ms
24ms Preflight 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4d2c79d385.cec741d143.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.com.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Thu, 21 Mar 2024 03:23:16 GMT
pragma: no-cache
server: nginx/1.18.0
vary: Origin

GET
H2 200 dip Show response
nereserv.com/in/ 0
200 B 98ms
29ms XHR
text/plain 157.90.84.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=7bcc6cc5-837c-43c6-85c7-ec4b48a12051&subid=357529620&sid=1988775403&spot_id=418774&created_at=2024-03-21&timezone=1&ver=8.154.1&is_native=1
Requested by: Host: bd2e9c4479.bea988787c.com
URL: https://bd2e9c4479.bea988787c.com/63145998d934c9f43e1e60f4427b5a4b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:23:16 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
4d2c79d385.cec741d143.com/in/ 36 KB
6 KB 341ms
341ms XHR
application/json 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4d2c79d385.cec741d143.com/in/multy
Requested by: Host: bd2e9c4479.bea988787c.com
URL: https://bd2e9c4479.bea988787c.com/63145998d934c9f43e1e60f4427b5a4b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: d2824497eae1b02af5e5c71aba1755fd6669f1038afc928feae8f13a94032c04

Request headers

Referer: https://poop.com.co/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:23:16 GMT
content-encoding: gzip
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 5952

OPTIONS
H2 204 multy
4d2c79d385.cec741d143.com/in/ Frame 0
0 98ms
23ms Preflight 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4d2c79d385.cec741d143.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.com.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Thu, 21 Mar 2024 03:23:16 GMT
pragma: no-cache
server: nginx/1.18.0
vary: Origin

POST
H2 200 video Show response
mp4skin.com/ Frame AE16 633 B
615 B 119ms
117ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp4skin.com/video?q=kau+rumahku+raissa+anggiani
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e3b8b7206ed49666391343a4507adde0ddff82cc8fa6eb013434b3fbab5dfed

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://mp4skin.com
Referer: https://mp4skin.com/embud/3430577936384f51576179
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 867ad2812e631c87-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 03:23:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qTKCpR5wKAsMNWlN%2F5YZcp92127q4hJII0GbfLm0aMVDJi%2FvgLL28F6BwoPus91uWBN6bLZKIZzI8WLQdYCGsuwZdmWFTqMKeGzp7572lR20Po64wg5IQ%2Bt%2BnxtNqKwn1%2FzNu7PfGCcQzw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 / Show response
mcpuwpsh.com/get/ 9 KB
9 KB 512ms
202ms Fetch
application/json 2a01:4f8:c0:2306::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mcpuwpsh.com/get/
Requested by: Host: bd2e9c4479.bea988787c.com
URL: https://bd2e9c4479.bea988787c.com/5f26fe0ce195f7c4b706b93eb9dd9dbd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2306::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a15e6b831f6600468e67fd50e2106b81c210a7de59ceb0ab14941c2318091818

Request headers

Referer: https://poop.com.co/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:23:16 GMT
server: nginx/1.16.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 8938

GET
H3 200 embed.css
mp4skin.com/ Frame AE16 755 B
874 B 22ms
22ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp4skin.com/embed.css
Requested by: Host: mp4skin.com
URL: https://mp4skin.com/video?q=kau+rumahku+raissa+anggiani
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 206d526e32959ce92da664b9e30be583c2500a6427800ecf2f8718b16ede188c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mp4skin.com/video?q=kau+rumahku+raissa+anggiani
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:23:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38293
cf-polished: origSize=1094
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 14:03:56 GMT
server: cloudflare
etag: W/"655cb8cc-446"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iDHB%2B%2F%2FdYY4tN%2FVRK%2BhOWJ1wjY4iU1lsPPwmCt%2FSGusZZTEsFRu%2B19nL0ZFW3IS4faWpCEO2FbN0YqTJ2YmpN32tDmPxgKByc1CY2s6KBtSGslx94XvBGS6%2Fmgajzdh4N%2F5WIazTJigOvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 867ad281eaa766f9-AMS
expires: Thu, 21 Mar 2024 04:45:03 GMT

GET
H2 200 6678850 Show response
meenetiy.com/5/ Frame AE16 78 KB
30 KB 177ms
58ms Script
application/javascript 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meenetiy.com/5/6678850
Requested by: Host: mp4skin.com
URL: https://mp4skin.com/video?q=kau+rumahku+raissa+anggiani
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b80ffacc368b39195c4cf0fe32148f99e36ea9fc0f6a2a061f8fecccb8dae03c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mp4skin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:23:16 GMT
content-encoding: gzip
x-trace-id: 8d6fd36809c6cbf9761cd70df077af1b
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 3430577936384f51576179 Show response
metrolagu.cam/jembud/ Frame 9F39 253 B
610 B 238ms
120ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrolagu.cam/jembud/3430577936384f51576179
Requested by: Host: mp4skin.com
URL: https://mp4skin.com/video?q=kau+rumahku+raissa+anggiani
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7214b254c3ccf66fde8f6019244d6694699da76699b20d351cc4ed57839b91b1

