poop.my Open in urlscan Pro
172.67.197.29 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://poophd.net/d/P%7C88y%7C0oVDj
Effective URL:
https://poop.my/d/P%7C88y%7C0oVDj
Submission: On August 17 via manual (August 17th 2024, 9:03:57 am UTC) from ID — Scanned from NL

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 24 domains to perform 73 HTTP transactions. The main IP is 172.67.197.29, located in United States and belongs to CLOUDFLARENET, US. The main domain is poop.my.
TLS certificate: Issued by WE1 on August 15th 2024. Valid for: 3 months.

This is the only time poop.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.197.29 172.67.197.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.132.168 172.67.132.168	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:6ea0:c70... 2a02:6ea0:c700::112	60068 (CDN77 _) (CDN77 _)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	172.67.174.51 172.67.174.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
4	94.130.198.6 94.130.198.6	24940 (HETZNER-AS) (HETZNER-AS)
8	2a01:4f8:252:... 2a01:4f8:252:561a::2	24940 (HETZNER-AS) (HETZNER-AS)
2 5	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a01:4f8:c0:2... 2a01:4f8:c0:2306::1	24940 (HETZNER-AS) (HETZNER-AS)
1	172.67.173.30 172.67.173.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
73	18

2 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

poophd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrolagu.cam	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.197.29 (United States)

ASN13335 (CLOUDFLARENET, US)

poop.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.132.168 (United States)

ASN13335 (CLOUDFLARENET, US)

poophd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dbefaaec33.701ad069e2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::112 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

a.magsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

s.magsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.174.51 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.multstorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.capndr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.198.6 (Bendorf, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.6.198.130.94.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a01:4f8:252:561a::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

1e1ba311bb.58be2b4fa2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.97.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

s7feh.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
push1004.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6v8hi.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:c0:2306::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

cmpuwps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.173.30 (United States)

ASN13335 (CLOUDFLARENET, US)

6g2p0.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	58be2b4fa2.com 1e1ba311bb.58be2b4fa2.com	13 KB
4	nereserv.com nereserv.com — Cisco Umbrella Rank: 16236	801 B
3	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 17708	3 KB
3	poophd.com poophd.com — Cisco Umbrella Rank: 85234	84 KB
2	push1004.com 2 redirects push1004.com	884 B
2	s7feh.top s7feh.top — Cisco Umbrella Rank: 525409	8 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 19006	426 B
2	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 29576	175 KB
2	magsrv.com a.magsrv.com — Cisco Umbrella Rank: 6755 s.magsrv.com — Cisco Umbrella Rank: 6506	44 KB
2	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 7978	38 KB
2	poop.my poop.my	5 KB
1	6g2p0.top 6g2p0.top — Cisco Umbrella Rank: 820046	15 KB
1	cmpuwps.com cmpuwps.com — Cisco Umbrella Rank: 22687	7 KB
1	6v8hi.top 6v8hi.top	15 KB
1	capndr.com js.capndr.com — Cisco Umbrella Rank: 18967	29 KB
1	701ad069e2.com dbefaaec33.701ad069e2.com	225 B
1	multstorage.com storage.multstorage.com — Cisco Umbrella Rank: 15929
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 27503	3 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	103 KB
1	metrolagu.cam metrolagu.cam — Cisco Umbrella Rank: 54824	1 KB
1	poophd.net 1 redirects poophd.net — Cisco Umbrella Rank: 47385	458 B
0	google.com Failed accounts.google.com — Cisco Umbrella Rank: 46 Failed
0	poop.gold Failed cdn.poop.gold Failed
73	24

	Domain	Requested by
8	1e1ba311bb.58be2b4fa2.com	js.wpushsdk.com
4	nereserv.com	js.capndr.com js.wpushsdk.com
3	static.bookmsg.com
3	poophd.com	poop.my poophd.com
2	push1004.com	2 redirects
2	s7feh.top	js.wpushsdk.com
2	fp.metricswpsh.com	js.wpadmngr.com
2	js.wpushsdk.com	js.wpadmngr.com js.wpushsdk.com
2	js.wpadmngr.com	poop.my js.wpadmngr.com
2	poop.my
1	6g2p0.top
1	cmpuwps.com	js.capndr.com
1	6v8hi.top
1	js.capndr.com	js.wpadmngr.com
1	dbefaaec33.701ad069e2.com	js.wpadmngr.com
1	storage.multstorage.com	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	region1.google-analytics.com	www.googletagmanager.com
1	s.magsrv.com	a.magsrv.com
1	www.googletagmanager.com	poop.my
1	a.magsrv.com	poop.my
1	metrolagu.cam	poop.my
1	poophd.net	1 redirects
0	accounts.google.com Failed
0	cdn.poop.gold Failed	poop.my
73	25

This site contains no links.

Subject Issuer	Validity	Valid
poop.my WE1	`2024-08-15` - `2024-11-13`	3 months	crt.sh
poophd.com WE1	`2024-08-07` - `2024-11-05`	3 months	crt.sh
js.wpadmngr.com R10	`2024-07-09` - `2024-10-07`	3 months	crt.sh
metrolagu.cam WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
magsrv.com E5	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
na.nawpush.com R10	`2024-07-26` - `2024-10-24`	3 months	crt.sh
multstorage.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
dbefaaec33.701ad069e2.com R10	`2024-08-14` - `2024-11-12`	3 months	crt.sh
js.wpushsdk.com R11	`2024-07-10` - `2024-10-08`	3 months	crt.sh
js.capndr.com R10	`2024-06-20` - `2024-09-18`	3 months	crt.sh
notification.tubecup.net E5	`2024-06-19` - `2024-09-17`	3 months	crt.sh
58be2b4fa2.com E5	`2024-08-13` - `2024-11-11`	3 months	crt.sh
static.bookmsg.com R10	`2024-08-03` - `2024-11-01`	3 months	crt.sh
s7feh.top WE1	`2024-07-14` - `2024-10-12`	3 months	crt.sh
puwpush.com R10	`2024-07-02` - `2024-09-30`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://poop.my/d/P%7C88y%7C0oVDj
Frame ID: ACE421F94AD208544D79F18A1CD06C7D
Requests: 65 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 506C971EFE254BB675D8B193C1578FC5
Requests: 1 HTTP requests in this frame

Frame: https://s7feh.top/images/campaigns/creativity-image-2561606-1719340517736.png
Frame ID: B5DE77E190405B6A5396409434E1A750
Requests: 3 HTTP requests in this frame

Frame: https://s7feh.top/images/campaigns/creativity-image-2561606-1719340517736.png
Frame ID: C1017DB35F11321A8F682887ABB91693
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 File not found - PoopHD

Page URL History Show full URLs

http://poophd.net/d/P%7C88y%7C0oVDj HTTP 307
https://poophd.net/d/P%7C88y%7C0oVDj HTTP 301
https://poop.my/d/P%7C88y%7C0oVDj Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

73
Requests

52 %
HTTPS

29 %
IPv6

24
Domains

25
Subdomains

18
IPs

3
Countries

546 kB
Transfer

2018 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://poophd.net/d/P%7C88y%7C0oVDj HTTP 307
https://poophd.net/d/P%7C88y%7C0oVDj HTTP 301
https://poop.my/d/P%7C88y%7C0oVDj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Ab5oB3o1am7yxewcTYPTkiI786HSzITGQOUJ9QremUqp3n-hkOQmdWx6CMDg_6k1ua1XgN5eR79Zhw HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Ab5oB3oy08ZO8JMIBWndo0uV-Mqfqs8SaPj7RFWZynsZ6aRfRFIvfeT6az6pSm1-ijQXXG1aFdfArQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S906913498%3A1723885430781212&ddm=0

