poo.phd Open in urlscan Pro
2606:4700:3030::6815:4001 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/NazoWlgENY
Effective URL:
https://poo.phd/e/38sdp1hqb7ms
Submission: On December 24 via manual (December 24th 2024, 3:17:41 am UTC) from MY — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 21 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3030::6815:4001, located in United States and belongs to CLOUDFLARENET, US. The main domain is poo.phd.
TLS certificate: Issued by WE1 on December 20th 2024. Valid for: 3 months.

This is the only time poo.phd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3033::ac43:80ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3035::ac43:a8ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3030::6815:4001	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:c87b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::6815:3a32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:1ef2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
4	167.235.163.216 167.235.163.216	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
8	2a01:4f8:c0:2... 2a01:4f8:c0:2343::2	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	2a01:4f8:c0:2... 2a01:4f8:c0:2306::1	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2	2a02:b48:8300... 2a02:b48:8300::24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
2 2	2606:4700:303... 2606:4700:3033::ac43:b9ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
41	17

1 162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:80ab (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dood.cm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

poophd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:a8ce (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

poop.skin	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:4001 (United States)

ASN13335 (CLOUDFLARENET, US)

poo.phd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:c87b (United States)

ASN13335 (CLOUDFLARENET, US)

dx4.poopstream.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

berlagu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:3a32 (United States)

ASN13335 (CLOUDFLARENET, US)

ax4.poopstream.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

ff2f72443e.096f5e98aa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
13741674c3.198636861c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:1ef2 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.multstorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Ismaning, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 167.235.163.216 (Bühl, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.216.163.235.167.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a01:4f8:c0:2343::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)

1d4b4f7bc7.36e0626972.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:c0:2306::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)

enrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:b48:8300::24 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:b9ab (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

p.a64x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

gfxdn.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	36e0626972.com 1d4b4f7bc7.36e0626972.com	23 KB
5	096f5e98aa.com ff2f72443e.096f5e98aa.com	251 KB
4	gfxdn.pics gfxdn.pics — Cisco Umbrella Rank: 35583	15 KB
4	nereserv.com nereserv.com — Cisco Umbrella Rank: 31261	801 B
3	poopstream.co dx4.poopstream.co — Cisco Umbrella Rank: 90365 ax4.poopstream.co — Cisco Umbrella Rank: 91207	8 KB
2	a64x.com 2 redirects p.a64x.com — Cisco Umbrella Rank: 41236	1 KB
2	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 41152	2 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 34091	426 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
2	poo.phd poo.phd	6 KB
1	enrtx.com enrtx.com — Cisco Umbrella Rank: 53053	4 KB
1	198636861c.com 13741674c3.198636861c.com	225 B
1	multstorage.com storage.multstorage.com — Cisco Umbrella Rank: 29614
1	berlagu.com berlagu.com — Cisco Umbrella Rank: 111509
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
1	poop.skin 1 redirects poop.skin	480 B
1	poophd.net 1 redirects poophd.net	476 B
1	dood.cm 1 redirects dood.cm — Cisco Umbrella Rank: 123913	475 B
1	t.co t.co — Cisco Umbrella Rank: 904	808 B
0	google.com Failed accounts.google.com — Cisco Umbrella Rank: 17 Failed
41	21

	Domain	Requested by
8	1d4b4f7bc7.36e0626972.com	ff2f72443e.096f5e98aa.com poo.phd
5	ff2f72443e.096f5e98aa.com	poo.phd ff2f72443e.096f5e98aa.com
4	gfxdn.pics	poo.phd
4	nereserv.com	ff2f72443e.096f5e98aa.com
2	p.a64x.com	2 redirects
2	static.bookmsg.com	poo.phd
2	fp.metricswpsh.com	ff2f72443e.096f5e98aa.com
2	region1.google-analytics.com	www.googletagmanager.com
2	ax4.poopstream.co	poo.phd
2	poo.phd	t.co static.cloudflareinsights.com
1	enrtx.com	ff2f72443e.096f5e98aa.com
1	13741674c3.198636861c.com	ff2f72443e.096f5e98aa.com
1	storage.multstorage.com	ff2f72443e.096f5e98aa.com
1	berlagu.com	poo.phd
1	static.cloudflareinsights.com	poo.phd
1	www.googletagmanager.com	poo.phd
1	dx4.poopstream.co	poo.phd
1	poop.skin	1 redirects
1	poophd.net	1 redirects
1	dood.cm	1 redirects
1	t.co
0	accounts.google.com Failed	poo.phd
41	22

This site contains no links.