Request headers

Referer: https://mp4skin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 867ad282ac61671a-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 03:23:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YpdKLpNiylIgfkfHByIX4w4pFMh8my8KvqvlhiSjh11Xb3sN3jDMeR3FiXx6L5A%2FrkuXY8hw1L4QD6N4odB9cyYCyHo82NV2nqmwM1J2lEKCVqi89msf8U65dPzeed7SmuGsnsUOEF27QVqh"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame AE16 65 B
541 B 83ms
15ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: meenetiy.com
URL: https://meenetiy.com/5/6678850

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

58803cbff0928f473e5a1f5adb6d9194a433b6a4628e24670899a0d1ffa9046a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mp4skin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:23:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mp4skin.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 video Show response
metrolagu.cam/ Frame 9F39 7 KB
3 KB 120ms
120ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrolagu.cam/video?q=jinan-laetitia-symbols
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ffa75ff0d4f53825db2a7bad04e1dd584ae257df8b32a757c3c0f39a78b0c0f

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://metrolagu.cam
Referer: https://metrolagu.cam/jembud/3430577936384f51576179
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 867ad2838d0c671a-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 03:23:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Xlm7QONodQH2HTJIDQ%2Bn7L6Dtc8B6TIMr65veTJsujP6cBEJ5sjCAmdfM3g9KUuHmykxUmBtIdUIVd6DBTveUWwsfUlgpc2sHlMh%2FnqYviUtlSBeaPB1Q%2BUW7idAcUevdwqHPDBtT6mC0SH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
meenetiy.com/5/6678850/ Frame AE16 3 KB
2 KB 17ms
16ms XHR
application/json 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meenetiy.com/5/6678850/?abt_opts=1&js_build=iclick-v1.742.0&userId=ba7b54b71c25448c84d5dd6cbc69202a&is_mobile=false
Requested by: Host: meenetiy.com
URL: https://meenetiy.com/5/6678850
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 45887a60e0c49f2d7be29a04aba720b803cf63bf7a2d97c40afd393ad272406f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mp4skin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:23:16 GMT
content-encoding: gzip
x-trace-id: 76bd2b7aa93522dd41bb267b9c6a18fc
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://mp4skin.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ 486 B
698 B 438ms
109ms Image
image/webp 2a02:b48:8301::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.01&cpa=9a9c008e-89a2-42ec-b61c-07b960981edf&prev_step_diff=447
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 21 Mar 2025 03:23:16 GMT
date: Thu, 21 Mar 2024 03:23:16 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1e6"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 486
x-proxy-cache: HIT

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ 1 KB
1 KB 439ms
110ms Image
image/webp 2a02:b48:8301::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 21 Mar 2025 03:23:16 GMT
date: Thu, 21 Mar 2024 03:23:16 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-42a"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1066
x-proxy-cache: HIT