Request Chain 64

https://push1004.com/d?bidId=push_20240817090350_215911f4_c342_40cc_b559_86e65f50c6db&offerId=583106&feedId=4166&data=43b3RvQHdudG50bjBtdXFLPz5BQkZGTTyJfY9XS0pNTlNGloNgcZSgkJSVi1phW15PWIljZG9VgqCmrrJbtHV0nnZ1ayBCcnNwal1salRzfztCQUY.REgzPGBea2VlRjuIhomEQGiHho.UT0drkZyamZJdYGJoYGNiZWRnWIyboZ2vp251dHkuNDgpbXVDOWk5OkU9Q0E-SkNMRHdFSFFST0CHfYuFXI6NT3FwUZSTY5pnW1pmVKKfpqSWmXJpaGxqcnJzc2SopH6ydXRqYjY1ODs4QTtCPEY.QkVBcUVFSk9ISX9Oen9QUlF-VVKGh4SIXF1iiWNikmRklmZilmqZmF2tmqF4bGOhqKR.dDU4NTw3OyxtcW1HPz1DRDV-enZQSU1JSEhPQIR-Wk2IjYKJiJdUiYiVmYuUk5uhXpOjl5SonqygrLJnbXFzb3Vwd28xODM8Nzk2PDlAQT5CO359dzeBg4iCU4WHh39BgIOHg11HlIiKipiMmmaampudXJypV6WolqiZqaGbn62bpqJ8cXR7NDI7Ojw9Pw__&ip=2a00:1630:2:1c02::6&ds=1&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_l-body&st=0.01&cpa=02b31ab4-8929-4af4-9c19-3518a0271d1f&prev_step_diff=520 HTTP 302
https://6v8hi.top/images/campaigns/creativity-2561606-1719340517736.png

Request Chain 72

https://push1004.com/d?bidId=push_20240817090350_61697ca4_f19f_4d7e_9c32_7d2361c93788&offerId=583106&feedId=4166&data=14b3RvQHdudG50bjBtdXFLPz5BQkYyOSh1aXtDNzY5Oj8ygm9MXYCMfGxtYzI5MzYnMGE7PEctWnh.hoozeDk4Yjo5LydJeXp3cWRzcVt6hkI1NDkxNzsmL1NRXlhYOS57eXx3M0dmZW5zLiZKcHt5eHE8P0FHP0JBMC8yI1dmbGh6cjlAP0Q8QkY3e4M9M2MzND83PTs5RD1GPnE-QktMSSZtY3FrQnRzNVdWN3p5SYBNQUBMJnRxeHZoa0Q7Oj48RERFQzZ6dlBwdnVrYzc2OTw5QjxDPUc-Q0ZCcjYyODw7aGc7Z287RHJsQnNHdnFMYzQ0YjtpODo.Om1EP0RGRzaGc3o9MShmbWlDOT1APUQ-QzR1eXVPRzE3OClzbmpEPUE9PDxDNHhzTkF8bWJpaHc0aWh1eWt0c3uBPnODd3R0anhseH4zOT0-O0E8QztAR0JLRjQxNzQ7PDk9Nnl4cjJ8foN9ToCCbmYoZ2puakQue29xcX9zgU2BgYJwL298Knh7aXtsfHRucoBueXVPRTE3Mzs3OTo3QQ__&ip=2a00:1630:2:1c02::6&ds=1&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.02&cpa=c3d32cbe-5622-456c-9e10-f8f171ea334d&prev_step_diff=718 HTTP 302
https://6g2p0.top/images/campaigns/creativity-2561606-1719340517736.png

73 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request P%7C88y%7C0oVDj Show response
poop.my/d/
Redirect Chain

http://poophd.net/d/P%7C88y%7C0oVDj
https://poophd.net/d/P%7C88y%7C0oVDj
https://poop.my/d/P%7C88y%7C0oVDj

20 KB
4 KB

168ms
104ms

Document
text/html

172.67.197.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://poop.my/d/P%7C88y%7C0oVDj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.197.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3dedcb9f00cf65007003b75095e223c7e08c19160a6319b0d6fd7138d8f997e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b487e3d18441cca-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Aug 2024 09:03:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F8DjKvz%2B7rnbT42RpUalD4Lk5cumP3Nh35hF1m7xlBsURfzdAU5G9gQzJtuJFo7VGU3pt0wsxgT2vfJLjTE%2FncPxoi7lRWYBMZb9fLYE0wZoyKgRZOlc1Wbs"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: max-age=3600
cf-ray: 8b487e3c894f06d6-AMS
content-length: 167
content-type: text/html
date: Sat, 17 Aug 2024 09:03:49 GMT
expires: Sat, 17 Aug 2024 10:03:49 GMT
location: //poop.my/d/P%7C88y%7C0oVDj
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TpQ7v21jHeDIFRFkaaEQ368Gum8DeGoTD7lgB4piS0IWguBknOWRcKRM1T%2Fx7QrLupVoJ741lfsT1zrfjnDpLKHVcCqSkW8e2oQS8npHCkhM32Pjhpg6QJp7rnro"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 bootstrap.min.css
poophd.com/theme_2/css/ 204 KB
33 KB 76ms
34ms Stylesheet
text/css 172.67.132.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://poophd.com/theme_2/css/bootstrap.min.css
Requested by: Host: poop.my
URL: https://poop.my/d/P%7C88y%7C0oVDj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc42f18c9a19a7b9819c0df62e5e58c3b2f59b8db33798e66b9c1a70b80e875

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 09:03:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 04:16:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32257
etag: W/"65768d15-33023"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVU1aYZqhM1DpNOA04QkfPznUB4R5PovlXdQNH07YPeWsSojL4Ro0QPxkCUhGeQPA0dqPjzNc2XemuB90Wvm0myR919U4CODEz1wX2qELl8jJGwTYTXH5dFmLL14"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8b487e3e1e19669c-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Aug 2024 12:06:11 GMT

GET
H3 200 style.css
poophd.com/theme_2/css/ 204 KB
37 KB 91ms
50ms Stylesheet
text/css 172.67.132.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://poophd.com/theme_2/css/style.css
Requested by: Host: poop.my
URL: https://poop.my/d/P%7C88y%7C0oVDj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b641ac6759b2c43b856210feeb832a6a68cc83248791115458ba7f5243b6cc62

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 09:03:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18198
cf-polished: origSize=258964
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 14 Apr 2024 18:04:18 GMT
server: cloudflare
etag: W/"661c1aa2-3f394"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1kqT9%2FJIhs%2BIaDmR5mZfTiDR%2FaTqrhJjonT3d6dzQryNiXuQ18AL9i0MGpF90egsKPqW%2F117mjO3kihPahAOS7v1YcKabdgaJJyPqZMOc%2BbFDD57175NxVDyEH5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8b487e3e1e17669c-AMS
expires: Sat, 17 Aug 2024 16:00:31 GMT

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 2 KB
1 KB 485ms
22ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: poop.my
URL: https://poop.my/d/P%7C88y%7C0oVDj
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 17 Aug 2024 09:03:49 GMT
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 08:25:07 GMT
server: nginx/1.18.0
etag: W/"66b5d263-6c7"
x-cdn-host-id: ah1747
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
expires: Sat, 17 Aug 2024 09:08:49 GMT

GET
H3 200 not_found.svg
poophd.com/theme_2/img/ 35 KB
13 KB 91ms
50ms Image
image/svg+xml 172.67.132.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poophd.com/theme_2/img/not_found.svg
Requested by: Host: poop.my
URL: https://poop.my/d/P%7C88y%7C0oVDj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a4930e9d642f92fa1ca93d52b411fb266019a1d676d609edf2fcfe16b7f596c

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 09:03:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 22:44:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5500
etag: W/"65208dcd-8a0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCfF1IXX2gIKF7bxOBqlgrJJqTmPcjvvCmEx%2FzNicXmrCuupiwmif1gORInq772Wg9p%2FEMv1fez1sW2blQ%2BpmXTB8LRnuh9CR%2BuhyJy8T96mwRFMKdtxwLQFjJMb"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8b487e3e1e15669c-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 adus.js Show response
metrolagu.cam/ 1 KB
1 KB 63ms
29ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metrolagu.cam/adus.js
Requested by: Host: poop.my
URL: https://poop.my/d/P%7C88y%7C0oVDj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6710b726eb2163741b7afb141586f4155823165469165d7e53a7b72a28b6a4a

