poop.com.co Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://poop.com.co/e/yaWQO86yW04
Submission: On March 10 via manual (March 10th 2024, 7:53:32 pm UTC) from ID — Scanned from NL

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 21 domains to perform 52 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is poop.com.co. The Cisco Umbrella rank of the primary domain is 99019.
TLS certificate: Issued by E1 on February 11th 2024. Valid for: 3 months.

This is the only time poop.com.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::ac43:46be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:303... 2606:4700:3032::ac43:ae33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
2 3	2a00:1450:400... 2a00:1450:400c:c0a::54	15169 (GOOGLE) (GOOGLE)
2	168.119.25.102 168.119.25.102	24940 (HETZNER-AS) (HETZNER-AS)
8	2a01:4f8:1060... 2a01:4f8:1060:13eb::2	24940 (HETZNER-AS) (HETZNER-AS)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	139.45.197.244 139.45.197.244	9002 (RETN-AS) (RETN-AS)
1	2a01:4f8:c0:2... 2a01:4f8:c0:2306::1	24940 (HETZNER-AS) (HETZNER-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
8	2a02:b48:8300... 2a02:b48:8300::24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	23.109.170.67 23.109.170.67	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
52	21

5 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

poop.com.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yu2be.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:46be (United States)

ASN13335 (CLOUDFLARENET, US)

img.doodcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

metrolagu.cam	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

034d351e60.c67209d67f.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:ae33 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.multstorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

0265280ef1.308d13be14.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::54 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.25.102 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.102.25.119.168.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a01:4f8:1060:13eb::2 (Germany)

ASN24940 (HETZNER-AS, DE)

6a5bc5ad4b.a0a8053f14.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)

mordoops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:c0:2306::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

mcpuwpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:b48:8300::24 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.170.67 (Netherlands)

ASN7979 (SERVERS-COM, US)

fikedaquabib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 40008	20 KB
8	a0a8053f14.com 6a5bc5ad4b.a0a8053f14.com	11 KB
5	c67209d67f.com 034d351e60.c67209d67f.com	217 KB
5	metrolagu.cam metrolagu.cam — Cisco Umbrella Rank: 109968	6 KB
4	yu2be.com yu2be.com — Cisco Umbrella Rank: 127838	21 KB
3	mordoops.com mordoops.com — Cisco Umbrella Rank: 133907	32 KB
3	google.com 2 redirects accounts.google.com — Cisco Umbrella Rank: 20	2 KB
2	nereserv.com nereserv.com — Cisco Umbrella Rank: 38055	401 B
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 40708	430 B
2	doodcdn.co img.doodcdn.co — Cisco Umbrella Rank: 35229	85 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	50 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	28 KB
1	fikedaquabib.com fikedaquabib.com — Cisco Umbrella Rank: 120911	1 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11818	541 B
1	mcpuwpsh.com mcpuwpsh.com — Cisco Umbrella Rank: 63777	4 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2089	251 B
1	308d13be14.com 0265280ef1.308d13be14.com	207 B
1	multstorage.com storage.multstorage.com — Cisco Umbrella Rank: 34382	905 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	94 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	33 KB
1	poop.com.co poop.com.co — Cisco Umbrella Rank: 99019	5 KB
52	21

	Domain	Requested by
8	static.bookmsg.com	034d351e60.c67209d67f.com
8	6a5bc5ad4b.a0a8053f14.com	034d351e60.c67209d67f.com
5	034d351e60.c67209d67f.com	poop.com.co 034d351e60.c67209d67f.com
5	metrolagu.cam	poop.com.co yu2be.com metrolagu.cam
4	yu2be.com	poop.com.co yu2be.com
3	mordoops.com	yu2be.com mordoops.com
3	accounts.google.com	2 redirects poop.com.co
2	nereserv.com	034d351e60.c67209d67f.com
2	fp.metricswpsh.com	034d351e60.c67209d67f.com
2	img.doodcdn.co	poop.com.co metrolagu.cam
1	pagead2.googlesyndication.com	metrolagu.cam
1	cdnjs.cloudflare.com	metrolagu.cam
1	fikedaquabib.com	metrolagu.cam
1	my.rtmark.net	mordoops.com
1	mcpuwpsh.com	034d351e60.c67209d67f.com
1	region1.google-analytics.com	www.googletagmanager.com
1	0265280ef1.308d13be14.com	034d351e60.c67209d67f.com
1	storage.multstorage.com	034d351e60.c67209d67f.com
1	www.googletagmanager.com	poop.com.co
1	code.jquery.com	poop.com.co
1	poop.com.co
52	21

This site contains no links.

Subject Issuer	Validity	Valid
poop.com.co E1	`2024-02-11` - `2024-05-11`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
doodcdn.co Cloudflare Inc ECC CA-3	`2024-01-12` - `2024-12-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
metrolagu.cam GTS CA 1P5	`2024-02-15` - `2024-05-15`	3 months	crt.sh
yu2be.com E1	`2024-02-15` - `2024-05-15`	3 months	crt.sh
034d351e60.c67209d67f.com R3	`2024-03-07` - `2024-06-05`	3 months	crt.sh
multstorage.com GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
0265280ef1.308d13be14.com R3	`2024-03-07` - `2024-06-05`	3 months	crt.sh
notification.tubecup.net R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
a0a8053f14.com R3	`2024-03-06` - `2024-06-04`	3 months	crt.sh
mordoops.com R3	`2024-02-08` - `2024-05-08`	3 months	crt.sh
puwpush.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
static.bookmsg.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
fikedaquabib.com R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://poop.com.co/e/yaWQO86yW04
Frame ID: 84AAB05CE378E60A5308459E52BC9C7C
Requests: 28 HTTP requests in this frame

Frame: https://yu2be.com/video?q=kedua+kalinya
Frame ID: 7F1F63B2F8465DACDFDB7C359E2FA3E7
Requests: 8 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 4D71958BE1FB383651D609C589F671CA
Requests: 1 HTTP requests in this frame

Frame: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Frame ID: A097CB7181FC5363AE37F05149A5D01E
Requests: 8 HTTP requests in this frame

Frame: https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.01&cpa=20fabc76-35aa-4e79-b158-5be597fca119&prev_step_diff=504
Frame ID: C38CF92ADF4D36DF441DB80C2303AA09
Requests: 2 HTTP requests in this frame

Frame: https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp
Frame ID: 90B6F7ABD2F0D86C7C5FB3A27F5C54E6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live Show-Nanaa 19 thn - PoopHD

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

96 %
HTTPS

65 %
IPv6

21
Domains

21
Subdomains

21
IPs

5
Countries

610 kB
Transfer

1781 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ATuJsjzGJzjlNVDQYqqht_wNIP0JEEOxm642cgQzIwTittz-iDJWMtrw9TjAObxJ3oRS9qhAl7gnzg HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjzObOBpZR7eAKiAIsAZIIDmz48eo7W6BzDhNINOUmwg5njxD0yxF3bRR4nDz16f5T9PeTrBqg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-384936026%3A1710100407773779&theme=glif