Subject Issuer	Validity	Valid
t.co E6	`2024-11-26` - `2025-02-24`	3 months	crt.sh
poo.phd WE1	`2024-12-20` - `2025-03-20`	3 months	crt.sh
dx4.poopstream.co WE1	`2024-12-19` - `2025-03-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
berlagu.com WE1	`2024-12-22` - `2025-03-22`	3 months	crt.sh
ax4.poopstream.co WE1	`2024-12-19` - `2025-03-19`	3 months	crt.sh
ff2f72443e.096f5e98aa.com R10	`2024-12-21` - `2025-03-21`	3 months	crt.sh
multstorage.com WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
13741674c3.198636861c.com R11	`2024-12-21` - `2025-03-21`	3 months	crt.sh
notification.tubecup.net E6	`2024-11-07` - `2025-02-05`	3 months	crt.sh
36e0626972.com E5	`2024-12-20` - `2025-03-20`	3 months	crt.sh
puwpush.com R11	`2024-10-30` - `2025-01-28`	3 months	crt.sh
static.bookmsg.com R10	`2024-12-01` - `2025-03-01`	3 months	crt.sh
gfxdn.pics R11	`2024-11-30` - `2025-02-28`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://poo.phd/e/38sdp1hqb7ms
Frame ID: CB060FFCBAA5017FFD3009F193B035EF
Requests: 31 HTTP requests in this frame

Frame: https://berlagu.com/jembud/736d37627168317064733833
Frame ID: 62BE7D491ADA40BF58EA82A6F10B1854
Requests: 1 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 68678FB2252E2D1FFBCE9480247DD4A1
Requests: 1 HTTP requests in this frame

Frame: https://gfxdn.pics/m/p/0/883/883210/conversions/hpVYBda4-in-page-ad-icons.jpg
Frame ID: A109B114AC4430B2BEF55CEC1DD737E4
Requests: 2 HTTP requests in this frame

Frame: https://gfxdn.pics/m/p/0/883/883208/conversions/M4Y7kv1Z-in-page-ad-icons.jpg
Frame ID: 70961BCC61020BDBB2458C6433EFD008
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Erin Bugis Viral!, Main Di Mobil Sama Gurunya 1 - PoopHD - PoopHD

Page URL History Show full URLs

https://t.co/NazoWlgENY Page URL
https://dood.cm/e/38sdp1hqb7ms HTTP 301
https://poophd.net/e/38sdp1hqb7ms HTTP 301
https://poop.skin/e/38sdp1hqb7ms HTTP 301
https://poo.phd/e/38sdp1hqb7ms Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

41
Requests

90 %
HTTPS

75 %
IPv6

21
Domains

22
Subdomains

17
IPs

5
Countries

426 kB
Transfer

1465 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/NazoWlgENY Page URL
https://dood.cm/e/38sdp1hqb7ms HTTP 301
https://poophd.net/e/38sdp1hqb7ms HTTP 301
https://poop.skin/e/38sdp1hqb7ms HTTP 301
https://poo.phd/e/38sdp1hqb7ms Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP98HNfiQtmPeUP0muPiak-llpvaHQ-Ycq7-1b6wgGB40exQk5c4PuR022Svr0m5HpaWdN26Pkg HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP982awOuVmpJ8yZRMi4v69OZD6RyN2Svkl6rU15JjeSdLN7XmOyLds19AG5ySHmHSdE4fAtuzA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1493313475%3A1735010257616873&ddm=1