GET
H2 200 /
4d2c79d385.cec741d143.com/in/show/ 0
201 B 73ms
26ms Image
text/plain 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4d2c79d385.cec741d143.com/in/show/?tag_ab=d&site_id=31418774&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,all&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&refdom=poop.com.co&auction_time=1710991396&subid=357529620&sid=1988775403&tcid=0&ver=8.154.1&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-21&iabcat=IAB25-3&keywords=&user_fp=16677902544460865422&score=56.61284158145347&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fe%252FyaWQO86yW04%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDEYcY2jAqGFjTJkWMcLYqNGChg0cYVqImXFjRosbMWyMLOMyhwySIhzOEZOGjEIdW0TMqHGjhowcNmTAENHF4Rg3R3HQmOEwTJ0xGEXKkHHDRg4cOHPMwCEj6lIaQUUQJYMxDZ0ybb7EiGvQzkIZM1zicAinjpiFNZbK6Arnog4ZMWrkoCEUjkQdNGhIxQGDq4gyeOh8mWM5bAy0N-BabeOYBtQYMCg-JGNmYUO5btwsnBGDBo7JMBy2ceMRs0i2hIcXj3EDBgwbDuvs1TGQjsU5Ol68OPPGxfAwpNu4GPOmzYs5bcLIsbjxRZkxNcSYNVMSBs4wM8aYIQM4DA0zvYVRUxmclUSDGC6FsV8OZdQUxnMGIVhGWzbQUEMNZJBxA05mmPFDHXMglAQZPTSXg4JjrFVGYmaUIQZTaz1lgxlb4YCDGWM0dYMYOrI1GYY2hFFDGfu1SKAYBF44Bg428EdGbFzU4VxbbeCFpBwj9kCEFEIucQUMTGSRxBV6MEHFGXS4gUYbeThxRh1EvIFDDPs1ldlmnanVW1NRvAHFFVfMIEMYThCB05pRhMHGEWOIccUaShRBRBJVyKGFGEggccZYecSRRBJEuPGFFUZcAUcYU8xQhZtksFEDDDQgQUUSMoyBBBM51CGFFFtSkcYbYgxRxhFIQHHGGU0oscQSTyRRxxBXUJEDHUJggUcZZ2TxhhlWvHFHGHo44cYUVsRBRxy9VRHFF2dUAaoUVaQR5ZQ2zPFGHXKYlOWdMHA2w7wwtAWHDD38ZiNUAAscQw9OMJGwDXDM0ENcZJSHkUYbjVeexnGNEcZlW_BWVUb5LgSDC87Z55kYtelwcmA01GQVHHnBUbLLLkQ1kkNy2OFYZA69R7PJLsgsQh11pIFRTjZsmEPANWTmUr8raSZDXGk4JkIONbgAWQwuxJBDDmG_GlcdYWDUxBt6pMEGG2G80DUMIKBwRRpuVHzHHCA4QQUIsKG8Awh3u1Hh4HhUmAIIQTTGRhlXuLiEXXLT5MIMNtS9hKxNMMECCGyksUYZIBzx3hpvLD4EGnKUV8YLMYyFcs5tgR07DiBMoaB6aVR-w-U2dAwWdQ3H9YYcX4wxvAjFO8TG8s2LcJAdX8hRBhsTMVVDZFo5x_MZuj3GlGzTfyGGHAsNJn0Z1LfxBl2PzUmZ9K1P5NAbR81v8xt45LHQ_NZrWXWuk50XYAwOGhMPedzzgjyE4QpReAKT8vAl1YhgDj3DSOvo8LHjtaAObrBLC5jiAjLkyHgY9IsOZjCD58SAN52ZnwkxcpAvmPAGcaFDGyaCExiM7YVQqUgbrqYD5sDmhzN4TQxkY5DqlYE0X_gYD4-YAyBC5zPUUxRC6HCUkNVgZGEQw2XWZwavsEEihHmeyaxSHBj0QQEBAQ%253D%253D%26s%3D85304e69026689ba80a5eb912ea99d77be2f11939710b64729d34614cfa6be061710991396&icons=peK65DWWfSsJ_pbuyGd9ROD_ZwcEaBEdhJg79woPQZZ9vIJEzf6IKvAUMB7CFh0n2Lv6bDUUrePdgdNy320TdJnxZO8hre7FtQRr6nWLnjUxO4PNMCxyKTMXCTPxeLso0xaGII1xwWCsCXR2nz8umzXHsdbUuiZXeMNl0Uw5RndEWTNWbw&ext_cid=496101&pop_price=0.0006205000000000001&pop_ecpm=0.03534283655396052&px_id=418774&min_cpm=0.019635352208294616&out_id=1&campaign_type=lq-pop-ext&aid=2010&cid=10882&uniq=&mid=4022769871938262354&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.6205&cpm=0&verify_hash=777db3441510e42491ed3d8a7b7f9c15&is_native=3&real_bid=0.6205&pop_real_cpm=0.6205&pop_real_bid=0.0006205000000000001&original_bid_usd=0.6205&original_bid=0.6205&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&ip_mismatch=2001:1af8:4020:a034:9876::7&geo=NL&carrier=-&label_ids=4,20,27,108,0&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.6205&hostname=auc-inpage-hz-3-c&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0006205000000000001&ext_campaign_id_str=496101&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.01&cpa=3ce96d30-4ccc-4dbd-8f6a-dca1d62464de&prev_step_diff=447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:23:16 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
DATA 200
OK truncated
/ Frame EF5A 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
4d2c79d385.cec741d143.com/in/show/ 0
200 B 66ms
27ms Image
text/plain 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4d2c79d385.cec741d143.com/in/show/?tag_ab=d&site_id=31418774&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,all&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&refdom=poop.com.co&auction_time=1710991396&subid=357529620&sid=1988775403&tcid=0&ver=8.154.1&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-21&iabcat=IAB25-3&keywords=&user_fp=16677902544460865422&score=56.61284158145347&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fe%252FyaWQO86yW04%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=a8e211aeea369486988b37224e8fe66a&url=https%3A%2F%2Fxml.qualiclicks.com%2Fclick%3Fi%3Dnh4ob%2ATqDjs_0%26p%3D1710991396.427961&icons=M4B6xUmguGXWoJN30NlAjK8AXzGVoDBceGJgKG2XlEvam-pAQtKl73TSPAiBLZecRChB8d3xWeTo1XgyqYFlGeYae2LIexCvfNQL7FCs8HAO2loCfbH16GvAF-SFV-jS-Rnqg1YCP4x1W56UOsZKKH60GwNzdIGdl37p&ext_cid=1314976&px_id=73418774&min_cpm=0.0009322716566343889&out_id=0&campaign_type=hq&aid=3330&cid=15125&uniq=&mid=4022769871938262354&skin_id=71&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.006490447526825438&cpm=0&verify_hash=6303924b35d72f881b2fd94a79ab5074&is_native=1&real_bid=0.0024&original_bid_usd=0.0024&original_bid=0.0024&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&ip_mismatch=2001:1af8:4020:a034:9876::7&geo=NL&carrier=-&label_ids=4,83,90,5,98,106&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=1711077796&image_url=&site=native-push-adult&price=0.0024&hostname=auc-inpage-hz-3-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0000024&ext_campaign_id_str=1314976&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.01&cpa=a42b4a82-e5ca-46c3-8a67-a360d7620cf0&prev_step_diff=447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:23:16 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1