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request yaWQO86yW04 Show response
poop.com.co/e/ 11 KB
5 KB 245ms
184ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94e37f1130fb5ba08c00df7e352e4804d0905715e7bec2623bb72395cb277d37

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: MISS
cf-ray: 8625d9d869795c4d-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 19:53:27 GMT
last-modified: Sun, 10 Mar 2024 19:53:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZxYmrdIaiLeRbENBa7LOxLwOZFknV%2Fa5v2j2Lys2l5atrSlAJVSg9EA73Ofkm62eLO6M0KAgh%2Fxnlx8R%2FRR4Uo%2BjBYAZRe89d81G1K7EvhMVKSMpFLERivIP2WKk0d9PLgj%2BaTxNzckbw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 jquery-latest.min.js Show response
code.jquery.com/ 94 KB
33 KB 97ms
17ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.min.js
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:27 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 15298208
x-cache: HIT, HIT
content-length: 33202
x-served-by: cache-lga21983-LGA, cache-ams21075-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1710100407.371782,VS0,VE0
etag: W/"28feccc0-1762a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 18, 128328

GET
H2 200 yhan777ezktll7tw.jpg
img.doodcdn.co/snaps/ 42 KB
43 KB 110ms
30ms Image
image/jpeg 2606:4700:20::ac43:46be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.doodcdn.co/snaps/yhan777ezktll7tw.jpg
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19aa8a2bfafbf0d70e6a5973b1d7fe8346d4f9e6a4310530297136f913acb84

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54720
cf-polished: origSize=43338
alt-svc: h3=":443"; ma=86400
content-length: 42992
cf-bgj: imgq:100,h2pri
last-modified: Thu, 04 Jan 2024 12:25:23 GMT
server: cloudflare
etag: "6596a3b3-a94a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoLBZ2e8YIoOYRHQkE%2FCHaOqDfj24C0vnYa0jFFrlInId3GqDnSO%2Bo7TCawyYDasVUlJbrykb%2FdDzxy3Bffp6HrsbFun4v4IVR0nzxiXCzg2u83x3lrNFwoV7URX%2BGopbHL%2F3FGy1CAAMewt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8625d9da1b4c669d-AMS
expires: Sun, 24 Mar 2024 02:48:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
94 KB 165ms
59ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X

Requested by

Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3675ccb774b21bd9fac734688b9de80712d8a2973f687fc0d491c3da96c56112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96267
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Mar 2024 19:53:27 GMT

GET
H2 200 play.svg
metrolagu.cam/ 633 B
832 B 88ms
28ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metrolagu.cam/play.svg
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 10:51:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6551
etag: W/"650c2028-279"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFyZjJ50kriBfMYgaExvGoae5Zd2juGBzV2Dxl9eEG99T6tzX7%2FoNr0%2FdF0fNNSsqErUI8qOgNEtAq1aZV4NFwAlv5edxjsxExUY4Yfo0jzlXv%2FYVlRSLFGBvWJCXyniRzsZNYugBcz7Nq1g"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8625d9daad46b94b-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 3430577936384f51576179 Show response
yu2be.com/embud/ Frame 7F1F 244 B
603 B 233ms
187ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yu2be.com/embud/3430577936384f51576179
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1345bd7f62feb669a87ac29f56bc522076f413d10ed20bab934cec5483264be0

Request headers

Referer: https://poop.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8625d9da99000a54-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 19:53:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzDZdw7Abt31g7xCdJb9tJGKT2KOItiwjsMAxuLItmdZ%2BMmAXw6BVnn1%2FTVwYRjoU0vKqmaXAcASL6407%2FdcxQONL%2Breavo9NRWyLTRQ4sG%2B2m9PibJRj00XUXjxBAEvmKp5chl57Ho%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 b08e7917f73cd30c5d25f0937ac1d5d5.js Show response
034d351e60.c67209d67f.com/ 104 KB
35 KB 68ms
16ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://034d351e60.c67209d67f.com/b08e7917f73cd30c5d25f0937ac1d5d5.js
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f4a6bd7c4c4b744112e7a17254201adcffb90ff1f99d0aff97e059b6af2a84d6

Request headers

Referer: https://poop.com.co/
Origin: https://poop.com.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sun, 10 Mar 2024 19:58:27 GMT
date: Sun, 10 Mar 2024 19:53:27 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 14:52:22 GMT
server: nginx/1.18.0
etag: W/"65e731a6-1a102"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 114039 Show response
034d351e60.c67209d67f.com/00b4f0b849b9efa16a014dd78efc3b93/ 3 KB
3 KB 16ms
16ms XHR
application/json 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://034d351e60.c67209d67f.com/00b4f0b849b9efa16a014dd78efc3b93/114039?version_name=b
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/b08e7917f73cd30c5d25f0937ac1d5d5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f27a16024039a75750adf7bde231f20e2a42fd548d1405ece86f56da2490137d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 10 Mar 2024 19:53:27 GMT
cache-control: max-age=300
x-proxy-cache: HIT
server: nginx/1.18.0
content-type: application/json
expires: Sun, 10 Mar 2024 19:58:27 GMT

GET
H2 200 count.html Show response
storage.multstorage.com/log/ Frame 4D71 882 B
905 B 92ms
37ms Document
text/html 2606:4700:3032::ac43:ae33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.multstorage.com/log/count.html
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/b08e7917f73cd30c5d25f0937ac1d5d5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ae33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

Request headers

Referer: https://poop.com.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8625d9db7fdeb8cc-AMS
content-encoding: br
content-type: text/html
date: Sun, 10 Mar 2024 19:53:27 GMT
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnFbgAttaHb9nF3ekeqcP9Yl0Gku86XNjE6PWbiXkv60MBSPF2HzNtFlWgGAOlq6e%2Bla%2FWyZGo9lMy92ot4JaNHxFz1O2Gvmw3Jg3sf1G8eOj3nZjoyGTXm08GUBQElByM33wD%2BtSCBzjx23K%2FVscEBWmB%2FyUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-request-id: 0492d92cd3015321c25966e5466fd536