Request Chain 31

https://p.a64x.com/in/tip_shows/?katds_ep=PiFcp62s_sJdQCkPltBRhRgD7nbuIeq0g3fq9eMsff5cM8TEbKE452qGxHK4yOfEY28X3DgCIjxlvtbFRmO34hiQKAyUF8y_3Wz_KYKAd18FZbqHMfi4O1Jlm0vt7nvWeCByFFpZzJbwIY8-RxD7idpI7OWlDUnakSFU4glGe_HNaGo7Yv4lEItaOicPeJNNVq-7msfNqxdOM2WdcD6YPqTIPJaj_GVgtBw6AmOQ6QJ1I-KzCDqNN2cgALkT1WcLKhvXZkL1w-xJwpq2EacKgZDiqf6lLzQpzSYZCJhxcxBquDo2i1nIhC89qDDl3YAKJs-1ti7CTBehgNYUxOY5X9XRzWIb2jYBMOM7BD4EuKlVF3AYNdkfJXsxl84KuTEPvoQrPiXFcIQ10Wgd8EHBsfVz7VjonmWIotCKCYXzSFvD_wAWxjLis2wBs1L89JW4YebqPliPtfzcDOuAVmXaYbBdPqw5CxfmrYThLVkvIoW2sL1WZkgLI12eRUGRdFY6hN5CFsqFpGaXat9eVhdQT2mrxe5ymy3MHJA6Ef6shAxUN_STDJ1UMQsuuhCChi8kvuMrn_dKkAxXZLS713LcQ8rj4kuiwvp4SJTIxSJpZxAXMyd6LjoWEvnsSASW8ANUXJaODX7Qywvx8RVNB-_yDXDDBtX6qvzDsL7ybWgOPu4BTOSUQTd3ju59Vku4Rpz5Yq9mKAjhFL8EC0AvqntrSfg6hLrHyWpMSlUsmLSHAV_ipGV4W04MHNzhqCO17w0RrUQtiEmabflNtTxxH7ZW_mtbS0s9BccdJt9A-hbQgh6eyzZYdZBgxvOK9ZHEPZjzArlN-TgdGnGDRzRIjE2ekrXs2hY1AHTzMqfdTpEwnJ-8KM0-rsk0du9dROI56Ij-2WTZ_zAdw3UxyTX4CzM0OLZoQ7klG39eLXby1Da4-48eqRQF3IEcPXjHx6ocVN78jNCP4sTpJeZD9OXF2W0yMrk8v0vH_pA&bid=0.0064666780738695286 HTTP 302
https://gfxdn.pics/m/p/0/883/883210/conversions/hpVYBda4-in-page-ad-icons.jpg

Request Chain 35

https://p.a64x.com/in/tip_shows/?katds_ep=OT0pSfPt8LvROCPw0j3pbZnaPF77U_FHf8DPetZi3HfZUlT7eNpqEqqJNYIc1_C8jYqsFdko3IO89nziGjYyNHrjbLxQKETVCSAgI-uUf4d9iOpuE8wiGVkfxdNSHJr5dSTnw2IQ2SUjscky2tZy5r031GJ6cK0FeCAfNVe8PUegAoHTS8HFxtUle_jE-rSfyH52s2Nj0WgWmGskQQw1OqfjQCnkF6wFHDBEDmCpTwFv2SIq69sG5Q-3LnN-FTe0nph_SUIxtcPg_qXhRW77dQQ8rkK4E1joPKOcenkjXnPGUnm4rB6b0DKsJqtKa36zjFukVuLFZtwDDT6mlxjptb0ZrcHkgJAP0m0b4nUlB_yl6tUlJ0d-MQlILLnOLzkYyxsgP77G2_Jgrr5OzyRxF_sj6duvM0iroFa902DfAsuj6PWVdscEb6OjYYM5ECHeWxZhaiD4JrIYE9v7ZmQI_nYtZKlMf3XJiKLp-rHkW6rwz7NLV2VFVG-EaQ7bnPP3Z0f8IDUo9SQbmBeNfRtq1P2n9dOXhT2waWAVR3BhNCVQbpfX4pGTfN4kY6GMe2i89y64vOFEd_Y1pmbzvBCn43w1bUWYFoCW94tRU6tJjl2V3nILK3EEB0K91zkbF42JcToZXMkrWLu3gOgne1DKoOdjGBdPWkKnJH1fWbcSFITcj-xYn0K0FHKEVM0zJc-zF0F1V9rHddf5fdJaGHFCOfPX_Ph3eAZo7TEUbU76j-l36mEXZkJWVXN8M8ssCcrIZ_JJRz1zauOQyguIZmSu8uIgXAHkGuxQmVBw-y5w5d90UGLobUfdwkF6F27VvTI0mqJH1l6WXGPhMBURos8OxMks38_nGFXzcUHsePNHIZQbMqCxTILByKga9cGZUkzHSWvn1YVqH4oxR7lwu47VKI-iIGhuX4kc7veiur74aajCyeHUMS5bwJ3ypElyy_16yGa1V6JGoQmAfNA-vXCOJ0xGfzC2JrA&bid=0.005431947457425478 HTTP 302
https://gfxdn.pics/m/p/0/883/883208/conversions/M4Y7kv1Z-in-page-ad-icons.jpg