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 09:03:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 May 2024 17:17:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12054
etag: W/"665611b6-59d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2Fb808%2FeUWEa3JUjEr7%2BF%2BkvaJOzcFagLgKey4eIjQmuoarJXxmITW15YKGOcIMwLWPO3%2BWiJnEZLs6lR0Eg4biPeRJUZGxnqD9W%2BNpbq5vlFVnUDi7gypptqPgSdlyw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 8b487e3e199eb933-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Aug 2024 17:42:55 GMT

GET uIg2JWeXU.jpg
cdn.poop.gold/ 0
0

GET jENW1Qm12.jpg
cdn.poop.gold/ 0
0

GET N9O3cU29I.jpg
cdn.poop.gold/ 0
0

GET oBiBZAzY1.jpg
cdn.poop.gold/ 0
0

GET TlxyJ.jpg
cdn.poop.gold/ 0
0

GET DErv0.jpg
cdn.poop.gold/ 0
0

GET u2jg0.jpg
cdn.poop.gold/ 0
0

GET MH4wu.jpg
cdn.poop.gold/ 0
0

GET xCYCeqqKf.jpg
cdn.poop.gold/ 0
0

GET csuNImgwP.jpg
cdn.poop.gold/ 0
0

GET yAhPw3dcB.jpg
cdn.poop.gold/ 0
0

GET loAjM60GB.jpg
cdn.poop.gold/ 0
0

GET QKNrwpgjf.jpg
cdn.poop.gold/ 0
0

GET MVeEHwPYM.jpg
cdn.poop.gold/ 0
0

GET HX7VV6XPb.jpg
cdn.poop.gold/ 0
0

GET VTIeqWtGO.jpg
cdn.poop.gold/ 0
0

GET hNcS3.jpg
cdn.poop.gold/ 0
0

GET n5jAo.jpg
cdn.poop.gold/ 0
0

GET dwCuH.jpg
cdn.poop.gold/ 0
0

GET oz4e51tgB.jpg
cdn.poop.gold/ 0
0

GET sZdwo.jpg
cdn.poop.gold/ 0
0

GET gmFiC.jpg
cdn.poop.gold/ 0
0

GET h5qZy2rLz.jpg
cdn.poop.gold/ 0
0

GET SCP5iwBlt.jpg
cdn.poop.gold/ 0
0

GET vnrc3.jpg
cdn.poop.gold/ 0
0

GET
H2 200 ad-provider.js Show response
a.magsrv.com/ 168 KB
44 KB 148ms
76ms Script
application/javascript 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://a.magsrv.com/ad-provider.js
Requested by: Host: poop.my
URL: https://poop.my/d/P%7C88y%7C0oVDj
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 43c93ca8634435484081a05e5a96cda9f4d5f8d045ac30e361ab58c308638fa9

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 17 Aug 2024 09:03:49 GMT
content-encoding: gzip
x-accel-date-max: 1723717456
x-77-cache: HIT
x-cache: HIT
x-age: 6005
x-accel-date: 1723879424
x-77-nzt: EgwBqZb/tgH3dRcAAAwB1GY4EQH3LwAAAA
x-accel-expires: @1723890224
x-77-age: 6005
server: CDN77-Turbo
etag: W/"ddcbd17e57c1c3b7b918663b2b2"
x-77-nzt-ray: 15b3c711dc592a437567c066585fd41e
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-robots-tag: noindex, follow
expires: Thu, 15 Aug 2024 13:23:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 311 KB
103 KB 340ms
82ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X

Requested by

Host: poop.my
URL: https://poop.my/d/P%7C88y%7C0oVDj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98eb316ae0a3778852d3250a0ccf059796577463b78d14661c6f5da33d17c7a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 09:03:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105296
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Aug 2024 09:03:49 GMT

GET avertastd-black-webfont.woff2
poophd.com/theme_2/fonts/ 0
0

GET avertastd-regular-webfont.woff2
poophd.com/theme_2/fonts/ 0
0

GET avertastd-bold-webfont.woff2
poophd.com/theme_2/fonts/ 0
0

POST
H/1.1 200
OK api.php Show response
s.magsrv.com/v1/ 100 B
506 B 77ms
27ms XHR
application/json 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.magsrv.com/v1/api.php
Requested by: Host: a.magsrv.com
URL: https://a.magsrv.com/ad-provider.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: b1909fac42d1567844e57d6cfa6f9e91bf2d82a2e0c94da67017120ff0c99672

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 17 Aug 2024 09:03:49 GMT
Access-Control-Request-Method: POST
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://poop.my
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, follow
Access-Control-Allow-Headers: Authorization, Content-Type

GET avertastd-black-webfont.woff
poophd.com/theme_2/fonts/ 0
0

GET avertastd-bold-webfont.woff
poophd.com/theme_2/fonts/ 0
0

GET avertastd-regular-webfont.woff
poophd.com/theme_2/fonts/ 0
0

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 114 KB
37 KB 23ms
23ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3457e947ac355011147064835d8b0626065a90620c8027a518fe56dfdba793aa

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 17 Aug 2024 09:03:49 GMT
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 08:25:11 GMT
server: nginx/1.18.0
etag: W/"66b5d267-1c8ed"
x-cdn-host-id: ah1747
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
expires: Sat, 17 Aug 2024 09:08:49 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 66ms
23ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je48e0v9167878827za200&_p=1723885429548&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=450754848.1723885430&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723885429&sct=1&seg=0&dl=https%3A%2F%2Fpoop.my%2Fd%2FP%7C88y%7C0oVDj&dt=404%20File%20not%20found%20-%20PoopHD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=867
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 09:03:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://poop.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 114039 Show response
na.nawpush.com/tags/ 3 KB
3 KB 193ms
39ms XHR
application/json 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/114039?version_name=d&domain=poop.my
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 5f2ba3f358a1bee2436a60671f19180a8d223284db002011fe2695ef844b6121

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache: EXPIRED
access-control-allow-origin: *
date: Sat, 17 Aug 2024 09:03:50 GMT
cache-control: max-age=300, public
server: nginx/1.24.0
x-cdn-host-id: ah1742
content-type: application/json

GET
H3 200 favicon-32x32.png
poop.my/ 874 B
1 KB 38ms
38ms Other
image/png 172.67.197.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://poop.my/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.197.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f317e2e66d2069d81ed96acacfb92649a11457b7e31ea576279aa4c10a006fa

Request headers

Referer: https://poop.my/d/P%7C88y%7C0oVDj
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 09:03:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130501
alt-svc: h3=":443"; ma=86400
content-length: 874
last-modified: Thu, 15 Aug 2024 19:58:45 GMT
server: cloudflare
etag: "66be5df5-36a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZIMhc%2FFbD4wlFaAYLiONnGrjyfVGqUm9pJ2xg%2BEQw0TZKvJ2ydGut8oeGg8IbSYIt4CTnZT0ynNr0lBrbWFzDMWp%2BJmfOmWdFgmEoXgjCn611%2BPJ68PNexns"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8b487e41ecbd1cca-AMS
expires: Sat, 14 Sep 2024 20:48:49 GMT

GET
H3 200 count.html
storage.multstorage.com/log/ Frame 506C 0
0 57ms
25ms Document
text/html 172.67.174.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.multstorage.com/log/count.html
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.174.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://poop.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b487e42fa9c66a2-AMS
content-encoding: br
content-type: text/html
date: Sat, 17 Aug 2024 09:03:50 GMT
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dkJxs23XXUY85CidqvcDyILonqv9XKwCgkjI9r1FwiSPLZcivdaBFpFqKn0T9Ad2XB2C%2FLxyZPKx2bmwQzs3v5WszrIWjk%2B1fsGLcGT1%2Bhj1yMCTHDdEUxYbWk3fyMGKQS7x2TeZDU4yuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-request-id: eb4e6008982621a0e71943b5b83f83ea

GET
H2 200 track Show response
dbefaaec33.701ad069e2.com/in/ 0
225 B 103ms
47ms XHR
text/plain 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dbefaaec33.701ad069e2.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI3MzYxNzEzMjk1NjMwOTA1MDAwIiwidGltZXpvbmUiOjIsInZlciI6IjMuMTI3LjMiLCJ0YWdfaWQiOjExNDAzOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV1cm9wZS9BbXN0ZXJkYW0iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4yMSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 09:03:50 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
x-cdn-host-id: ah1747
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 npush.m.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 181 KB
50 KB 76ms
33ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: b7c405dd3b9111861bc703dc29de3baac07410b2328701cff30f7c20da87809a