GET
H2 200 track Show response
0265280ef1.308d13be14.com/in/ 0
207 B 98ms
44ms XHR
text/plain 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://0265280ef1.308d13be14.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI3NjgzMDY5MjQwNjk1NjgxMDAwIiwidGltZXpvbmUiOjEsInZlciI6IjMuMTEwLjAiLCJ0YWdfaWQiOjExNDAzOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV1cm9wZS9BbXN0ZXJkYW0iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4wMywiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiTGl2ZSUyQ1Nob3ctTmFuYWElMkMxOSUyQ3RobiUyQ1Bvb3BIRCJ9
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/b08e7917f73cd30c5d25f0937ac1d5d5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 19:53:27 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 59294f08d8badc7a5d5226d6cee85a6d.js Show response
034d351e60.c67209d67f.com/ 96 KB
27 KB 51ms
18ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://034d351e60.c67209d67f.com/59294f08d8badc7a5d5226d6cee85a6d.js
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/b08e7917f73cd30c5d25f0937ac1d5d5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d22423b7aa695f0e44a37f8721400a4862aa91eaee5783b8c96371e89e8299d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sun, 10 Mar 2024 19:58:27 GMT
date: Sun, 10 Mar 2024 19:53:27 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 10:01:22 GMT
server: nginx/1.18.0
etag: W/"65df0472-17e00"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 71c415ec4d0223b0a6f49a913c0af930.js Show response
034d351e60.c67209d67f.com/ 162 KB
45 KB 78ms
45ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://034d351e60.c67209d67f.com/71c415ec4d0223b0a6f49a913c0af930.js
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/b08e7917f73cd30c5d25f0937ac1d5d5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 8639d11375e69d2f4b8e3b010df15e4011f04e924c4875b4ba2f8ad8c56a5cee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sun, 10 Mar 2024 19:58:27 GMT
date: Sun, 10 Mar 2024 19:53:27 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 09:26:16 GMT
server: nginx/1.18.0
etag: W/"65e98838-286fd"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 58 B
430 B 86ms
29ms XHR
application/json 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=114039
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/b08e7917f73cd30c5d25f0937ac1d5d5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: b32a365c59dd70be8bed9d65e54a6e7e4c31eaf10da71348472fd1be1a838d59

Request headers

Referer: https://poop.com.co/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Sun, 10 Mar 2024 19:53:27 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://poop.com.co
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 58

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 88ms
27ms Preflight 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=114039
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.com.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://poop.com.co
Connection: keep-alive
Date: Sun, 10 Mar 2024 19:53:27 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 95630d8abd95fea50ca1cc3fcd781d31.js Show response
034d351e60.c67209d67f.com/ 457 KB
107 KB 18ms
18ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://034d351e60.c67209d67f.com/95630d8abd95fea50ca1cc3fcd781d31.js
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/71c415ec4d0223b0a6f49a913c0af930.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: efdbdf88a4334421f51189ed3785466cb3a91b5319d7e99e98b51890cdd2d2c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sun, 10 Mar 2024 19:58:27 GMT
date: Sun, 10 Mar 2024 19:53:27 GMT
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 14:22:26 GMT
server: nginx/1.18.0
etag: W/"65e09322-722f1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ATuJsjzGJzjlNVDQYqqht_wNIP0JEEOxm642cgQzIwTittz-iDJWMtrw9TjAO...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjzObOBpZR7eAKiAIsAZIIDmz48eo7W6BzDhNINOUmwg5njxD0yxF3bRR4nDz16f5T9PeTrBqg&passive...

0
0

37ms
37ms

Image
text/html

2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjzObOBpZR7eAKiAIsAZIIDmz48eo7W6BzDhNINOUmwg5njxD0yxF3bRR4nDz16f5T9PeTrBqg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-384936026%3A1710100407773779&theme=glif
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Server: 2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Redirect headers

date: Sun, 10 Mar 2024 19:53:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UGEea5T6VvvGQ3fL0AHzoQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjzObOBpZR7eAKiAIsAZIIDmz48eo7W6BzDhNINOUmwg5njxD0yxF3bRR4nDz16f5T9PeTrBqg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-384936026%3A1710100407773779&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dip Show response
nereserv.com/in/ 0
200 B 99ms
34ms XHR
text/plain 168.119.25.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=6d3a4e73-b526-4490-ba5b-30ad070a6275&subid=388464194&sid=260912071&spot_id=418776&created_at=2024-03-10&timezone=1&ver=8.149.0&is_native=1
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/71c415ec4d0223b0a6f49a913c0af930.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.102.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 19:53:27 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

OPTIONS
H2 204 multy
6a5bc5ad4b.a0a8053f14.com/in/ Frame 0
0 137ms
35ms Preflight 2a01:4f8:1060:13eb::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://6a5bc5ad4b.a0a8053f14.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.com.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Sun, 10 Mar 2024 19:53:27 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

POST
H2 200 multy Show response
6a5bc5ad4b.a0a8053f14.com/in/ 37 KB
5 KB 398ms
398ms XHR
application/json 2a01:4f8:1060:13eb::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://6a5bc5ad4b.a0a8053f14.com/in/multy
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/71c415ec4d0223b0a6f49a913c0af930.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 73036daca08e719050c278afe2206ef45887f417251abb56245a1015664ef2e6

Request headers

Referer: https://poop.com.co/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 19:53:28 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 4908

POST
H2 200 video Show response
yu2be.com/ Frame 7F1F 59 KB
19 KB 109ms
109ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yu2be.com/video?q=kedua+kalinya
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8070fd1dac825662a6cf2f5426b35b693ccdc7961799bea80817d894407b7f79

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://yu2be.com
Referer: https://yu2be.com/embud/3430577936384f51576179
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8625d9dbdab90a54-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 19:53:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLDsAcSVCT9GkFCCDatPHLPgF77T4ceblqYmOAj6ZZkngxWZCzkd%2FIIfO9KaS5WvrDzmfilL%2BmO9Kbi4N6OJcX7SQIchlM1LQYl9cz9oID0KBwpQfySQfxnlcpO2xdJBQOOvB8D6Azc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
BLOB 200
OK c51ca723-2d51-41aa-81ac-281dbbd4be5b
https://poop.com.co/ 204 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://poop.com.co/c51ca723-2d51-41aa-81ac-281dbbd4be5b
Requested by: Host: poop.com.co
URL: https://poop.com.co/e/yaWQO86yW04
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 204
Content-Type: text/javascript

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 92ms
32ms XHR
text/plain 168.119.25.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=4f6ba01b-437b-43ad-9fa6-f3c7052a87a4&subid=357529620&sid=3329133859&spot_id=418774&created_at=2024-03-10&timezone=1&ver=8.149.0&is_native=1
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/71c415ec4d0223b0a6f49a913c0af930.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.102.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 19:53:27 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
6a5bc5ad4b.a0a8053f14.com/in/ 37 KB
5 KB 367ms
367ms XHR
application/json 2a01:4f8:1060:13eb::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://6a5bc5ad4b.a0a8053f14.com/in/multy
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/71c415ec4d0223b0a6f49a913c0af930.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 4205da6f5112b5885551065719b763295d634783d77a6d352acf2cd48760cc32

Request headers

Referer: https://poop.com.co/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 19:53:28 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 5040

OPTIONS
H2 204 multy
6a5bc5ad4b.a0a8053f14.com/in/ Frame 0
0 133ms
35ms Preflight 2a01:4f8:1060:13eb::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://6a5bc5ad4b.a0a8053f14.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.com.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Sun, 10 Mar 2024 19:53:27 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 61ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je4360v9167878827za220&_p=1710100407397&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=671613699.1710100408&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710100407&sct=1&seg=0&dl=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&dt=Live%20Show-Nanaa%2019%20thn%20-%20PoopHD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=658
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 19:53:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://poop.com.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.css
yu2be.com/ Frame 7F1F 1 KB
869 B 30ms
30ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yu2be.com/embed.css
Requested by: Host: yu2be.com
URL: https://yu2be.com/video?q=kedua+kalinya
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yu2be.com/video?q=kedua+kalinya
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:03:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42653
etag: W/"655e96c3-446"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVAXvIHU45WEwOks8sfpp9bZEnzlB5YfnMerxCQSQTQsPMAgrm%2FWpOW3lCpgKaxiWmgfFGbjX%2BZ%2FHil5TxgU%2B7evDomf33RD1htKR55k16sm80lC3gWv2QuJmRldVWWW6Ow5Kk%2BfqF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8625d9dc9be90e4c-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 10 Mar 2024 20:02:33 GMT