200
OK

300x300_53YrhXbCMxpu6VwbenuP.jpeg
static.qualiclicks.com/n254/ad/ Frame EF5A
Redirect Chain

https://xml.qualiclicks.com/thumbnail?i=nh4ob*TqDjs_0&p=1710991396.427961&imgt=icon&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.01&cpa=94ef0...
https://static.qualiclicks.com/n254/ad/300x300_53YrhXbCMxpu6VwbenuP.jpeg

17 KB
17 KB

160ms
48ms

Image
image/jpeg

2a02:26f0:780::210:a459
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.qualiclicks.com/n254/ad/300x300_53YrhXbCMxpu6VwbenuP.jpeg
Protocol: HTTP/1.1
Server: 2a02:26f0:780::210:a459 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c71160fa1d00ba23f881b7f5981ad03f090e7ddab9318f6ad2c2fd1955edc872

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 03:23:16 GMT
Last-Modified: Fri, 12 Jan 2024 05:51:31 GMT
Server: nginx
ETag: "65a0d363-4415"
CDN-Origin-Protocol: HTTP
Content-Type: image/jpeg
Cache-Control: max-age=12990
Connection: keep-alive
Accept-Ranges: bytes
X-Forward-Proto: http
Content-Length: 17429
Expires: Thu, 21 Mar 2024 06:59:46 GMT

Redirect headers

Location: https://static.qualiclicks.com/n254/ad/300x300_53YrhXbCMxpu6VwbenuP.jpeg
Date: Thu, 21 Mar 2024 03:23:16 GMT
Cache-Control: no-store
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp
static.bookmsg.com/creatives/SG/ 1 KB
1 KB 426ms
117ms Image
image/webp 2a02:b48:8301::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=fb89215d-12bb-4f83-a89d-48d3ccacb560&prev_step_diff=469
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: debd9647eddaaacaba09b81371fd2e331f952904d7c7f635955b6e213e6a4ee4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 21 Mar 2025 03:23:16 GMT
date: Thu, 21 Mar 2024 03:23:16 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-41c"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1052
x-proxy-cache: HIT

GET
H2 200 SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp
static.bookmsg.com/creatives/SG/ 5 KB
5 KB 442ms
132ms Image
image/webp 2a02:b48:8301::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 361540ac8047f9e65b9db4966125eb66d084de3057b5e1c48942c0e1aebe2a44

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 21 Mar 2025 03:23:16 GMT
date: Thu, 21 Mar 2024 03:23:16 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1208"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4616
x-proxy-cache: HIT