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 NazoWlgENY Show response
t.co/ 246 B
808 B 223ms
152ms Document
text/html 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/NazoWlgENY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_o /

Resource Hash

80165e06a75a3cb294bd71ccc729cdf953364e87bce88f3d8f08bc359c3b9ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private,max-age=300
cf-cache-status: DYNAMIC
cf-ray: 8f6d706f9ff09f1f-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 24 Dec 2024 03:17:35 GMT
expires: Tue, 24 Dec 2024 03:22:35 GMT
perf: 7402827104
server: cloudflare tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 4c13bfb1c0e47c843a46f7755e0324ccf4e5f46143b32feeef0339b46d59dcaa
x-response-time: 107
x-transaction-id: 64cf80f425789a76
x-xss-protection: 0

GET
H2

200

Primary Request 38sdp1hqb7ms Show response
poo.phd/e/
Redirect Chain

https://dood.cm/e/38sdp1hqb7ms
https://poophd.net/e/38sdp1hqb7ms
https://poop.skin/e/38sdp1hqb7ms
https://poo.phd/e/38sdp1hqb7ms

11 KB
5 KB

433ms
366ms

Document
text/html

2606:4700:3030::6815:4001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://poo.phd/e/38sdp1hqb7ms
Requested by: Host: t.co
URL: https://t.co/NazoWlgENY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13490022ca8b3c3937341cc48efdbd346e7c43670e4bcaec7e0653dd63f19325

Request headers

Referer: https://t.co/NazoWlgENY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate
cf-ray: 8f6d70726bd4dc86-FRA
content-encoding: zstd
content-type: text/html;charset=UTF-8
date: Tue, 24 Dec 2024 03:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GUq6hmDXNFYoHY9R9SeNLZjOkXIA1jPjxQEJKWNGgYvDSE95MKaAThYQA2RDJaZkiMCz3f%2Fe5PdLYXTLEKJDlcF6pwJl2Fk5EQFMKKglqdLLwS16NxxERUcE4Rt3%2B9OKq%2Fc%2Bvlvk"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=23557&min_rtt=21787&rtt_var=4419&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3990&recv_bytes=2380&delivery_rate=168913&cwnd=253&unsent_bytes=0&cid=175abb3d7e40136a&ts=369&x=0"
vary: Accept-Encoding

Redirect headers

cache-control: max-age=3600
cf-ray: 8f6d7071cdcad284-FRA
content-length: 167
content-type: text/html
date: Tue, 24 Dec 2024 03:17:35 GMT
expires: Tue, 24 Dec 2024 04:17:35 GMT
location: https://poo.phd/e/38sdp1hqb7ms
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3VKIJcAVq9Av33GNvCt9ZajpcQUgUBfZx8ga%2B2y056ivrh29dhF1B8uhz8vpbzZ%2BfwaJKtt2DGTbGODhtuCYgGxRYX2s1EqX7Vp3LQEA3ZAgCn3SMffO7iWmHMANytlddKy9%2FXjc%2B%2FE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 YUZLUkUhQ.jpg
dx4.poopstream.co/ 5 KB
6 KB 400ms
319ms Image
image/jpeg 2606:4700:3037::ac43:c87b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx4.poopstream.co/YUZLUkUhQ.jpg
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c87b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04c2ddb8efff611d743e48266830865b4a40272524bdbf20770f544bd206f912