HEAD
H3 200 video Show response
yu2be.com/ Frame 7F1F 0
459 B 26ms
25ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yu2be.com/video?q=kedua+kalinya
Requested by: Host: yu2be.com
URL: https://yu2be.com/video?q=kedua+kalinya
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yu2be.com/video?q=kedua+kalinya
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 10 Mar 2024 19:36:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1029
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62%2FlgTuXalMenYkwygc%2B8RAXu9rrBZi7ArXpYfZdsnSi7SMztJIdHz1K0YDW4KXNNFJWQyvuX%2FrGj4tB%2FyiW71Bm43fLgbNyB2H6YXK7ARsxNHLo%2BD6qAA69a%2FUET3njbQlDV78NoTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 8625d9dd2c8a0e4c-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
mordoops.com/5/6651943/ Frame 7F1F 3 KB
2 KB 81ms
34ms XHR
application/json 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mordoops.com/5/6651943/?oo=1&aab=1
Requested by: Host: yu2be.com
URL: https://yu2be.com/video?q=kedua+kalinya
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c7019183869bad37f67d9ea828c7d373105e87b56f0888fb0ca618d6d80f02b0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yu2be.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:27 GMT
content-encoding: gzip
x-trace-id: 42d95030d4c3ec143c1a294ff441d99b
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://yu2be.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
mordoops.com/ Frame 7F1F 84 KB
27 KB 79ms
32ms Script
text/javascript 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mordoops.com/tag.min.js

Requested by

Host: yu2be.com
URL: https://yu2be.com/video?q=kedua+kalinya

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

919fc959ac174f5e1356860473047aaceff18d805deb91e0cfce46379f49042e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yu2be.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=1
content-length: 26894
x-trace-id: 587ffd77e66ab0e1e7753d4aa1ff224d
pragma: no-cache
last-modified: Fri, 08 Mar 2024 10:22:09 GMT
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 3430577936384f51576179 Show response
metrolagu.cam/jembud/ Frame A097 242 B
480 B 188ms
188ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrolagu.cam/jembud/3430577936384f51576179
Requested by: Host: yu2be.com
URL: https://yu2be.com/video?q=kedua+kalinya
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e959470fb83b3abe33b17aa83baa92e472283eb855339f2de19457ffcbc9644f

Request headers

Referer: https://yu2be.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8625d9dd2fffb94b-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 19:53:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhpFJX2DGaXqJbcswfv%2BnhvDDCcl24n5WFSnSMW1WZW%2BRs6Xhkj5vteBdwoRA%2BXTKD3VWkYFN61ZwzAnpSJn7sMY%2B1XwY90yvP48oRHRtSfSdbmTJYMpJzmDEuIWPSLqBSlhefJYOFOrQcc6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 / Show response
mcpuwpsh.com/get/ 4 KB
4 KB 273ms
188ms Fetch
application/json 2a01:4f8:c0:2306::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mcpuwpsh.com/get/
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/59294f08d8badc7a5d5226d6cee85a6d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2306::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 7131944640688e655780503b913a16848d03792f9f6399f82d3c4cc5caa6efd6

Request headers

Referer: https://poop.com.co/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 19:53:28 GMT
server: nginx/1.16.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 3857

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 7F1F 65 B
541 B 61ms
16ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=00801b4d037746d9f57f3657e0595fa6

Requested by

Host: mordoops.com
URL: https://mordoops.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

1ea19c70a176b8da5109609de36317fe0ba65bd7e27e859b8cf4fdb6a590b121

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yu2be.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:28 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yu2be.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 / Show response
mordoops.com/ Frame 7F1F 3 KB
3 KB 19ms
18ms Fetch
application/json 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mordoops.com/?rb=ZuHk_nj0A1iGd3fnuWbhQ8miJcbCj7AYZTq9K5lrzXrmBYvN1mhSqgnwKhjJ-wLKN72t4wAheFO56t2B4AL2rMXOmASyGVlYkjABP1qSHgb5kBOly2XD7-3DCAICwDlmyFCCzjDCY0Mreg7cKIZAbFduOwas0o8cw7Pfm2jQt336wOEkHbnHVZNr14ez8jCVDRufWM-O-0mfSAEr1uDJr9CKKKqis6mFv4Jie6FY4QKGWwcgYk0NgYfUYy0fLKFbJAGXAZIoTPwsHGQ0hFzCIEsINlfIlVF44H3x7dzHbmwdRuJt3rvpC5em8FlByNOY&request_ab2=0&zoneid=6651943&js_build=iclick-v1.721.0&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=-1&wiw=-1&ww=1600&wh=1200&sah=1200&wx=0&wy=0&cw=0&wfc=2&pl=https%3A%2F%2Fyu2be.com%2Fvideo%3Fq%3Dkedua%2Bkalinya&drf=https%3A%2F%2Fyu2be.com%2Fembud%2F3430577936384f51576179&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&btz=Europe%2FAmsterdam&bto=-60&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.721.0&navlng=en-US&pnt=0&pnrc=0&bs=0f6bd8d4-b347-4429-9df0-bc41030b503e&userId=00801b4d037746d9f57f3657e0595fa6&is_mobile=false&m=link

Requested by

Host: mordoops.com
URL: https://mordoops.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

320b629edc9040286e4d0b371939c053955bedca86cc6a744cefc2512b24c7a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yu2be.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:28 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: f35777d975f5463913f671b0389130f3
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://yu2be.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 watch Show response
metrolagu.cam/ Frame A097 7 KB
3 KB 187ms
187ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 352e5fb6551b2b143f6de62dd0e4253e87c2ef9e9170e28fd77f054835a692a1

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://metrolagu.cam
Referer: https://metrolagu.cam/jembud/3430577936384f51576179
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8625d9de5f687754-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 19:53:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGoKVii2DmX%2BTVNyaIYucIxRmk%2B5FluYBm9x2oMqjmoP6W1oPkUx0EsyONC1OquCA5UTSMt9NvKLPzgw96R6ZeycBiAPzhK7a%2FdYKXR7ZYDejwImhC2P8pTaWqxGYUdRIXzzD2XiPwgpHgYf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ 486 B
698 B 59ms
18ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.01&cpa=fb65d43e-f1de-4958-be93-a7c1af61a3f4&prev_step_diff=505
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 10 Mar 2025 19:53:28 GMT
date: Sun, 10 Mar 2024 19:53:28 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1e6"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 486
x-proxy-cache: HIT

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ 1 KB
1 KB 73ms
33ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 10 Mar 2025 19:53:28 GMT
date: Sun, 10 Mar 2024 19:53:28 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-42a"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1066
x-proxy-cache: HIT