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 17 Aug 2024 09:03:50 GMT
content-encoding: gzip
last-modified: Tue, 13 Aug 2024 11:23:50 GMT
server: nginx/1.18.0
etag: W/"66bb4246-2d381"
x-cdn-host-id: ah1747
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
expires: Sat, 17 Aug 2024 09:08:50 GMT

GET
H2 200 build.m.js Show response
js.capndr.com/popunder-admanager/ 100 KB
29 KB 68ms
20ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.capndr.com/popunder-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 62e5c84fc6784fa515a9202ba8d9fad57774342062b9e2d8bc719631b9f29548

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 17 Aug 2024 09:03:50 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2024 11:55:38 GMT
server: nginx/1.18.0
etag: W/"66ab77ba-191d0"
x-cdn-host-id: ah1742
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
expires: Sat, 17 Aug 2024 09:08:50 GMT

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 106ms
27ms Preflight 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=114039
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://poop.my
Connection: keep-alive
Date: Sat, 17 Aug 2024 09:03:50 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 60 B
426 B 507ms
28ms XHR
application/json 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=114039
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 226a3f157cec14436e520e334118e78c510976c95203c4ec85e1d83b2acd027b

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Sat, 17 Aug 2024 09:03:50 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://poop.my
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 60

GET
H2 200 dip Show response
nereserv.com/in/ 0
200 B 122ms
35ms XHR
text/plain 94.130.198.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?event_id=cbf36e6a-22d6-4b73-88f6-dd10e6769e50&subid=500843478&spot_id=503362&created_at=2024-08-17&timezone=2&ver=1.152.8
Requested by: Host: js.capndr.com
URL: https://js.capndr.com/popunder-admanager/build.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 94.130.198.6 Bendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.198.130.94.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 09:03:50 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Ab5oB3o1am7yxewcTYPTkiI786HSzITGQOUJ9QremUqp3n-hkOQmdWx6CMDg_...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Ab5oB3oy08ZO8JMIBWndo0uV-Mqfqs8SaPj7RFWZynsZ6aRfRFIvfeT6az6pSm1-ijQXXG1aFdfArQ&passive...

0
0

GET
BLOB 200
OK 4fed3f68-21a6-4da6-b5e0-473170daef88
https://poop.my/ 204 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://poop.my/4fed3f68-21a6-4da6-b5e0-473170daef88
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 204
Content-Type: text/javascript

GET
H2 200 nmain.m.js Show response
js.wpushsdk.com/skins/ 529 KB
125 KB 49ms
48ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/skins/nmain.m.js
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 0ebfbcbf3457da6d378a665bc6305a2c7264256ffbdd01be7ccbb91a45710d89

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 17 Aug 2024 09:03:50 GMT
content-encoding: gzip
last-modified: Tue, 13 Aug 2024 11:23:46 GMT
server: nginx/1.18.0
etag: W/"66bb4242-844da"
x-cdn-host-id: ah1747
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
expires: Sat, 17 Aug 2024 09:08:50 GMT

OPTIONS
H2 204 multy
1e1ba311bb.58be2b4fa2.com/in/ Frame 0
0 123ms
34ms Preflight 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1e1ba311bb.58be2b4fa2.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Sat, 17 Aug 2024 09:03:50 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

GET
H2 200 dip Show response
nereserv.com/in/ 0
200 B 97ms
34ms XHR
text/plain 94.130.198.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=66870c81-1505-468a-a625-f392f1c0ef0c&subid=388464194&sid=1394197889&spot_id=418776&created_at=2024-08-17&timezone=2&ver=8.182.1&is_native=1
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 94.130.198.6 Bendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.198.130.94.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 09:03:50 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
1e1ba311bb.58be2b4fa2.com/in/ 45 KB
6 KB 389ms
388ms XHR
application/json 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1e1ba311bb.58be2b4fa2.com/in/multy
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 76368a31b10d4f97e44db818739bebf239a189ba0886a9a6fbe5c34a6284fcc3

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 09:03:50 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 5814

OPTIONS
H2 204 multy
1e1ba311bb.58be2b4fa2.com/in/ Frame 0
0 176ms
89ms Preflight 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1e1ba311bb.58be2b4fa2.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poop.my
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Sat, 17 Aug 2024 09:03:50 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 93ms
32ms XHR
text/plain 94.130.198.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=8f3a9221-bade-4658-b29d-22175e1766a3&subid=357529620&sid=2161834409&spot_id=418774&created_at=2024-08-17&timezone=2&ver=8.182.1&is_native=1
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 94.130.198.6 Bendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.198.130.94.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 09:03:50 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
1e1ba311bb.58be2b4fa2.com/in/ 45 KB
6 KB 539ms
537ms XHR
application/json 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1e1ba311bb.58be2b4fa2.com/in/multy
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 2c2aa4a95a514a5e9aa7878ac8e2abe38697a64167409304b7e77dd7bdba09cd

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 09:03:51 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 5821

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ 486 B
716 B 373ms
16ms Image
image/webp 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=9405afa4-eafc-4a33-a6ca-efd9892d8d8c&prev_step_diff=521
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 17 Aug 2024 09:03:51 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1e6"
x-cdn-host-id: ah1747
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 486
expires: Sun, 17 Aug 2025 09:03:51 GMT

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ 1 KB
1 KB 372ms
16ms Image
image/webp 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 17 Aug 2024 09:03:51 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-42a"
x-cdn-host-id: ah1747
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1066
expires: Sun, 17 Aug 2025 09:03:51 GMT