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: max-age=1200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "750e9c7b749cd9f8016d957b586fe3ff"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SGyoKKejU3P2yEili%2FSwT2TsXlbVlOixYOmcAkGlsMu%2BlopBb1rfpcFz56vv7nkbxZdkjlRVdN2QLL%2BTR5gEPIqN4VjbxNWn7Bl7Z%2BwLpbdtcp93LqTY7AXT%2B85z8X1QtvU%2FcGvS62LTvXUVOt2jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6d70753ef2d2ea-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21087&min_rtt=20477&rtt_var=4046&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4255&recv_bytes=2228&delivery_rate=181230&cwnd=253&unsent_bytes=0&cid=c771e0714126580e&ts=319&x=0"
content-length: 5419
date: Tue, 24 Dec 2024 03:17:36 GMT
content-type: image/jpeg
last-modified: Wed, 02 Oct 2024 04:50:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 105ms
47ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X

Requested by

Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f68900edbb1a1d7a042e67072f184a95449bf3dc1840b790214f76fb47408ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 24 Dec 2024 03:17:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 03:17:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109866
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 95ms
48ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://poo.phd
Referer: https://poo.phd/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8f6d70751a8f6916-FRA
access-control-allow-origin: *
date: Tue, 24 Dec 2024 03:17:36 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 736d37627168317064733833
berlagu.com/jembud/ Frame 62BE 0
0 397ms
362ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berlagu.com/jembud/736d37627168317064733833
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://poo.phd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 8f6d7075080503e0-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 24 Dec 2024 03:17:36 GMT
last-modified: Tue, 24 Dec 2024 03:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkvm1Ya7rxdy1ihS6oIEORFUCxMJ5SXidGLXAia8510AH56uvEh5OE%2FSG8WY8jw3cFUvLfxv4JNszSmOfZ54D6vHefwLbIwkR89VDX0JClVB40Z%2B7UDbsRlaiVW9BwElXI1qt6np8xA6vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=22130&min_rtt=21886&rtt_var=3810&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4165&recv_bytes=4451&delivery_rate=587&cwnd=12000&unsent_bytes=0&cid=e65acbc402376b16&ts=365&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H2 200 play.svg
ax4.poopstream.co/ 633 B
1 KB 116ms
32ms Image
image/svg+xml 2606:4700:3031::6815:3a32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ax4.poopstream.co/play.svg
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: max-age=1200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"85f08506e5a64050719e7e18a26cd9c4"
age: 179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BZ%2BJ9O4Bc8%2B6d09KgZ4p9Kz0xjyM2ZNCqdHtn7PGEahLIYD4W5EbFCPQzcy%2FhqC6yZ66c31JYKN0RV%2BQJXT62HFFiyiAoR7eU2ilW6yQUTqG%2BEVm01KgJ9eWkNISFqPt4gQzK%2Fx2bN5JYergc98PmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6d70755dc29f40-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=22329&min_rtt=22229&rtt_var=4785&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4248&recv_bytes=2192&delivery_rate=179096&cwnd=253&unsent_bytes=0&cid=09da9ac6ac6c63de&ts=37&x=0"
date: Tue, 24 Dec 2024 03:17:36 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Mar 2024 17:17:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 6f4b2a54e91bf3328c4804b0022fa8bc.js Show response
ff2f72443e.096f5e98aa.com/ 119 KB
37 KB 364ms
115ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://ff2f72443e.096f5e98aa.com/6f4b2a54e91bf3328c4804b0022fa8bc.js
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 78c30b418896961856ee26e09ac3990b9e790852ad1333a0d30e8ede9f771a6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://poo.phd
Referer: https://poo.phd/

Response headers

cache-control: max-age=300
content-encoding: gzip
etag: W/"6751bce7-1dc9f"
expires: Tue, 24 Dec 2024 03:22:36 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 03:17:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 05 Dec 2024 14:47:03 GMT
server: nginx/1.18.0
x-cdn-host-id: ds8138

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 92ms
31ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je4cc1v9167878827za200&_p=1735010256119&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1766285749.1735010256&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735010256&sct=1&seg=0&dl=https%3A%2F%2Fpoo.phd%2Fe%2F38sdp1hqb7ms&dr=https%3A%2F%2Ft.co%2F&dt=Erin%20Bugis%20Viral!%2C%20Main%20Di%20Mobil%20Sama%20Gurunya%201%20-%20PoopHD%20-%20PoopHD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=838
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://poo.phd
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 03:17:36 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 114039 Show response
ff2f72443e.096f5e98aa.com/07557227fd54c4c8c20d7f6360c8e253/ 4 KB
4 KB 117ms
117ms XHR
application/json 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://ff2f72443e.096f5e98aa.com/07557227fd54c4c8c20d7f6360c8e253/114039?version_name=b&domain=poo.phd
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/6f4b2a54e91bf3328c4804b0022fa8bc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 70d5367070d0a06ffb2dcd0272a5d335dcda2fae4b7d983299d075ed4faa7e18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: max-age=300
expires: Tue, 24 Dec 2024 03:22:36 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 03:17:36 GMT
content-type: application/json
server: nginx/1.18.0
x-cdn-host-id: ds8138