GET
H2 200 /
4d2c79d385.cec741d143.com/in/show/ 0
200 B 79ms
52ms Image
text/plain 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4d2c79d385.cec741d143.com/in/show/?tag_ab=d&site_id=31418776&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&refdom=poop.com.co&auction_time=1710991396&subid=388464194&sid=1674597962&tcid=0&ver=8.154.1&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-21&iabcat=IAB25-3&keywords=&user_fp=16677902544460865422&score=51.75850495603631&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fe%252FyaWQO86yW04%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=08b734bd08ce908bdc1a036c541a910d&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDEYaNsqMgRGDRo0WYcLAkNGCRowyZlCagXGjhYwaOXKIgZEDx40yNmaIcDhHTBoyCnVsETEDBw6QLnPQENHF4Rg3SWPAmAHDYZg6YzDaAJkjhtYZZW3QjFFDBlocQ0UYJYMxDZ0ybb7EiGvQzkK3IHE4hFNHzMIaM9p6hXNRhwwZLm0QhSNRBw0aMmiWdVgGD50vcyh_jOHzho24Y9o0ppHDhlaKD8mYWdhQrhs3C2eUxCG1q4g2bjxapgEDh4zBwIXHuAEDhmQRdfbqGEjH4hwdL16ceeMCeJjQbVyMedPmxZw2YeRY3PhCZA0xNnKYsTHyRowwM8aYIeM2DA0zJYVxwwxl4ODcGDSIAVIY--VQxoAq2WCQgmXIYMNYNdRABhk32GeGGT_UMQdCSZDRA3M5MDhGU2UgZkYZYtQwoHGtmUFDUziYMcYNMorB4w00mkSGhDXAJFsZBYpRYIZj4GADf2SQxEUdzVnYBl5KylFiD0RIEUYNS1wBAxNZJHGFHkxQcQYdbqDRRh5OnFEHEW_gEMN-PF6W2Q1l5aAbDTxG8QYUV1zRBhJuzOAGHlSkYYMeR0gBxxNoqDFEGmqIgcQYUVDxxBtxeKYFEzUgwYQQd9RxRw5LNPEEE0WsYcYZU0iRhAxrHPrEEUyg0YIQSNjBxBM5OHGDEVVQEYcUaWDBRhhJfEGFFDhgEUQUTjSRBA1U0BCEGmeIoUURd-Chx41OILFEGjDgoUYcZaShxBdnVJFEl1WkMWWVNszxRh1yjFHGlnpqFsO-K9kAhww98OZUawhbCEcMPTjBRMQKz9BDXGSQh5FGG4lHnsiohVHZFrpVlVHAC8HgQnM0zeCQGLPp4PIMlw1oFRx5wcGyzS7YkFkNDslhR2NscTYGzy27oDN0daSBUQwXdpjDSjVcBlJxNmT9WFxpNCZCDjW4IINZLsSQU9o1wBBXHWFg1MQbeqTBxrMvlA0DCChckYYbHd8xBwhOUAGCVi_vAILfboylOB5jpQBCEIyxUcYVMK5LR94z3ODCDDbwvQQSVDTBBAsgsJHGGmWAcIRIa7wh-RBoyEFeGS_E8NjLQVsYQ9oy4ADCFAymlwbnnoOOWljTWRzXG3J8MQbzIjjvEBvUWy_CQXZ8IUcZbEwkYw1sPdVc0Wfg5piMsHH_hRhyLCTY9mV038YbdDlmJw0OkWH7RA55Q1L4t7I34CEPCyHg92pGHetg5wUgg4PIwjOe9rwgD2G4QhSe4KQ8iGkqRDEaRmxHB5NBrwV1cINdWuAaF5BhR8-bgwh1gDPQXc0GOABd_6h3kC-88AZxoUMbJmIfnpQFLc8RogyIqJWcxACJZoGNQbxXhtB8wWRMNOITW8OZ7oXBcupJCspqoLIwiKEy9DPDV9ggkcFgr2VWEQ4M-qCAgAA%253D%26s%3De42dc258e656c968b50afc24f0c350ba0a04dc371efb8eb018cc08b4b1e3c7401710991396&icons=eEkkcwy1Y_NIcXpVb-Xiso5JNsjdK0WXZN7oM5FfQNgWMRO-6Auhr11yBcDXgeBtzO6p4lnmXn7Iu_27JVFV9EyYuE_cpRu8XKqVWBIWYd-zJjMbTUocBdP6aVWFJVF7IPI4PxepCYHwDTpStqWHz7Im7MRGtErkU55WhpyU9mPkjFbkCw&ext_cid=496101&pop_price=0.0006205000000000001&pop_ecpm=0.031041832305795318&px_id=418776&min_cpm=0.017597807644882862&out_id=1&campaign_type=lq-pop-ext&aid=2010&cid=10966&uniq=&mid=6469110391607152398&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.60809&cpm=0&verify_hash=ae3917ef0db15736b237e099cbe79865&is_native=3&real_bid=0.60809&pop_real_cpm=0.6205&pop_real_bid=0.00060809&original_bid_usd=0.6205&original_bid=0.6205&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&ip_mismatch=2001:1af8:4020:a034:9876::7&geo=NL&carrier=-&label_ids=4,5,27,129,108,0&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp&site=native-push-adult&price=0.6205&hostname=auc-inpage-hz-11-b&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0006205000000000001&ext_campaign_id_str=496101&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=6e7cdee7-976b-4858-aa01-8d83013bd628&prev_step_diff=469
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:23:16 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ Frame 3068 1 KB
1 KB 411ms
106ms Image
image/webp 2a02:b48:8301::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Requested by: Host: bd2e9c4479.bea988787c.com
URL: https://bd2e9c4479.bea988787c.com/63145998d934c9f43e1e60f4427b5a4b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 21 Mar 2025 03:23:16 GMT
date: Thu, 21 Mar 2024 03:23:16 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-42a"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1066
x-proxy-cache: HIT