GET
H2 200 /
6a5bc5ad4b.a0a8053f14.com/in/show/ 0
201 B 112ms
37ms Image
text/plain 2a01:4f8:1060:13eb::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6a5bc5ad4b.a0a8053f14.com/in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&refdom=poop.com.co&auction_time=1710100407&subid=357529620&sid=3329133859&tcid=0&ver=8.149.0&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-10&iabcat=IAB25-3&keywords=&user_fp=15117534454193542960&score=68.90743674509442&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fe%252FyaWQO86yW04%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=36323&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpop%2Fimp%3Fauth%3D9e2uqx%26c%3DJYWxPGC3vDFNHovmEtWXLLF18m3wG8x3QNEdwSI_rgaNy89Zi7N3FlqLtA0AeyKfkbIWvUv4U9NgcgqdlDrlESJqXOhhqR7_pCAynb3_QVeEH798aFxdflpXY71gBp_SL1J1EDoi8tqXNeR74ZoRMNXcLSG3xJtrKkHsV1BAJfvSGBm4hOKmbMT7gUk-Jda1niTs0LeCDAOIh-4ubBchlGn5cISjNkmgtrIy9bot5LK3pomk-EpbtWiZndwbzdfCrxjwO04VhPqVK9hglCIGIE5O_m95jzoW2sqbDr1Q8x2qAzay42EGDIy-XR3BB_AqPr2gRWnfrcwNruwOgShGPSEOT9Jy2gUSs6MVG2GuhSSAZ9wNjR74vQOfM46fBAkYrJ7Vkx30QoQ6plitb1fg7f7RwIn8aMbMX8if0oflLiO754qcGNe-Rk1KwoHc5B94WUMNsc4PWzznr77xmieeFY9Sk3GbwuUHPd6S66gl6Y-bz3D_39SLHrH0MAP0DMzv1U2vZu1mORLcJNbZ04F5E1SAV9Yj-QEykJYVOfD1cvIxHV82riSpJIyRB7ZtJsQeO14DvtpibfCrbApLFgepNrAomxn6kV-kDHdd9y3A4LdoNcaiOlWKU50Vb3AZLHls9FngV2nIsitclfNe2g4gV3rMVSkDEQDlwBy5_7L4m1m-N3ijVzFb-JohaTy5_Vomh1L52w_1BaKdR3ZS-DaPmex_5zYydIw3JDmcTw&icons=fOjD6KwSuNgD8Z2VrDcSYUG9EVFyePxu7OZfLqeCOD1eWYAY8KytsHC_q6_wCjyou7n91r4uohMImKbXCU19K9iKBOPzXQ-MBVeyu00xyT9hQjVCMVOCtcmlRjyA2A1qE_hf9OqFstOQ7Bm3a45ULYl-_syincoOHnGe4X1wDR2HCjeZFA&ext_cid=323&px_id=53418774&min_cpm=0.012129066999843825&out_id=1&campaign_type=lq-pop&aid=3335&cid=13433&uniq=&mid=2451589858402529953&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.07300627978168646&cpm=0&verify_hash=333bbcf8c7b117f835e867e198373a58&is_native=2&real_bid=0.002247400045394896&original_bid_usd=0.0034&original_bid=0.0034&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.111%20Safari%2F537.36&ip_mismatch=2a00:1630:2:602::9&geo=NL&carrier=-&label_ids=0,4,83,89,20,27,108&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1710273207&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0034&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0000034&ext_campaign_id_str=323&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.01&cpa=caa9b37e-853b-4c1c-b82a-3c8688190764&prev_step_diff=505
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 19:53:28 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 /
6a5bc5ad4b.a0a8053f14.com/in/show/ 0
200 B 133ms
66ms Image
text/plain 2a01:4f8:1060:13eb::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6a5bc5ad4b.a0a8053f14.com/in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&refdom=poop.com.co&auction_time=1710100407&subid=357529620&sid=3329133859&tcid=0&ver=8.149.0&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-10&iabcat=IAB25-3&keywords=&user_fp=15117534454193542960&score=68.90743674509442&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fe%252FyaWQO86yW04%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=36323&crtid=08b734bd08ce908bdc1a036c541a910d&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpop%2Fimp%3Fauth%3D9e2uqx%26c%3DJYWxPGC3vDFNHovmEtWXLLF18m3wG8x3QNEdwSI_rgaNy89Zi7N3FlqLtA0AeyKfkbIWvUv4U9NgcgqdlDrlESJqXOhhqR7_pCAynb3_QVeEH798aFxdflpXY71gBp_SL1J1EDoi8tqXNeR74ZoRMNXcLSG3xJtrKkHsV1BAJfvSGBm4hOKmbMT7gUk-Jda1niTs0LeCDAOIh-4ubBchlGn5cISjNkmgtrIy9bot5LK3pomk-EpbtWiZndwbzdfCrxjwO04VhPqVK9hglCIGIE5O_m95jzoW2sqbDr1Q8x2qAzay42EGDIy-XR3BB_AqPr2gRWnfrcwNruwOgShGPSEOT9Jy2gUSs6MVG2GuhSSAZ9wNjR74vQOfM46fBAkYrJ7Vkx30QoQ6plitb1fg7f7RwIn8aMbMX8if0oflLiO754qcGNe-Rk1KwoHc5B94WUMNsc4PWzznr77xmieeFY9Sk3GbwuUHPd6S66gl6Y-bz3D_39SLHrH0MAP0DMzv1U2vZu1mORLcJNbZ04F5E1SAV9Yj-QEykJYVOfD1cvIxHV82riSpJIyRB7ZtJsQeO14DvtpibfCrbApLFgepNrAomxn6kV-kDHdd9y3A4LdoNcaiOlWKU50Vb3AZLHls9FngV2nIsitclfNe2g4gV3rMVSkDEQDlwBy5_7L4m1m-N3ijVzFb-JohaTy5_Vomh1L52w_1BaKdR3ZS-DaPmex_5zYydIw3JDmcTw&icons=Gns7BpqN-KdqVWvhb8y0l8lJcSiv_jkqg1chnNMqMVOFi7Je62JVRvr9-QsxlDbLzdWDDtRmECJsR6i3M0QvWX1Sy_Zgdikyn1EydxYIDZF9BEiHNll_YRSsdTF85n2pFDE8xsGXS9fcTnQymJmhxueACmvAI_VoS2shP8f86GL6ZHs-XQ&ext_cid=323&px_id=53418774&min_cpm=0.012129066999843825&out_id=0&campaign_type=lq-pop&aid=3335&cid=13433&uniq=&mid=2451589858402529953&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.07300627978168646&cpm=0&verify_hash=333bbcf8c7b117f835e867e198373a58&is_native=2&real_bid=0.002247400045394896&original_bid_usd=0.0034&original_bid=0.0034&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.111%20Safari%2F537.36&ip_mismatch=2a00:1630:2:602::9&geo=NL&carrier=-&label_ids=129,4,89,27,5,108,0,83&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1710273207&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp&site=native-push-adult&price=0.0034&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0000034&ext_campaign_id_str=323&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.01&cpa=e1ec9f4b-dcd8-4ceb-b710-43b2f7d41544&prev_step_diff=505
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 19:53:28 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp
static.bookmsg.com/creatives/SG/ Frame C38C 1 KB
1 KB 63ms
31ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.01&cpa=20fabc76-35aa-4e79-b158-5be597fca119&prev_step_diff=504
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: debd9647eddaaacaba09b81371fd2e331f952904d7c7f635955b6e213e6a4ee4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 10 Mar 2025 19:53:28 GMT
date: Sun, 10 Mar 2024 19:53:28 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-41c"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1052
x-proxy-cache: HIT