GET
H3 200 count.html
storage.multstorage.com/log/ Frame 6867 0
0 77ms
41ms Document
text/html 2606:4700:3032::6815:1ef2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.multstorage.com/log/count.html
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/6f4b2a54e91bf3328c4804b0022fa8bc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1ef2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://poo.phd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f6d7079df744d58-FRA
content-encoding: zstd
content-type: text/html
date: Tue, 24 Dec 2024 03:17:36 GMT
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O6M3Wc1Ap6EAfrfLGsO3FO3f240NwyP7t5W0bJ6uXizqr%2B%2BtRkip5QpVEBVmtmuRzUUNPaUF%2BFEl%2FtroPdVp6IYFdU3GKHZRsgxIrk6mJZab%2B8dqnGKIFLapz0a7h625%2B2q7olinEcbqiYV%2FTX3GbbGPfPwvpw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=23491&min_rtt=23374&rtt_var=8848&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4097&recv_bytes=4309&delivery_rate=129274&cwnd=12000&unsent_bytes=0&cid=9bd8d5f11d2c0941&ts=46&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-request-id: 12ef7e9303fe41e1dfcaf68e15fcb379

GET
H2 200 track Show response
13741674c3.198636861c.com/in/ 0
225 B 464ms
218ms XHR
text/plain 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://13741674c3.198636861c.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzg5MjcwODAzMTAzMDQ3MzAwMCIsInRpbWV6b25lIjoxLCJ2ZXIiOiIzLjEzNi4wIiwidGFnX2lkIjoxMTQwMzksInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdXJvcGUvQmVybGluIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMTMsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0=
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/6f4b2a54e91bf3328c4804b0022fa8bc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Dec 2024 03:17:37 GMT
vary: Origin
server: nginx/1.18.0
x-cdn-host-id: ds8138
access-control-allow-headers: Content-Type

GET
H2 200 d040a586be123cee02fee37fcdd491bd.js Show response
ff2f72443e.096f5e98aa.com/ 186 KB
51 KB 349ms
117ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://ff2f72443e.096f5e98aa.com/d040a586be123cee02fee37fcdd491bd.js
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/6f4b2a54e91bf3328c4804b0022fa8bc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6f247d24254bc663a4b64c21b7a263c62d4d904df200566e7466902db93cc428

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: max-age=300
content-encoding: gzip
etag: W/"67697129-2e793"
expires: Tue, 24 Dec 2024 03:22:37 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 03:17:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 23 Dec 2024 14:18:17 GMT
server: nginx/1.18.0
x-cdn-host-id: ds8137

GET
H2 200 180046fa269b938f493f26f0eb8786c0.js Show response
ff2f72443e.096f5e98aa.com/ 105 KB
31 KB 622ms
390ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://ff2f72443e.096f5e98aa.com/180046fa269b938f493f26f0eb8786c0.js
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/6f4b2a54e91bf3328c4804b0022fa8bc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e2169889c4ed69b44773f6b1bba57b4b49c2b62a7690d4ce66a192809fc90332

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: max-age=300
content-encoding: gzip
etag: W/"67599e37-1a372"
expires: Tue, 24 Dec 2024 03:22:37 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 03:17:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 11 Dec 2024 14:14:15 GMT
server: nginx/1.18.0
x-cdn-host-id: ds8137

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 100ms
32ms Preflight 157.90.84.242
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=114039
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poo.phd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://poo.phd
Connection: keep-alive
Date: Tue, 24 Dec 2024 03:17:36 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 58 B
426 B 93ms
33ms XHR
application/json 157.90.84.242
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=114039
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/6f4b2a54e91bf3328c4804b0022fa8bc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: c87f2bdad497498d609266828219843734f4d1e74bf578b77e28086f1af4940e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: https://poo.phd/