GET
H2 200 /
4d2c79d385.cec741d143.com/in/show/ 0
200 B 49ms
26ms Image
text/plain 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4d2c79d385.cec741d143.com/in/show/?tag_ab=d&site_id=31418776&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&refdom=poop.com.co&auction_time=1710991396&subid=388464194&sid=1674597962&tcid=0&ver=8.154.1&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-21&iabcat=IAB25-3&keywords=&user_fp=16677902544460865422&score=51.75850495603631&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fe%252FyaWQO86yW04%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDEYaNsqMgRGDRo0WYcLAkNGCRowyZlCagXGjhYwaOXKIgZEDx40yNmaIcDhHTBoyCnVsETEDBw6QLnPQENHF4Rg3SWPAmAHDYZg6YzDaAJkjhtYZZW3QjFFDBlocQ0UYJYMxDZ0ybb7EiGvQzkK3IHE4hFNHzMIaM9p6hXNRhwwZLm0QhSNRBw0aMmiWdVgGD50vcyh_jOHzho24Y9o0ppHDhlaKD8mYWdhQrhs3C2eUxCG1q4g2bjxapgEDh4zBwIXHuAEDhmQRdfbqGEjH4hwdL16ceeMCeJjQbVyMedPmxZw2YeRY3PhCZA0xNnKYsTHyRowwM8aYIeM2DA0zJYVxwwxl4ODcGDSIAVIY--VQxoAq2WCQgmXIYMNYNdRABhk32GeGGT_UMQdCSZDRA3M5MDhGU2UgZkYZYtQwoHGtmUFDUziYMcYNMorB4w00mkSGhDXAJFsZBYpRYIZj4GADf2SQxEUdzVnYBl5KylFiD0RIEUYNS1wBAxNZJHGFHkxQcQYdbqDRRh5OnFEHEW_gEMN-PF6W2Q1l5aAbDTxG8QYUV1zRBhJuzOAGHlSkYYMeR0gBxxNoqDFEGmqIgcQYUVDxxBtxeKYFEzUgwYQQd9RxRw5LNPEEE0WsYcYZU0iRhAxrHPrEEUyg0YIQSNjBxBM5OHGDEVVQEYcUaWDBRhhJfEGFFDhgEUQUTjSRBA1U0BCEGmeIoUURd-Chx41OILFEGjDgoUYcZaShxBdnVJFEl1WkMWWVNszxRh1yjFHGlnpqFsO-K9kAhww98OZUawhbCEcMPTjBRMQKz9BDXGSQh5FGG4lHnsiohVHZFrpVlVHAC8HgQnM0zeCQGLPp4PIMlw1oFRx5wcGyzS7YkFkNDslhR2NscTYGzy27oDN0daSBUQwXdpjDSjVcBlJxNmT9WFxpNCZCDjW4IINZLsSQU9o1wBBXHWFg1MQbeqTBxrMvlA0DCChckYYbHd8xBwhOUAGCVi_vAILfboylOB5jpQBCEIyxUcYVMK5LR94z3ODCDDbwvQQSVDTBBAsgsJHGGmWAcIRIa7wh-RBoyEFeGS_E8NjLQVsYQ9oy4ADCFAymlwbnnoOOWljTWRzXG3J8MQbzIjjvEBvUWy_CQXZ8IUcZbEwkYw1sPdVc0Wfg5piMsHH_hRhyLCTY9mV038YbdDlmJw0OkWH7RA55Q1L4t7I34CEPCyHg92pGHetg5wUgg4PIwjOe9rwgD2G4QhSe4KQ8iGkqRDEaRmxHB5NBrwV1cINdWuAaF5BhR8-bgwh1gDPQXc0GOABd_6h3kC-88AZxoUMbJmIfnpQFLc8RogyIqJWcxACJZoGNQbxXhtB8wWRMNOITW8OZ7oXBcupJCspqoLIwiKEy9DPDV9ggkcFgr2VWEQ4M-qCAgAA%253D%26s%3De42dc258e656c968b50afc24f0c350ba0a04dc371efb8eb018cc08b4b1e3c7401710991396&icons=9Ow-JbTsTJpPYa_U8pNDyEILez_1tPWQedRqQ7tmAt-oFRrwGTX94H0qIHMZG4eX2QjChjIZ5q6HNs_8OmdFzz_5fb5kuorW8rY-wEvFE_Z54z61oK-sLT3Wv0TPZTHfMvHNWkDdJCSvhqbIi915mzJv3xyFfUhVkD0HjiB6ZYI4rtPVIg&ext_cid=496101&pop_price=0.0006205000000000001&pop_ecpm=0.031041832305795318&px_id=418776&min_cpm=0.017597807644882862&out_id=0&campaign_type=lq-pop-ext&aid=2010&cid=10966&uniq=&mid=6469110391607152398&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.60809&cpm=0&verify_hash=ae3917ef0db15736b237e099cbe79865&is_native=3&real_bid=0.60809&pop_real_cpm=0.6205&pop_real_bid=0.00060809&original_bid_usd=0.6205&original_bid=0.6205&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&ip_mismatch=2001:1af8:4020:a034:9876::7&geo=NL&carrier=-&label_ids=20,27,108,0,4&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.6205&hostname=auc-inpage-hz-11-b&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0006205000000000001&ext_campaign_id_str=496101&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&st=0.01&cpa=7a658164-24d1-476c-b505-5469879cfa2d&prev_step_diff=469
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:23:16 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ Frame 3068 486 B
698 B 421ms
117ms Image
image/webp 2a02:b48:8301::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&st=0.01&cpa=125343ee-89c1-4685-ac48-ee163d1e3c7a&prev_step_diff=469
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 21 Mar 2025 03:23:16 GMT
date: Thu, 21 Mar 2024 03:23:16 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1e6"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 486
x-proxy-cache: HIT

GET
H/1.1 200
OK 64343 Show response
fikedaquabib.com/rotaInGRWQGA24/ Frame 9F39 0
1 KB 340ms
17ms Script
application/javascript 23.109.170.97
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://fikedaquabib.com/rotaInGRWQGA24/64343

Requested by

Host: metrolagu.cam
URL: https://metrolagu.cam/video?q=jinan-laetitia-symbols

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.170.97 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 03:23:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://metrolagu.cam
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ Frame 9F39 87 KB
28 KB 41ms
23ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: metrolagu.cam
URL: https://metrolagu.cam/video?q=jinan-laetitia-symbols

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://metrolagu.cam/
Origin: https://metrolagu.cam
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 128734
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qo8tMMmuYl%2Fhsb%2Frc%2Fc6P09PDHuEfrHqICF5%2B7L34PalFfvLnQFXRJPz6s0UvUGUPfmb%2BEnFb9WBcxYf744RU3%2B6lMLSFfloGSqMNnLVffIqDDT0rSmFwF9mxIBi%2FBa%2BL5x6v1JP9axuW8V0LWENVIFR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 867ad2847c3366ec-AMS
expires: Tue, 11 Mar 2025 03:23:16 GMT