GET
H2 200 SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp
static.bookmsg.com/creatives/SG/ Frame C38C 5 KB
5 KB 51ms
19ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 361540ac8047f9e65b9db4966125eb66d084de3057b5e1c48942c0e1aebe2a44

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 10 Mar 2025 19:53:28 GMT
date: Sun, 10 Mar 2024 19:53:28 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1208"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4616
x-proxy-cache: HIT

GET
H2 200 SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp
static.bookmsg.com/creatives/SG/ 5 KB
5 KB 36ms
22ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/71c415ec4d0223b0a6f49a913c0af930.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 361540ac8047f9e65b9db4966125eb66d084de3057b5e1c48942c0e1aebe2a44

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 10 Mar 2025 19:53:28 GMT
date: Sun, 10 Mar 2024 19:53:28 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1208"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4616
x-proxy-cache: HIT

GET
H2 200 SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp
static.bookmsg.com/creatives/SG/ 1 KB
1 KB 46ms
32ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=6465e02d-ceb7-4c7a-b7f4-371e0bfd729b&prev_step_diff=539
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: debd9647eddaaacaba09b81371fd2e331f952904d7c7f635955b6e213e6a4ee4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 10 Mar 2025 19:53:28 GMT
date: Sun, 10 Mar 2024 19:53:28 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-41c"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1052
x-proxy-cache: HIT

GET
H2 200 /
6a5bc5ad4b.a0a8053f14.com/in/show/ 0
200 B 86ms
38ms Image
text/plain 2a01:4f8:1060:13eb::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6a5bc5ad4b.a0a8053f14.com/in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,all&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&refdom=poop.com.co&auction_time=1710100407&subid=388464194&sid=260912071&tcid=0&ver=8.149.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-10&iabcat=IAB25-3&keywords=&user_fp=15117534454193542960&score=66.20829976655264&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fe%252FyaWQO86yW04%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=36323&crtid=08b734bd08ce908bdc1a036c541a910d&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpop%2Fimp%3Fauth%3D9e2uqx%26c%3D7Jo4d6Mc5u26nG2pqq7ApRSqkXNDPPzrXRItnwtSir0D1ULK0XfaadZjQNFNDJEybfBO7ykfTckAg9cE96WnumddBXt8dk2KxQ4MdhE9_Z1tISbmb0MwtsTygB3K2b2yVnlaTULqIqpeOqCK5wn0tf3I9kxDNB2ksbzEm3X8N_gqY1SQJXTF7-p_jyNEFvd6bsjfGiqnjTCSVkleRB3o75mnPG6B47AkQnS3nYLBDZI9zH6ABeCgNOrKeq5UakegyVMnkA__oeOBGWvC-9WhqYRaaGu_dw-4mVLVGuLSQwLYOcvP6Yx07QKQlmOlLkzm7dzYxJiWeJToAxvBAqhTkqc_5DX9FJnlN--UMFawbj4rFVtmyabRaWFqkyTk55rHVJwd5OIOM0HHmvbpHeDvoGyGwTN6mD47KzKH98Qs-oN6JM7oNtSxvK2-mOdvToNPLVnZkaKl7tIGVuk-eSsX5iRG_sAvOw5Tj3ku-_f9lIIZ7wAI13K57m9J0aXG32dKyn5xkfSAiUNxNzg5_MM-1vQ-f4sc6Irauo4_BLK-8ItZogUz3ndm3jTaqs5vuqG_0f4NWhtVYzUui9W5EWit5zmo9xbcPTLNDH44sElskNvPkneGnD2G1pIllrX2pLh-cLEwEqlbhKt65McNYJ5RMYBNfXK_nmLxoPZjRFr38vz27VwI20Et7MKNbmfIfpTWXeU-VudJAlLJsrg1zho-UyGfQZMKuXKtSzcjBg&icons=iDT9b2JbYduMOWAtBkdFdG8gPQcQqFSGVU88f9Jd0IYcN5ezMPgBZqsWzJ7lDIAlgBbUUo25K5LDfWuJvrJDQ3DmBnbzb3weTJ1a9jR7RbLb23xcBDFi8TeQo_tV5wcqKP5rDkLDCjfqte9ivclGZxHNvWUN3frEZ7PpFU7XpEV8nkHXmg&ext_cid=323&px_id=53418776&min_cpm=0.02183822939612609&out_id=1&campaign_type=lq-pop&aid=3335&cid=13433&uniq=&mid=4016328923458406260&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.13144686934706187&cpm=0&verify_hash=3450dc15d4ae1a3171486aca54157084&is_native=2&real_bid=0.002247400045394896&original_bid_usd=0.0034&original_bid=0.0034&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.111%20Safari%2F537.36&ip_mismatch=2a00:1630:2:602::9&geo=NL&carrier=-&label_ids=129,5,108,0,27,4,83,89&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1710273207&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp&site=native-push-adult&price=0.0034&hostname=auc-inpage-hz-4-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0000034&ext_campaign_id_str=323&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=c7e6782b-0024-40a5-93d4-3856e07bba71&prev_step_diff=539
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 19:53:28 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp
static.bookmsg.com/creatives/SG/ Frame 90B6 5 KB
5 KB 24ms
16ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp
Requested by: Host: 034d351e60.c67209d67f.com
URL: https://034d351e60.c67209d67f.com/71c415ec4d0223b0a6f49a913c0af930.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 361540ac8047f9e65b9db4966125eb66d084de3057b5e1c48942c0e1aebe2a44

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 10 Mar 2025 19:53:28 GMT
date: Sun, 10 Mar 2024 19:53:28 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1208"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4616
x-proxy-cache: HIT