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://poo.phd
Content-Length: 58
Date: Tue, 24 Dec 2024 03:17:37 GMT
Content-Type: application/json; charset=UTF-8
Vary: Origin
Server: nginx/1.20.1

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP98HNfiQtmPeUP0muPiak-llpvaHQ-Ycq7-1b6wgGB40exQk5c4PuR022...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP982awOuVmpJ8yZRMi4v69OZD6RyN2Svkl6rU15JjeSdLN7XmOyLds19AG5ySHmHSdE4fAtuzA&passive...

0
0

GET
H2 200 4894d0110b89942db19fbd70ce53df08.js Show response
ff2f72443e.096f5e98aa.com/ 539 KB
129 KB 132ms
132ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://ff2f72443e.096f5e98aa.com/4894d0110b89942db19fbd70ce53df08.js
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/d040a586be123cee02fee37fcdd491bd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e4458185d2dea4139a703f057349fa501847b1c44d6c18409b06d57883a996eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: max-age=300
content-encoding: gzip
etag: W/"67697125-86d8a"
expires: Tue, 24 Dec 2024 03:22:37 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Tue, 24 Dec 2024 03:17:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 23 Dec 2024 14:18:13 GMT
server: nginx/1.18.0
x-cdn-host-id: ds8137

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 113ms
33ms XHR
text/plain 167.235.163.216
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=05566b2f-5f4a-410a-bf70-2a8f72cdb43f&subid=388464194&sid=3734872506&spot_id=418776&created_at=2024-12-24&timezone=1&ver=7.368.0-b&is_native=1
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/d040a586be123cee02fee37fcdd491bd.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 167.235.163.216 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.216.163.235.167.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Dec 2024 03:17:37 GMT
vary: Origin
server: nginx/1.20.1
access-control-allow-headers: Content-Type

OPTIONS
H2 204 multy
1d4b4f7bc7.36e0626972.com/in/ Frame 0
0 111ms
29ms Preflight 2a01:4f8:c0:2343::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://1d4b4f7bc7.36e0626972.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poo.phd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Tue, 24 Dec 2024 03:17:37 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

POST
H2 200 multy Show response
1d4b4f7bc7.36e0626972.com/in/ 66 KB
11 KB 298ms
296ms XHR
application/json 2a01:4f8:c0:2343::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://1d4b4f7bc7.36e0626972.com/in/multy
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/d040a586be123cee02fee37fcdd491bd.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: d3c816c5d93d1c03a829e12f6123a6dfdf8ed45ed6d2396779ce7c2e3b3f32bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: https://poo.phd/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 10973
date: Tue, 24 Dec 2024 03:17:37 GMT
content-type: application/json
vary: Origin
server: nginx/1.20.1
access-control-allow-headers: Content-Type

GET
H2 200 dip Show response
nereserv.com/in/ 0
200 B 112ms
33ms XHR
text/plain 167.235.163.216
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=222620e8-3a2c-4cca-a40d-ba2416cfdb00&subid=357529620&sid=1284118272&spot_id=418774&created_at=2024-12-24&timezone=1&ver=7.368.0-b&is_native=1
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/d040a586be123cee02fee37fcdd491bd.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 167.235.163.216 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.216.163.235.167.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Dec 2024 03:17:37 GMT
vary: Origin
server: nginx/1.20.1
access-control-allow-headers: Content-Type

POST
H2 200 multy Show response
1d4b4f7bc7.36e0626972.com/in/ 66 KB
11 KB 271ms
270ms XHR
application/json 2a01:4f8:c0:2343::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://1d4b4f7bc7.36e0626972.com/in/multy
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/d040a586be123cee02fee37fcdd491bd.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 2711371827b9466f54134a529aa6b719dcd1dfc363c47731e2aab31239cf93e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: https://poo.phd/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 11001
date: Tue, 24 Dec 2024 03:17:37 GMT
content-type: application/json
vary: Origin
server: nginx/1.20.1
access-control-allow-headers: Content-Type

OPTIONS
H2 204 multy
1d4b4f7bc7.36e0626972.com/in/ Frame 0
0 111ms
29ms Preflight 2a01:4f8:c0:2343::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://1d4b4f7bc7.36e0626972.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://poo.phd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Tue, 24 Dec 2024 03:17:37 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