GET
H3 200 embed.css
metrolagu.cam/ Frame 9F39 1 KB
833 B 22ms
22ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrolagu.cam/embed.css
Requested by: Host: metrolagu.cam
URL: https://metrolagu.cam/video?q=jinan-laetitia-symbols
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/video?q=jinan-laetitia-symbols
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Sep 2023 15:07:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 33754
etag: W/"651596cf-446"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2FAno4DmRkisS8qtEbTbo75yG2UxFirc4nvG1wZ68U%2FKTsgg44ksv7MR8xL8fN7Dbja7CcAwqdwo050rD1q2xdkPaP5LEMCd%2FvQ5l6vJT3Zux9%2Buf8Exy4GJzGFlMfHzIjy21fp8K0wHfk%2B5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 867ad2845d9b66fd-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Mar 2024 06:00:42 GMT

GET
H2 200 yhan777ezktll7tw.jpg
img.doodcdn.co/snaps/ Frame 9F39 42 KB
42 KB 25ms
25ms Image
image/jpeg 2606:4700:20::ac43:46be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.doodcdn.co/snaps/yhan777ezktll7tw.jpg
Requested by: Host: metrolagu.cam
URL: https://metrolagu.cam/video?q=jinan-laetitia-symbols
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19aa8a2bfafbf0d70e6a5973b1d7fe8346d4f9e6a4310530297136f913acb84

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:23:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
cf-polished: origSize=43338
alt-svc: h3=":443"; ma=86400
content-length: 42992
cf-bgj: imgq:100,h2pri
last-modified: Thu, 04 Jan 2024 12:25:23 GMT
server: cloudflare
etag: "6596a3b3-a94a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u25lF4BlnYlTebntm2w2vYXLMGvIWwL0SsbttaDZWjkZCsNpzAv4OFbzfqzSDEwwoHj9wkncGt4sjW1bI80s75rdqh6W7p5uRFibDNsgmiF62vL28jFVexddfpCtuFKFJOCP6aBI3X0xlJ9s"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 867ad2845def66c0-AMS
expires: Wed, 03 Apr 2024 16:48:02 GMT

GET
H3 200 adus.js Show response
metrolagu.cam/ Frame 9F39 532 B
785 B 21ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrolagu.cam/adus.js
Requested by: Host: metrolagu.cam
URL: https://metrolagu.cam/video?q=jinan-laetitia-symbols
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edd026699ef3c73fff84b39eb624af3bcb6d5732513ceef2ef1c36068e311eea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/video?q=jinan-laetitia-symbols
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 02:26:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 38311
etag: W/"657bb94e-214"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DVg1xR589ixwPc%2BxcffMKl9A8MoGs%2B%2Fugreld8V8qGGc7TX7IequOROWEi3HacwIpfs2TzpvLP2Hkyn24cShO6xXDsgYkDVWtgfmj5%2BqC1yPHvuaBhATVEpRcH%2F6Osw7AZe5ma%2BTe7OSunRh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 867ad2845d9c66fd-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Mar 2024 04:44:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9F39 146 KB
50 KB 91ms
35ms Fetch
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: metrolagu.cam
URL: https://metrolagu.cam/video?q=jinan-laetitia-symbols

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b478133c412e140c27a4acbaefa91b7d0f5bf3d05695ff5d7a1cf79090e2da5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51076
x-xss-protection: 0
server: cafe
etag: 3545086906965122994
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 03:23:16 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.poop.com.co/	1970-01-21 04:52:31	Name: _ga_RRBBHD087X Value: GS1.1.1710991395.1.0.1710991395.0.0.0
.poop.com.co/	1970-01-21 04:52:31	Name: _ga Value: GA1.1.423636126.1710991396
fp.metricswpsh.com/	1970-01-21 04:02:07	Name: id Value: 519756629831437007
meenetiy.com/	1970-01-21 04:02:07	Name: oaidts Value: 1710991396
my.rtmark.net/	1970-01-21 04:02:07	Name: ID Value: ba7b54b71c25448c84d5dd6cbc69202a
meenetiy.com/	1970-01-21 04:02:07	Name: OAID Value: ba7b54b71c25448c84d5dd6cbc69202a
meenetiy.com/	1970-01-20 19:26:36	Name: syncedCookie Value: true
fikedaquabib.com/	1970-01-20 19:17:57	Name: GL_UI4 Value: eJw9jU1ugzAYRPknSQPpSBwgR7BRQeqy6iG6RAZ%2FEDdgR8YF9fa1KrWreRq90QRBEFUXhFt2RPwlGlyHemRSEO%2Bpbljbtoy9NKwem57z5lUKhqNaOyf6mVyCw7oI6zq3JThPpMmqoRuMpALP3vpr7trsOkHaW6FlgXTxxlwg763ZV7JVjESLhZC936zxmS7i01jEvK49K%2B05ZIjMWsXlCfmH0tIPyzMizsoyC%2FD0mIUbjV06JbMQ6WSFJIRvOAzC0WTsN3JJ692ZB2Bm2f37v7%2FxzhkySZsa%2FLlxN7I%2F9elODQ%3D%3D
fikedaquabib.com/	1970-01-20 19:17:57	Name: GL_GI10 Value: eJwVxL0KwjAUBtDcO1QEK3zYxa1PEBqhQ1Z%2FcBFHnWN70YImIQmCb68O5yiluFmAp4il7fXGGG2s1abvQHfw%2FgAePGZHSS%2FnP6BUg5OvQcPPhPVJXJar3NqzlIekp%2FNjbrf6osE%2BY74LKYbkioBiReAS%2FuexUaB3tfoCibkcJQ%3D%3D