GET
H2 200 /
1e1ba311bb.58be2b4fa2.com/in/show/ 0
201 B 82ms
27ms Image
text/plain 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1e1ba311bb.58be2b4fa2.com/in/show/?tag_ab=d&site_id=31418776&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.my%2Fd%2FP%257C88y%257C0oVDj&refdom=poop.my&auction_time=1723885430&subid=388464194&sid=1394197889&tcid=0&ver=8.182.1&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-08-17&iabcat=IAB25-3&keywords=&user_fp=8347256469451684417&score=62.43558509949276&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.my%252Fd%252FP%25257C88y%25257C0oVDj%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=36323&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpop%2Fimp%3Fauth%3D9e2uqx%26c%3DWtTiYc3ajq646uG0D4kuUc-y4VWIPFU8EGmRmq8I9KDI0t6rQsQtZfTAckZlrKlxRaSQvlIoAJGnhwHAH2oCELzIkWeMo9MlZo-1lYrRhvjlLKMkogKxcHY_kxPFRrk5buJ2yRO7i475Uhg7bkLxUEYWrc2xKKpztPUPcLhUQsv4NuWcMqIU9k818ZATi892L-Q15_f_p37tsbgv2qt5zygo2-3gRi81Pqjqkny5uHMUXtk-kJis8Xuvvknpamme6mL-wLs-Aeev40H6Nb0D9FOlwhMcNliOv0wTjgOLBDxiEm9T8CAOkVBF9aEHFd144l56V_LHQZY_HdhFwTleuY6PGZ1sx1-PVt5CDCwoiyKSM2zsxqUKwm7bU-ISZwocj7zDLtLdT35OaIxnCSgT73SXcmat78vpB1OHN9P1dSEZJDyFhoMGNp1ahRBeGWJvx4a_R09rbko0rCSy-FoQ0RVBpGLBkNCXGFqG1KWNeiblbecBiYAU4tcM9nZbv1qYUn9iuTFUIwtfSZRgU5Fw-OtzB9EGDkzSEVJCsKD5W1nc9vFnV4gacZWbQa5XDu2dbtU8EdzpLO77wlL7ybWNL8hDJgInHOZGEkwLo6BNIVbmIPbjIgT2iqRUAz-HtLXYm_9K_QjkJ4Bwd36K5kGNPZrkiZ0u7dWhIPbWAkBCBbiovN7ovrQHuENtOzw4A6_H1kJ9la4wYFy1LT95l_igtw&icons=OXs8hDFYWWx846SyTbYSBm61JJzrSP1MY7D0zXBuoCr8KIaUksHFMMq5qy6repLmKRrjtSJeyfBIpdDqBluT9zHAG_KtbkP1uRI-bppktkT9g0jsNYsWSF7T0YGPes0dh7vAclG8KaJ2CTtc-jkkvAvnlF0g6OnoFLFiwRbLAClYvrimVA&ext_cid=323&px_id=53418776&min_cpm=0.031568317624970664&out_id=1&campaign_type=lq-pop&aid=3335&cid=13433&uniq=&mid=3074186549479201987&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0859162683706282&cpm=0&verify_hash=72c2947177efdeb209d33a9ae5b01ad0&is_native=2&real_bid=0.002510899996757522&original_bid_usd=0.0034&original_bid=0.0034&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F127.0.0.0%20Safari%2F537.36&ip_mismatch=2a00:1630:2:1c02::6&geo=NL&carrier=-&label_ids=108,0,89,4,83,20,27&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=1724058230&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0034&hostname=auc-inpage-hz-14-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0000033999999999999996&ext_campaign_id_str=323&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=a01948a5-95ab-4ab3-a99f-d3132dd605a8&prev_step_diff=521
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 09:03:50 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 /
1e1ba311bb.58be2b4fa2.com/in/show/ 0
200 B 83ms
29ms Image
text/plain 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1e1ba311bb.58be2b4fa2.com/in/show/?tag_ab=d&site_id=31418776&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.my%2Fd%2FP%257C88y%257C0oVDj&refdom=poop.my&auction_time=1723885430&subid=388464194&sid=1394197889&tcid=0&ver=8.182.1&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-08-17&iabcat=IAB25-3&keywords=&user_fp=8347256469451684417&score=62.43558509949276&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.my%252Fd%252FP%25257C88y%25257C0oVDj%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=07b8e108480261aa461ea17744e15f54&url=https%3A%2F%2Fpush1004.com%2Fc%3FbidId%3Dpush_20240817090350_215911f4_c342_40cc_b559_86e65f50c6db%26feedId%3D4166%26offerId%3D583106%26data%3D43b3RvQHdudG50bjBtdXFLPz5BQkZGTTyJfY9XS0pNTlNGloNgcZSgkJSVi1phW15PWIljZG9VgqCmrrJbtHV0nnZ1ayBCcnNwal1salRzfztCQUY.REgzPGBea2VlRjuIhomEQGiHho.UT0drkZyamZJdYGJoYGNiZWRnWIyboZ2vp251dHkuNDgpbXVDOWk5OkU9Q0E-SkNMRHdFSFFST0CHfYuFXI6NT3FwUZSTY5pnW1pmVKKfpqSWmXJpaGxqcnJzc2SopH6ydXRqYjY1ODs4QTtCPEY.QkVBcUVFSk9ISX9Oen9QUlF-VVKGh4SIXF1iiWNikmRklmZilmqZmF2tmqF4bGOhqKR.dDU4NTw3OyxtcW1HPz1DRDV-enZQSU1JSEhPQIR-Wk2IjYKJiJdUiYiVmYuUk5uhXpOjl5SonqygrLJnbXFzb3Vwd28xODM8Nzk2PDlAQT5CO359dzeBg4iCU4WHh39BgIOHg11HlIiKipiMmmaampudXJypV6WolqiZqaGbn62bpqJ8cXR7NDI7Ojw9Pw__%26ds%3D1&icons=xmJBdLkt1BOl38boKSaCRMlhVcWHCH2WoHpfTSjS4ee88-18woVMYbpVNfQRuiGAeQgB8uyqQd_n8o-d2ATnfbi3DuTO8Y3vCqIq3t7JjL_2gNPTtrTJEMsjHVKGunVlFD3QdsnPez2qTNUFQytU5mu7_p8dnKJ4HA5jLQVHJAVKDtkXFSMoA_bppAQaSpV_W8WkYOkbfNAKIJhN72I5TXjw3EqD_W41xsDvatjl0__7iT_xy5cbsajl0H1JCmcZdjLAPTwjPh9khA3XpHfRTyVUTWkfyY-1RBygwOby1b6Z3w1g2l1rR5YR6Qp-P3EnU-M3tFfm_dIpLCmuNmXe4xmlZ6VShvaOYoeEG36xd-6USr4NnCrdrrz3LpOFxrCAn7LfVtSWLtJiz6l_mPG8xajLYKVmPgcAnyvfTNKcJYKnOpW_VCUTBzQ_T_PWb5ORXV9yKlopVTleWPt_is7_BsrLLyPKyi3vFk3xQSXjp6GDnvrB9jDAA0arp7dkoMpRaT3OMotFOm2DIuPxGsugeGAh9stSxmNEjtZeQs5b4bYG4EjF7TdQQ8zxqSpHrJHm0BETshPQjWAt_adi41tFjKItAvxBmxfh7vvP5yx2ZcvC1ggltab9b05ZDoFtcGp8Jyaa3vrwOE4ndULD0dkJosGF5AT2jsVDRklkyLdhZswPwsCEE94av8gHxZtykNAt3r0duYdJYk_DZgRvpH8enfSE-pss2OkUENYy4F_2NeIQMijkqtZsLH-IQ8DcY_lMRWzkcicM5NvJBnXgc6TW5eGwd4bBZCfBpoAJqKObmPziRepG1v-lkEvDR3hBk4M6QiBkWvC5HL0CaiMnaPAHZQbXp6xd1EccLK_BHHRxxw70fj45arTAEeiHc-MNGUtfN5NxNb0Lm3wpDbQiJe5VN2yB379z3Cm-oh27aAdOeB4g3Dsf8J4lTfeaJ2PgpZUrADR38P5AnXgP9dKOkcd8dQ&ext_cid=0&px_id=31418776&min_cpm=0.028225956588747467&out_id=0&campaign_type=mq&aid=255&cid=18356&uniq=&mid=3074186549479201987&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.10034992798598248&cpm=0&verify_hash=3e20771914a5c72ad7ce0fae3d51e245&is_native=1&real_bid=0.00328&original_bid_usd=0.00328&original_bid=0.00328&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F127.0.0.0%20Safari%2F537.36&ip_mismatch=2a00:1630:2:1c02::6&geo=NL&carrier=-&label_ids=101,4,83,11,93&need_redirect_show=0&applied_features=main-skins-settings,coef_098&show_count=1&expiration_timestamp=1723971830&image_url=https%3A%2F%2Fs7feh.top%2Fimages%2Fcampaigns%2Fcreativity-image-2561606-1719340517736.png&site=native-push-adult&price=0.00328&hostname=auc-inpage-hz-14-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.00000328&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_l-body&st=0.01&cpa=1f5b2251-bed0-4019-916a-b750016c9ede&prev_step_diff=521
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 09:03:50 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H3 200 creativity-image-2561606-1719340517736.png
s7feh.top/images/campaigns/ Frame B5DE 7 KB
8 KB 367ms
26ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7feh.top/images/campaigns/creativity-image-2561606-1719340517736.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc381287c90b529ae45e8cc1add50e9abf83a1dd4aa28cb4db7e50a95e3329d9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 09:03:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1049
age: 4543570
cdn-cachedat: 06/25/2024 18:41:49
cdn-pullzone: 283898
alt-svc: h3=":443"; ma=86400
content-length: 7478
last-modified: Tue, 25 Jun 2024 18:35:17 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "667b0de5-1d36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1EMtuGt9rky8xXUtlB4ou2KLXMjGT%2BTDF%2Fivcx%2FvuewYTBIdhpWmrbJLWE8Fm9EnPM92hbhi2hUNu%2FLML6jwY8ahFRbAwjCKiUxrbivmQBl5pnuY1hU7%2FaCU8Q8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cdn-cache: HIT
cdn-uid: 10270df6-3a78-4ee3-9e7e-62f57a8521e8
cache-control: public, max-age=31919000
cdn-requestid: 9e28556b575ef4cf627ba3458cef1997
accept-ranges: bytes
cf-ray: 8b487e490c0366be-AMS
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3