GET
H2 200 /
6a5bc5ad4b.a0a8053f14.com/in/show/ 0
200 B 80ms
38ms Image
text/plain 2a01:4f8:1060:13eb::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6a5bc5ad4b.a0a8053f14.com/in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,all&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fe%2FyaWQO86yW04&refdom=poop.com.co&auction_time=1710100407&subid=388464194&sid=260912071&tcid=0&ver=8.149.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-10&iabcat=IAB25-3&keywords=&user_fp=15117534454193542960&score=66.20829976655264&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fe%252FyaWQO86yW04%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=36323&crtid=08b734bd08ce908bdc1a036c541a910d&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpop%2Fimp%3Fauth%3D9e2uqx%26c%3D7Jo4d6Mc5u26nG2pqq7ApRSqkXNDPPzrXRItnwtSir0D1ULK0XfaadZjQNFNDJEybfBO7ykfTckAg9cE96WnumddBXt8dk2KxQ4MdhE9_Z1tISbmb0MwtsTygB3K2b2yVnlaTULqIqpeOqCK5wn0tf3I9kxDNB2ksbzEm3X8N_gqY1SQJXTF7-p_jyNEFvd6bsjfGiqnjTCSVkleRB3o75mnPG6B47AkQnS3nYLBDZI9zH6ABeCgNOrKeq5UakegyVMnkA__oeOBGWvC-9WhqYRaaGu_dw-4mVLVGuLSQwLYOcvP6Yx07QKQlmOlLkzm7dzYxJiWeJToAxvBAqhTkqc_5DX9FJnlN--UMFawbj4rFVtmyabRaWFqkyTk55rHVJwd5OIOM0HHmvbpHeDvoGyGwTN6mD47KzKH98Qs-oN6JM7oNtSxvK2-mOdvToNPLVnZkaKl7tIGVuk-eSsX5iRG_sAvOw5Tj3ku-_f9lIIZ7wAI13K57m9J0aXG32dKyn5xkfSAiUNxNzg5_MM-1vQ-f4sc6Irauo4_BLK-8ItZogUz3ndm3jTaqs5vuqG_0f4NWhtVYzUui9W5EWit5zmo9xbcPTLNDH44sElskNvPkneGnD2G1pIllrX2pLh-cLEwEqlbhKt65McNYJ5RMYBNfXK_nmLxoPZjRFr38vz27VwI20Et7MKNbmfIfpTWXeU-VudJAlLJsrg1zho-UyGfQZMKuXKtSzcjBg&icons=N3RlewipXNtvLkhFpm27ze0-9QJalC1meuBBkN4frWNERhOMJhaoqU2CGOx38fWJT_-mEFZszIyghJygy3vjJSlorGvWbLl6TnbcJv8yOYKf0b5bjG-nQi5W7ILsFPgqduOuJQ8QqadVnYJc_zu6K1Sygny9p05fTPwGDY6_O0mGKDw8DQ&ext_cid=323&px_id=53418776&min_cpm=0.02183822939612609&out_id=0&campaign_type=lq-pop&aid=3335&cid=13433&uniq=&mid=4016328923458406260&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.13144686934706187&cpm=0&verify_hash=3450dc15d4ae1a3171486aca54157084&is_native=2&real_bid=0.002247400045394896&original_bid_usd=0.0034&original_bid=0.0034&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.111%20Safari%2F537.36&ip_mismatch=2a00:1630:2:602::9&geo=NL&carrier=-&label_ids=5,4,83,89,108,0,27,129&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1710273207&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf.webp&site=native-push-adult&price=0.0034&hostname=auc-inpage-hz-4-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0000034&ext_campaign_id_str=323&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&st=0.01&cpa=41a8685a-c03f-4cb8-9bf2-e80d5e70cce6&prev_step_diff=539
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://poop.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 19:53:28 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp
static.bookmsg.com/creatives/SG/ Frame 90B6 1 KB
1 KB 85ms
85ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_50dbf0cae89fd14f34b6cb7b8301e683e25e0adf_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&st=0.01&cpa=b9fc1181-20a4-4c34-9305-f0cb41c898ae&prev_step_diff=539
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: debd9647eddaaacaba09b81371fd2e331f952904d7c7f635955b6e213e6a4ee4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 10 Mar 2025 19:53:28 GMT
date: Sun, 10 Mar 2024 19:53:28 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-41c"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1052
x-proxy-cache: HIT

GET
H/1.1 200
OK 64343 Show response
fikedaquabib.com/rotaInGRWQGA24/ Frame A097 0
1 KB 222ms
21ms Script
application/javascript 23.109.170.67
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://fikedaquabib.com/rotaInGRWQGA24/64343

Requested by

Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.170.67 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 19:53:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://metrolagu.cam
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ Frame A097 87 KB
28 KB 63ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://metrolagu.cam/
Origin: https://metrolagu.cam
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4399899
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXjagkGDNziGln%2FvNxq%2FUU10TQwWG3vHXom%2FWcc3X%2FxoRChQCxzhoQCssLpAGpzaRehhEpi%2Fqx%2F7nLjLJlSbXsc4%2Fd1cL51ERK1DwTt4bc2jUKT5AED%2F6bVZdhbxzm1R6jrLelH79GvNKricCg5O5rrr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8625d9dfc89f669f-AMS
expires: Fri, 28 Feb 2025 19:53:28 GMT

GET
H3 200 embed.css
metrolagu.cam/ Frame A097 1 KB
838 B 27ms
26ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrolagu.cam/embed.css
Requested by: Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/watch?v=Ay04zDYuaZA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Sep 2023 15:07:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4212
etag: W/"651596cf-446"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4gmuIk3oZ%2F%2FgRp3YONqRJNDUqfIFF5DL44Cjj09WOaUfqkbovNx226GyIZ96v0XX%2BjL%2BXprFE2H55y2dfBfV%2FfMh8%2Bg3j8mTKfbGdk4lG9XSzJXW4TTi1f4xZf%2F48F931NFSFNrEaQKj2NZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8625d9df991e7754-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 11 Mar 2024 06:43:16 GMT

GET
H2 200 yhan777ezktll7tw.jpg
img.doodcdn.co/snaps/ Frame A097 42 KB
42 KB 49ms
48ms Image
image/jpeg 2606:4700:20::ac43:46be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.doodcdn.co/snaps/yhan777ezktll7tw.jpg
Requested by: Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19aa8a2bfafbf0d70e6a5973b1d7fe8346d4f9e6a4310530297136f913acb84

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54721
cf-polished: origSize=43338
alt-svc: h3=":443"; ma=86400
content-length: 42992
cf-bgj: imgq:100,h2pri
last-modified: Thu, 04 Jan 2024 12:25:23 GMT
server: cloudflare
etag: "6596a3b3-a94a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBxich9aSNFAN%2B9yANGqdJyQ%2B%2By2irk3H9LocYduFU2x%2BXiUfxf9eCLA1AzLDxyx5pMW89Yb%2BYP%2B7k6Y81Cz3mpFfUm08mgOYwKYE4VY33UDAbILH%2BruOqXcpUZTA4a17QDY0CbA6BPqXr2P"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8625d9df9c4e669d-AMS
expires: Sun, 24 Mar 2024 02:48:54 GMT