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJsM65EJqxb6JdgYRx0eKRKc5OJt4ScPQkml8qlHuBrRPaW6FMa6K3KfpTxDzP1xpmyQ1fK&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-939029347%3A1710991396071297&theme=mn&ddm=0 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d2c79d385.cec741d143.com
89d9c155c8.a8bd627b41.com
accounts.google.com
assets.poopcdn.com
bd2e9c4479.bea988787c.com
cdnjs.cloudflare.com
fikedaquabib.com
fp.metricswpsh.com
img.doodcdn.co
mcpuwpsh.com
meenetiy.com
metrolagu.cam
mp4skin.com
my.rtmark.net
nereserv.com
pagead2.googlesyndication.com
poop.com.co
region1.google-analytics.com
static.bookmsg.com
static.qualiclicks.com
storage.multstorage.com
www.googletagmanager.com
xml.qualiclicks.com
139.45.195.8
139.45.197.245
157.90.84.242
157.90.84.246
2001:4860:4802:34::36
23.109.170.97
2604:9e00:1:129::2:b1f
2606:4700:20::ac43:46be
2606:4700:3032::6815:1ef2
2606:4700::6811:180e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2008
2a00:1450:400c:c00::54
2a01:4f8:c0:2306::1
2a01:4f8:e0:19cb::1
2a02:26f0:780::210:a459
2a02:b48:8301::24
2a06:98c1:3120::3
2a06:98c1:3121::3
45.133.44.53
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d41bac5fac83ca33fd47e676088947be85d5877544f5d7a623a6c2594ae663a
1b478133c412e140c27a4acbaefa91b7d0f5bf3d05695ff5d7a1cf79090e2da5
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
1e3b8b7206ed49666391343a4507adde0ddff82cc8fa6eb013434b3fbab5dfed
206d526e32959ce92da664b9e30be583c2500a6427800ecf2f8718b16ede188c
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee
361540ac8047f9e65b9db4966125eb66d084de3057b5e1c48942c0e1aebe2a44
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
45887a60e0c49f2d7be29a04aba720b803cf63bf7a2d97c40afd393ad272406f
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
58803cbff0928f473e5a1f5adb6d9194a433b6a4628e24670899a0d1ffa9046a
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf
6ffa75ff0d4f53825db2a7bad04e1dd584ae257df8b32a757c3c0f39a78b0c0f
7214b254c3ccf66fde8f6019244d6694699da76699b20d351cc4ed57839b91b1
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
a15e6b831f6600468e67fd50e2106b81c210a7de59ceb0ab14941c2318091818
add2866f026cbda27b4d165cc318c81d24601f85e529ae5658718b76227d02a1
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
b80ffacc368b39195c4cf0fe32148f99e36ea9fc0f6a2a061f8fecccb8dae03c
c19aa8a2bfafbf0d70e6a5973b1d7fe8346d4f9e6a4310530297136f913acb84
c3eae06a7c260d2074d89a993d602ee61ebbfe67bed85dd43a7a15066a409e2f
c71160fa1d00ba23f881b7f5981ad03f090e7ddab9318f6ad2c2fd1955edc872
cb7fa2ecd0768c6dd7bec924cabbb3482aaa94170aa090e615671b51538d002d
cf8b859a65e3669622e5aa6401f39c89a262f6b612b867e223d72cee57dbe681
d2824497eae1b02af5e5c71aba1755fd6669f1038afc928feae8f13a94032c04
debd9647eddaaacaba09b81371fd2e331f952904d7c7f635955b6e213e6a4ee4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48f9fa2d05db0d1c450fea8f640b1aebc6c4430ef1a5b54bb6506679f334030
eb4c32eeb8c9131cdcf29a7f976e892c59b387c2aaf9a5a7ca704d2fc1e236df
ecea67acc924870fea52af37f094820ec38d2d7fe824eb8dc1bfaaaf220d6c45
edd026699ef3c73fff84b39eb624af3bcb6d5732513ceef2ef1c36068e311eea
f3fb88af12012a747b199e21f2ff257adfcb58dd20ac92b40c562defc74bea47
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fec602a8e68354fcb170f819b045733ae2d6d8600786489fe7243fad96dd21ee

poop.com.co Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

94 %HTTPS

70 %IPv6

22 Domains

23 Subdomains

20 IPs

5 Countries

607 kBTransfer

1745 kBSize

9 Cookies

0 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

poop.com.co Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

94 %
HTTPS

70 %
IPv6

22
Domains

23
Subdomains

20
IPs

5
Countries

607 kB
Transfer

1745 kB
Size

9
Cookies

49 HTTP transactions
1 data transactions