200

creativity-2561606-1719340517736.png
6v8hi.top/images/campaigns/ Frame B5DE
Redirect Chain

https://push1004.com/d?bidId=push_20240817090350_215911f4_c342_40cc_b559_86e65f50c6db&offerId=583106&feedId=4166&data=43b3RvQHdudG50bjBtdXFLPz5BQkZGTTyJfY9XS0pNTlNGloNgcZSgkJSVi1phW15PWIljZG9VgqCmr...
https://6v8hi.top/images/campaigns/creativity-2561606-1719340517736.png

15 KB
15 KB

57ms
25ms

Image
image/png

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6v8hi.top/images/campaigns/creativity-2561606-1719340517736.png
Protocol: H3
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e16d82cab8628a3d3e9f92eff405b061c29d378c350ddc0320c095514b594f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 09:03:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1077
age: 4544017
cdn-cachedat: 06/25/2024 18:41:49
cdn-pullzone: 283898
alt-svc: h3=":443"; ma=86400
content-length: 15096
last-modified: Tue, 25 Jun 2024 18:35:17 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "667b0de5-3af8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2BS%2F4vWq52GxCh9QJ0reqVTlMbEt2z6juQ4pO6E2fYU6TDZPoz%2Fee567aB5FDlCJlHkWOmDeE1SLogv6opumQWgMZXryWRKfShgQX%2FZ0jaaMAM4d9sxvFy5FqsI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cdn-cache: HIT
cdn-uid: 10270df6-3a78-4ee3-9e7e-62f57a8521e8
cache-control: public, max-age=31919000
cdn-requestid: 1a44dc5e58529047085707428cf5aab4
accept-ranges: bytes
cf-ray: 8b487e478d4fb742-AMS
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Sat, 17 Aug 2024 09:03:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wSStJppkORKH1iY9CJyWPZC%2FFeG1ez7bgGR4v2AHSUXpUM8Zkoue6yV1MYwLJ6usdhUIT%2B9XNOM7WCsHSPIN1EIjskINFZ4JtvAlzUxm9mBFF1OQG8gIX6s7qL8VvAs%3D"}],"group":"cf-nel","max_age":604800}
location: https://6v8hi.top/images/campaigns/creativity-2561606-1719340517736.png
cf-ray: 8b487e4719336612-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ Frame B5DE 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 dip Show response
nereserv.com/in/ 0
200 B 27ms
27ms XHR
text/plain 94.130.198.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?event_id=cbf36e6a-22d6-4b73-88f6-dd10e6769e50&subid=500843478&spot_id=503362&created_at=2024-08-17&timezone=2&ver=1.152.8
Requested by: Host: js.capndr.com
URL: https://js.capndr.com/popunder-admanager/build.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 94.130.198.6 Bendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.198.130.94.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 09:03:51 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 / Show response
cmpuwps.com/get/ 7 KB
7 KB 318ms
235ms Fetch
application/json 2a01:4f8:c0:2306::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmpuwps.com/get/
Requested by: Host: js.capndr.com
URL: https://js.capndr.com/popunder-admanager/build.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2306::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 306ccfd86e2e79db46e84e2038aad703bd5720e8343cb595b10f9faef5ce3c52

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 09:03:51 GMT
server: nginx/1.16.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 6830

GET
H3 200 creativity-image-2561606-1719340517736.png
s7feh.top/images/campaigns/ Frame C101 7 KB
0 178ms
178ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7feh.top/images/campaigns/creativity-image-2561606-1719340517736.png
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc381287c90b529ae45e8cc1add50e9abf83a1dd4aa28cb4db7e50a95e3329d9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 09:03:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1049
age: 4543570
cdn-cachedat: 06/25/2024 18:41:49
cdn-pullzone: 283898
alt-svc: h3=":443"; ma=86400
content-length: 7478
last-modified: Tue, 25 Jun 2024 18:35:17 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "667b0de5-1d36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1EMtuGt9rky8xXUtlB4ou2KLXMjGT%2BTDF%2Fivcx%2FvuewYTBIdhpWmrbJLWE8Fm9EnPM92hbhi2hUNu%2FLML6jwY8ahFRbAwjCKiUxrbivmQBl5pnuY1hU7%2FaCU8Q8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cdn-cache: HIT
cdn-uid: 10270df6-3a78-4ee3-9e7e-62f57a8521e8
cache-control: public, max-age=31919000
cdn-requestid: 9e28556b575ef4cf627ba3458cef1997
accept-ranges: bytes
cf-ray: 8b487e490c0366be-AMS
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ 486 B
716 B 182ms
16ms Image
image/webp 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=3333d8a1-d702-4368-94e6-23ee2255c332&prev_step_diff=718
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 17 Aug 2024 09:03:51 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1e6"
x-cdn-host-id: ah1747
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 486
expires: Sun, 17 Aug 2025 09:03:51 GMT