GET
H3 200 adus.js Show response
metrolagu.cam/ Frame A097 532 B
744 B 25ms
25ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrolagu.cam/adus.js
Requested by: Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edd026699ef3c73fff84b39eb624af3bcb6d5732513ceef2ef1c36068e311eea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/watch?v=Ay04zDYuaZA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 02:26:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3064
etag: W/"657bb94e-214"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u017vXNR9NaxQFOkELtcu5ctQmgbfIj5LuNDfDpfE32WFoamigyDsQmTsYzvmmNGjJKbBt%2BLzWOBUHdTN2x1HOuSWIFL5yfZi7l6w5tuAtb%2F1UDkF9RTWy0fVC7llp9%2BrCp1SZIsmcs8Kkos"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 8625d9df991f7754-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 11 Mar 2024 07:02:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A097 146 KB
50 KB 133ms
76ms Fetch
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: metrolagu.cam
URL: https://metrolagu.cam/watch?v=Ay04zDYuaZA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16fadf475b181cd6d06243b202f9fe817fc0ff567c7fef620588545c8d4f81de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://metrolagu.cam/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 19:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50959
x-xss-protection: 0
server: cafe
etag: 14751144610060188119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 10 Mar 2024 19:53:28 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.poop.com.co/	1970-01-21 04:37:40	Name: _ga_RRBBHD087X Value: GS1.1.1710100407.1.0.1710100407.0.0.0
.poop.com.co/	1970-01-21 04:37:40	Name: _ga Value: GA1.1.671613699.1710100408
fp.metricswpsh.com/	1970-01-21 03:47:16	Name: id Value: 14732166151819509644
mordoops.com/	1970-01-21 03:47:16	Name: OAID Value: 00801b4d037746d9f57f3657e0595fa6
my.rtmark.net/	1970-01-21 03:47:16	Name: ID Value: 00801b4d037746d9f57f3657e0595fa6
mordoops.com/	1970-01-21 03:47:16	Name: oaidts Value: 1710100408
mordoops.com/	1970-01-20 19:11:45	Name: syncedCookie Value: true
fikedaquabib.com/	1970-01-20 19:03:06	Name: GL_UI4 Value: eJw9jU1ugzAYRCH8JW2gHYkD9AjGCbRZVjlEl8jgL8QN2JFxQb19rUrtap5GbzRBEGzKJ4RLukP0JWq8XGrJq4adat7I16bqmiNx1tWHhp%2FY25EfsFNz60Q3kouxnSdhXeuWGPuBNFnVt72RlOPZW3%2FNTZtVx0g6K7TMkUzeGHNknTXrTLaMEGsxEdLz1RqfySQ%2BjUVUce5Zac8hw8bMZVQ8IPtQWvphscemYkWRBni8j8JdjJ1aJdMQyWCFJITv2PbC0WDsNzJJ882ZO2BG2f77v7%2FRWjGkkhbV%2B3PjrmR%2FACj%2FTTk%3D
fikedaquabib.com/	1970-01-20 19:03:06	Name: GL_GI10 Value: eJwVybsOgjAUBuCeM2BIvOSPPABP0HBzcNaBwTCokxuBRppgS9qjz29YvuVTSnG2BdsF%2B7rUVdHo8lTpsjmD3uDuBh4cDs%2FJ5J2RyYS5d2MEBfCrBQeH3cN%2FZcpbP68FGpDevYgJY%2F8BWWxsfdXOCNhFpBcfFh96MaAlIbD41ThmCvRLjn8w6CIV

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjzObOBpZR7eAKiAIsAZIIDmz48eo7W6BzDhNINOUmwg5njxD0yxF3bRR4nDz16f5T9PeTrBqg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-384936026%3A1710100407773779&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://poop.com.co/e/yaWQO86yW04 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0265280ef1.308d13be14.com
034d351e60.c67209d67f.com
6a5bc5ad4b.a0a8053f14.com
accounts.google.com
cdnjs.cloudflare.com
code.jquery.com
fikedaquabib.com
fp.metricswpsh.com
img.doodcdn.co
mcpuwpsh.com
metrolagu.cam
mordoops.com
my.rtmark.net
nereserv.com
pagead2.googlesyndication.com
poop.com.co
region1.google-analytics.com
static.bookmsg.com
storage.multstorage.com
www.googletagmanager.com
yu2be.com
139.45.195.8
139.45.197.244
157.90.84.242
168.119.25.102
2001:4860:4802:32::36
23.109.170.67
2606:4700:20::ac43:46be
2606:4700:3032::ac43:ae33
2606:4700::6811:190e
2a00:1450:4001:812::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::54
2a01:4f8:1060:13eb::2
2a01:4f8:c0:2306::1
2a02:b48:8300::24
2a04:4e42:200::649
2a06:98c1:3120::3
2a06:98c1:3121::3
45.133.44.52
45.133.44.53
1345bd7f62feb669a87ac29f56bc522076f413d10ed20bab934cec5483264be0
16fadf475b181cd6d06243b202f9fe817fc0ff567c7fef620588545c8d4f81de
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
1ea19c70a176b8da5109609de36317fe0ba65bd7e27e859b8cf4fdb6a590b121
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee
320b629edc9040286e4d0b371939c053955bedca86cc6a744cefc2512b24c7a0
352e5fb6551b2b143f6de62dd0e4253e87c2ef9e9170e28fd77f054835a692a1
361540ac8047f9e65b9db4966125eb66d084de3057b5e1c48942c0e1aebe2a44
3675ccb774b21bd9fac734688b9de80712d8a2973f687fc0d491c3da96c56112
4205da6f5112b5885551065719b763295d634783d77a6d352acf2cd48760cc32
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf
7131944640688e655780503b913a16848d03792f9f6399f82d3c4cc5caa6efd6
73036daca08e719050c278afe2206ef45887f417251abb56245a1015664ef2e6
7d22423b7aa695f0e44a37f8721400a4862aa91eaee5783b8c96371e89e8299d
8070fd1dac825662a6cf2f5426b35b693ccdc7961799bea80817d894407b7f79
8639d11375e69d2f4b8e3b010df15e4011f04e924c4875b4ba2f8ad8c56a5cee
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
919fc959ac174f5e1356860473047aaceff18d805deb91e0cfce46379f49042e
94e37f1130fb5ba08c00df7e352e4804d0905715e7bec2623bb72395cb277d37
b32a365c59dd70be8bed9d65e54a6e7e4c31eaf10da71348472fd1be1a838d59
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
c19aa8a2bfafbf0d70e6a5973b1d7fe8346d4f9e6a4310530297136f913acb84
c7019183869bad37f67d9ea828c7d373105e87b56f0888fb0ca618d6d80f02b0
debd9647eddaaacaba09b81371fd2e331f952904d7c7f635955b6e213e6a4ee4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e959470fb83b3abe33b17aa83baa92e472283eb855339f2de19457ffcbc9644f
edd026699ef3c73fff84b39eb624af3bcb6d5732513ceef2ef1c36068e311eea
efdbdf88a4334421f51189ed3785466cb3a91b5319d7e99e98b51890cdd2d2c2
f27a16024039a75750adf7bde231f20e2a42fd548d1405ece86f56da2490137d
f4a6bd7c4c4b744112e7a17254201adcffb90ff1f99d0aff97e059b6af2a84d6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

poop.com.co Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

65 %IPv6

21 Domains

21 Subdomains

21 IPs

5 Countries

610 kBTransfer

1781 kBSize

9 Cookies

0 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

poop.com.co Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

65 %
IPv6

21
Domains

21
Subdomains

21
IPs

5
Countries

610 kB
Transfer

1781 kB
Size

9
Cookies

52 HTTP transactions
0 data transactions