GET
H2 200 /
1e1ba311bb.58be2b4fa2.com/in/show/ 0
200 B 28ms
27ms Image
text/plain 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1e1ba311bb.58be2b4fa2.com/in/show/?tag_ab=d&site_id=31418774&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.my%2Fd%2FP%257C88y%257C0oVDj&refdom=poop.my&auction_time=1723885430&subid=357529620&sid=2161834409&tcid=0&ver=8.182.1&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-08-17&iabcat=IAB25-3&keywords=&user_fp=8347256469451684417&score=64.94435259335151&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.my%252Fd%252FP%25257C88y%25257C0oVDj%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=36323&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpop%2Fimp%3Fauth%3D9e2uqx%26c%3DBcB7xhZXFuvuKyuTgJ9Kpt7Vs8-C8FZiyGliXF9N5RCUPwBKUatSdUAIKQMeZ-t_gChrmLPViAsS-TVV92uwdqmEYqo62xqlmz4OlQpBYB292aqfvISpQzJR5W0ljV-7E7LAi4oXlL5usGu5EqGLEFmfEUe_jK93Kv2O8kI4BVgDmvYgSbe09ghWHgzIU46Uge_6cuMVffs6l_Jw6sWwkUdsmB3pIc-4xsN3HJc45_1e8ZRS8OQ-3R6wOZTQfCD9BhsHmtfWgz8neSvA8xNVtk4lPTumE7R26CjLXrcKKgmwv2mEwI1BS2cgEENfkLl0-8gGUsdalqCEgRtQCDugpO1M0Sxol60d56fSvMEyDoCp3SBc0Opo72lV7ErZZxhhHdHaVApj5sqYKl8_MKEcX2QLaVLFf-AKYxtljQQUb_StE6Kgg0uoFeyk2DvNqTILTp-4gKFCWs9e3cUykKiKXTWt2sCLZ8suQ66HYC6bo6v8PPwLuzW_q9zle9TMF33HNyiIvnk20kFB5dA061DUI0b2AgzQJcHBrXFzayKsE3O9vLwrOYH_MrJcjzNcbt35yto27VtSt1jWJnR5wRW8CUPZZdMzkmLIPzaR0QAHf8pHL8zj9Q7IyDQgbETYJE3RCvZpORu2UMxC-R6Pf0OjpG-NhWzWUwpp3bsaXuU4SI4j0I1qnn62Q1no07cRIxf922OEz4NiOCEVFOsQV2MKRA&icons=41Vl0KeyelWMrASJD2-CxeYbhPBZsAlGg2-Hcdh6H52sPLdZIHxBfAHzd7jQmPNdhy1LM2g1QaMBMvPSnCo_MBsHrsvHE0qUYBJssH4xPNeK87dw0xKhYPNc9V3s8FIjMgf-OJvbGjcNg9vJkg_oydwKtQLnxuibyUhSFsBHvaA-dMgvOA&ext_cid=323&px_id=53418774&min_cpm=0.009974375496526893&out_id=1&campaign_type=lq-pop&aid=3335&cid=13433&uniq=&mid=7438013883287319859&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.027146239852552757&cpm=0&verify_hash=c440ab4a258a4bdfd69f7f6f749bfe24&is_native=2&real_bid=0.002510899996757522&original_bid_usd=0.0034&original_bid=0.0034&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F127.0.0.0%20Safari%2F537.36&ip_mismatch=2a00:1630:2:1c02::6&geo=NL&carrier=-&label_ids=89,4,20,27,108,0,83&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=1724058230&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0034&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0000033999999999999996&ext_campaign_id_str=323&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=750977b9-c3ce-4cd6-8768-5b8a32cfe1ff&prev_step_diff=718
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 09:03:51 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 /
1e1ba311bb.58be2b4fa2.com/in/show/ 0
200 B 28ms
28ms Image
text/plain 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1e1ba311bb.58be2b4fa2.com/in/show/?tag_ab=d&site_id=31418774&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.my%2Fd%2FP%257C88y%257C0oVDj&refdom=poop.my&auction_time=1723885430&subid=357529620&sid=2161834409&tcid=0&ver=8.182.1&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-08-17&iabcat=IAB25-3&keywords=&user_fp=8347256469451684417&score=64.94435259335151&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.my%252Fd%252FP%25257C88y%25257C0oVDj%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=07b8e108480261aa461ea17744e15f54&url=https%3A%2F%2Fpush1004.com%2Fc%3FbidId%3Dpush_20240817090350_61697ca4_f19f_4d7e_9c32_7d2361c93788%26feedId%3D4166%26offerId%3D583106%26data%3D14b3RvQHdudG50bjBtdXFLPz5BQkYyOSh1aXtDNzY5Oj8ygm9MXYCMfGxtYzI5MzYnMGE7PEctWnh.hoozeDk4Yjo5LydJeXp3cWRzcVt6hkI1NDkxNzsmL1NRXlhYOS57eXx3M0dmZW5zLiZKcHt5eHE8P0FHP0JBMC8yI1dmbGh6cjlAP0Q8QkY3e4M9M2MzND83PTs5RD1GPnE-QktMSSZtY3FrQnRzNVdWN3p5SYBNQUBMJnRxeHZoa0Q7Oj48RERFQzZ6dlBwdnVrYzc2OTw5QjxDPUc-Q0ZCcjYyODw7aGc7Z287RHJsQnNHdnFMYzQ0YjtpODo.Om1EP0RGRzaGc3o9MShmbWlDOT1APUQ-QzR1eXVPRzE3OClzbmpEPUE9PDxDNHhzTkF8bWJpaHc0aWh1eWt0c3uBPnODd3R0anhseH4zOT0-O0E8QztAR0JLRjQxNzQ7PDk9Nnl4cjJ8foN9ToCCbmYoZ2puakQue29xcX9zgU2BgYJwL298Knh7aXtsfHRucoBueXVPRTE3Mzs3OTo3QQ__%26ds%3D1&icons=5dDOE5WeG5KbMnyW2ovxU78pec-LCV8gZAxHm_388PYCXTuo9gL2rDBHpnphHoIY5_uhMbiCFtTTPh5CkvTeFDJEFyxUjflMP09QLjrI61jLe3-JHXFj0c4J06bpHtJddLEYTzU8Tc4_3xjCKZAVZa0tx5LlvFE2_JBgcEPuvdpjG4NwXJ7aP96lR-RizrCqJ3LdVty1B_ncJGNMSL_c9_HBx3oQAQ6lI1JSlUTJnkxmlX_WXuGzuwuok-PIzK954iPNpRIMpCRNEVCsFmTnx68o0I8knkIU2WrWkIKe7KTVPaVzP_vmjWB0Lsyt500ThxtsGwSMFBGhamj2t9J1TyGYm3zl4bYeacnnWiPV5q2bBPQo91jAMC1rVkBS0H-H0Fyi_J7V6ffvW885b8JlVWBJsIGn1hUbjxzY0mwaJRyhNUnsLo17niyBRmru8Ocl3F8IEg5z0oT3D673uKtrTYpy3bilbNU_ArUWWEe7pw89TtO8vBC_IjY2MnZniqlwmEPeKjhiaRhx72WhBlVN5ge1dgqtO8pMQjdWhW1MaGk_XOe6SgWhMAOqfOjXTaTmT0URsRFp_NKqOVpgvl3uljcRPDzPNiGe8BbWCu4u-kZXPKWFTGXXAhBOvnE41CasFhcD9aBx_yDvmf72CFXrFm0l7ADWW6xLfsgtXQW4MNEPKL9y5sTyrP7W-AqWIcptq5xDdUJncVHRM-VD4nfFwIvr_iACu6DqsAZSRYyEx2z7xnfqJ_x4LYm5B5EZZ2-OLhB8a16dGY03EckjefWXApGZ9lP6rRQ9gyYN__IvvDTNrLhTcGLbiaw6noNeIgPi4NatVIM1S21pZTJ1xmcohpcarlJ40zDLMH1Es7WIqg2y_GKT7WRQ6VG9w0AyBJw35qyyABY5P-HrxzhbJGRcjz2Mv6rEhRVfmMFVLyIs6NTJwfYUHz-yCXf6wVkvvGVHQUT94XbrGefJ_u_WfYTD7w&ext_cid=0&px_id=31418774&min_cpm=0.039651717553539044&out_id=0&campaign_type=mq&aid=255&cid=18356&uniq=&mid=7438013883287319859&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.140971201047069&cpm=0&verify_hash=012315cbb76ffebb3996392e184064fc&is_native=1&real_bid=0.00328&original_bid_usd=0.00328&original_bid=0.00328&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F127.0.0.0%20Safari%2F537.36&ip_mismatch=2a00:1630:2:1c02::6&geo=NL&carrier=-&label_ids=101,4,83,93,11&need_redirect_show=0&applied_features=main-skins-settings,coef_098&show_count=1&expiration_timestamp=1723971830&image_url=https%3A%2F%2Fs7feh.top%2Fimages%2Fcampaigns%2Fcreativity-image-2561606-1719340517736.png&site=native-push-adult&price=0.00328&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.00000328&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.02&cpa=72dfa772-cbf9-494e-b785-7bc1da691852&prev_step_diff=718
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://poop.my/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Aug 2024 09:03:51 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H3

200

creativity-2561606-1719340517736.png
6g2p0.top/images/campaigns/ Frame C101
Redirect Chain

https://push1004.com/d?bidId=push_20240817090350_61697ca4_f19f_4d7e_9c32_7d2361c93788&offerId=583106&feedId=4166&data=14b3RvQHdudG50bjBtdXFLPz5BQkYyOSh1aXtDNzY5Oj8ygm9MXYCMfGxtYzI5MzYnMGE7PEctWnh.h...
https://6g2p0.top/images/campaigns/creativity-2561606-1719340517736.png

15 KB
15 KB

62ms
27ms

Image
image/png

172.67.173.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6g2p0.top/images/campaigns/creativity-2561606-1719340517736.png
Protocol: H3
Server: 172.67.173.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e16d82cab8628a3d3e9f92eff405b061c29d378c350ddc0320c095514b594f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 09:03:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1077
age: 4543576
cdn-cachedat: 06/25/2024 18:41:49
cdn-pullzone: 283898
alt-svc: h3=":443"; ma=86400
content-length: 15096
last-modified: Tue, 25 Jun 2024 18:35:17 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "667b0de5-3af8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SXLGXaqSN1fy6zAJFx2yN1zDMGBBCo%2FqNfZCJqGwUZgfAc81RPKPl1fQPdwoePrmwcEY7nHHuRY94EhhopcRDLTs%2FDJuYcJQbJq%2FeshMrAG%2B9sCvtO4OyysizII%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cdn-cache: HIT
cdn-uid: 10270df6-3a78-4ee3-9e7e-62f57a8521e8
cache-control: public, max-age=31919000
cdn-requestid: 51c4daa69610eb84966e312e713184ec
accept-ranges: bytes
cf-ray: 8b487e4879a80b70-AMS
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Sat, 17 Aug 2024 09:03:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UMjBGmA2wsONL6sLgSadmrTFfrm96WEMcq0yF29yCUjLhn%2Fg4WwUGBbotFME7FeiXCSl2i95%2BBzFrh7GkmuxrrXjXBg5l1CZC8rBnT7S%2FCW5Zoe4k90qJAmbnPp2NM4%3D"}],"group":"cf-nel","max_age":604800}
location: https://6g2p0.top/images/campaigns/creativity-2561606-1719340517736.png
cf-ray: 8b487e4819f76612-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ Frame C101 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/uIg2JWeXU.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/jENW1Qm12.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/N9O3cU29I.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/oBiBZAzY1.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/TlxyJ.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/DErv0.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/u2jg0.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/MH4wu.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/xCYCeqqKf.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/csuNImgwP.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/yAhPw3dcB.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/loAjM60GB.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/QKNrwpgjf.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/MVeEHwPYM.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/HX7VV6XPb.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/VTIeqWtGO.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/hNcS3.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/n5jAo.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/dwCuH.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/oz4e51tgB.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/sZdwo.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/gmFiC.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/h5qZy2rLz.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/SCP5iwBlt.jpg

Domain: cdn.poop.gold
URL: https://cdn.poop.gold/vnrc3.jpg

Domain: poophd.com
URL: https://poophd.com/theme_2/fonts/avertastd-black-webfont.woff2

Domain: poophd.com
URL: https://poophd.com/theme_2/fonts/avertastd-regular-webfont.woff2

Domain: poophd.com
URL: https://poophd.com/theme_2/fonts/avertastd-bold-webfont.woff2

Domain: poophd.com
URL: https://poophd.com/theme_2/fonts/avertastd-black-webfont.woff

Domain: poophd.com
URL: https://poophd.com/theme_2/fonts/avertastd-bold-webfont.woff

Domain: poophd.com
URL: https://poophd.com/theme_2/fonts/avertastd-regular-webfont.woff

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Ab5oB3oy08ZO8JMIBWndo0uV-Mqfqs8SaPj7RFWZynsZ6aRfRFIvfeT6az6pSm1-ijQXXG1aFdfArQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S906913498%3A1723885430781212&ddm=0

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.poop.my/	1970-01-21 08:27:25	Name: _ga_RRBBHD087X Value: GS1.1.1723885429.1.0.1723885429.0.0.0
.poop.my/	1970-01-21 08:27:25	Name: _ga Value: GA1.1.450754848.1723885430
fp.metricswpsh.com/	1970-01-21 07:37:01	Name: id Value: 558040172158834526

37 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://poop.my/d/P%7C88y%7C0oVDj Message: Access to font at 'https://poophd.com/theme_2/fonts/avertastd-black-webfont.woff2' from origin 'https://poop.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://poophd.com/theme_2/fonts/avertastd-black-webfont.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://poop.my/d/P%7C88y%7C0oVDj Message: Access to font at 'https://poophd.com/theme_2/fonts/avertastd-bold-webfont.woff2' from origin 'https://poop.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://poophd.com/theme_2/fonts/avertastd-bold-webfont.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://poop.my/d/P%7C88y%7C0oVDj Message: Access to font at 'https://poophd.com/theme_2/fonts/avertastd-regular-webfont.woff2' from origin 'https://poop.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://poophd.com/theme_2/fonts/avertastd-regular-webfont.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://poop.my/d/P%7C88y%7C0oVDj Message: Access to font at 'https://poophd.com/theme_2/fonts/avertastd-black-webfont.woff' from origin 'https://poop.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://poophd.com/theme_2/fonts/avertastd-black-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://poop.my/d/P%7C88y%7C0oVDj Message: Access to font at 'https://poophd.com/theme_2/fonts/avertastd-bold-webfont.woff' from origin 'https://poop.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://poophd.com/theme_2/fonts/avertastd-bold-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://poop.my/d/P%7C88y%7C0oVDj Message: Access to font at 'https://poophd.com/theme_2/fonts/avertastd-regular-webfont.woff' from origin 'https://poop.my' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://poophd.com/theme_2/fonts/avertastd-regular-webfont.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cdn.poop.gold/TlxyJ.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/DErv0.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/oBiBZAzY1.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/jENW1Qm12.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/uIg2JWeXU.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/N9O3cU29I.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/loAjM60GB.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/MH4wu.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/yAhPw3dcB.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/xCYCeqqKf.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/csuNImgwP.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/u2jg0.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/n5jAo.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/MVeEHwPYM.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/VTIeqWtGO.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/HX7VV6XPb.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/hNcS3.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/QKNrwpgjf.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/SCP5iwBlt.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/oz4e51tgB.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/sZdwo.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/gmFiC.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/dwCuH.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/h5qZy2rLz.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.poop.gold/vnrc3.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1e1ba311bb.58be2b4fa2.com
6g2p0.top
6v8hi.top
a.magsrv.com
accounts.google.com
cdn.poop.gold
cmpuwps.com
dbefaaec33.701ad069e2.com
fp.metricswpsh.com
js.capndr.com
js.wpadmngr.com
js.wpushsdk.com
metrolagu.cam
na.nawpush.com
nereserv.com
poop.my
poophd.com
poophd.net
push1004.com
region1.google-analytics.com
s.magsrv.com
s7feh.top
static.bookmsg.com
storage.multstorage.com
www.googletagmanager.com
accounts.google.com
cdn.poop.gold
poophd.com
157.90.84.242
172.67.132.168
172.67.173.30
172.67.174.51
172.67.197.29
188.114.96.3
188.114.97.3
2001:4860:4802:34::36
2a00:1450:4001:80b::2008
2a01:4f8:252:561a::2
2a01:4f8:c0:2306::1
2a02:6ea0:c700::112
45.133.44.25
45.133.44.52
45.133.44.53
94.130.198.6
95.211.229.245
0ebfbcbf3457da6d378a665bc6305a2c7264256ffbdd01be7ccbb91a45710d89
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
226a3f157cec14436e520e334118e78c510976c95203c4ec85e1d83b2acd027b
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee
2a4930e9d642f92fa1ca93d52b411fb266019a1d676d609edf2fcfe16b7f596c
2c2aa4a95a514a5e9aa7878ac8e2abe38697a64167409304b7e77dd7bdba09cd
306ccfd86e2e79db46e84e2038aad703bd5720e8343cb595b10f9faef5ce3c52
3457e947ac355011147064835d8b0626065a90620c8027a518fe56dfdba793aa
43c93ca8634435484081a05e5a96cda9f4d5f8d045ac30e361ab58c308638fa9
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
53e16d82cab8628a3d3e9f92eff405b061c29d378c350ddc0320c095514b594f
5f2ba3f358a1bee2436a60671f19180a8d223284db002011fe2695ef844b6121
62e5c84fc6784fa515a9202ba8d9fad57774342062b9e2d8bc719631b9f29548
76368a31b10d4f97e44db818739bebf239a189ba0886a9a6fbe5c34a6284fcc3
8f317e2e66d2069d81ed96acacfb92649a11457b7e31ea576279aa4c10a006fa
98eb316ae0a3778852d3250a0ccf059796577463b78d14661c6f5da33d17c7a0
a6710b726eb2163741b7afb141586f4155823165469165d7e53a7b72a28b6a4a
b1909fac42d1567844e57d6cfa6f9e91bf2d82a2e0c94da67017120ff0c99672
b641ac6759b2c43b856210feeb832a6a68cc83248791115458ba7f5243b6cc62
b7c405dd3b9111861bc703dc29de3baac07410b2328701cff30f7c20da87809a
cfc42f18c9a19a7b9819c0df62e5e58c3b2f59b8db33798e66b9c1a70b80e875
d3dedcb9f00cf65007003b75095e223c7e08c19160a6319b0d6fd7138d8f997e
dc381287c90b529ae45e8cc1add50e9abf83a1dd4aa28cb4db7e50a95e3329d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8

poop.my Open in urlscan Pro 172.67.197.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

52 %HTTPS

29 %IPv6

24 Domains

25 Subdomains

18 IPs

3 Countries

546 kBTransfer

2018 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

poop.my Open in urlscan Pro
172.67.197.29 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

52 %
HTTPS

29 %
IPv6

24
Domains

25
Subdomains

18
IPs

3
Countries

546 kB
Transfer

2018 kB
Size

3
Cookies

73 HTTP transactions
2 data transactions