GET 85619738-c8a4-4908-ad2b-9a0c1f8a541d
https://poo.phd/ Frame 0
0

GET
H2 200 dip Show response
nereserv.com/in/ 0
200 B 43ms
33ms XHR
text/plain 167.235.163.216
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?event_id=b63801cb-b208-486d-b5fc-93f237c5bf32&subid=500843478&spot_id=503362&created_at=2024-12-24&timezone=1&ver=1.158.2
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/180046fa269b938f493f26f0eb8786c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 167.235.163.216 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.216.163.235.167.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Dec 2024 03:17:37 GMT
vary: Origin
server: nginx/1.20.1
access-control-allow-headers: Content-Type

GET
H2 200 dip Show response
nereserv.com/in/ 0
200 B 30ms
29ms XHR
text/plain 167.235.163.216
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?event_id=b63801cb-b208-486d-b5fc-93f237c5bf32&subid=500843478&spot_id=503362&created_at=2024-12-24&timezone=1&ver=1.158.2
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/180046fa269b938f493f26f0eb8786c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 167.235.163.216 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.216.163.235.167.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Dec 2024 03:17:37 GMT
vary: Origin
server: nginx/1.20.1
access-control-allow-headers: Content-Type

POST
H2 200 / Show response
enrtx.com/get/ 4 KB
4 KB 281ms
213ms Fetch
application/json 2a01:4f8:c0:2306::1
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://enrtx.com/get/
Requested by: Host: ff2f72443e.096f5e98aa.com
URL: https://ff2f72443e.096f5e98aa.com/180046fa269b938f493f26f0eb8786c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2306::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b728e2ad86dd916dce86b251c82b88b5d81f04e2bc41fed7367563c15b3653b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://poo.phd/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 3756
date: Tue, 24 Dec 2024 03:17:37 GMT
content-type: application/json
vary: Origin
server: nginx/1.16.0
access-control-allow-headers: Content-Type

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ 486 B
717 B 401ms
129ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: max-age=31536000
etag: "6659aceb-1e6"
expires: Wed, 24 Dec 2025 03:17:38 GMT
x-proxy-cache: HIT
accept-ranges: bytes
content-length: 486
date: Tue, 24 Dec 2024 03:17:38 GMT
content-type: image/webp
last-modified: Fri, 31 May 2024 10:56:43 GMT
server: nginx/1.24.0
x-cdn-host-id: ds8138

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ 1 KB
1 KB 400ms
129ms Image
image/webp 2a02:b48:8300::24
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: max-age=31536000
etag: "6659aceb-42a"
expires: Wed, 24 Dec 2025 03:17:38 GMT
x-proxy-cache: HIT
accept-ranges: bytes
content-length: 1066
date: Tue, 24 Dec 2024 03:17:38 GMT
content-type: image/webp
last-modified: Fri, 31 May 2024 10:56:43 GMT
server: nginx/1.24.0
x-cdn-host-id: ds8138

GET
H2 200 /
1d4b4f7bc7.36e0626972.com/in/show/ 0
200 B 75ms
26ms Image
text/plain 2a01:4f8:c0:2343::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1d4b4f7bc7.36e0626972.com/in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=hq&pr=t.co&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoo.phd%2Fe%2F38sdp1hqb7ms&refdom=poo.phd&auction_time=1735010257&subid=357529620&sid=1284118272&tcid=0&ver=7.368.0-b&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-24&iabcat=IAB25-3&keywords=&user_fp=6473378045444988268&score=35.908423988724024&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoo.phd%252Fe%252F38sdp1hqb7ms%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2F28916837-25608-1307.2526june2024.com%2FiCRCDIcxNArpZtczvQOYbhxKk9RQ5tmHZvtTX8qfEJsSPJ-TyTsacbw5kG0NyCD95aEsNug%3F_%3Da05fc0d9-c1a5-11ef-aac0-c39dbfe814d0%26d%3DBQ5qQHPeH5c2lTnRKc87LqcMtPazwpE07Z66I_Pfy-HcrHfOpUxwh2qzPuiZS6IFnAjdHUZmbUF2zC-6X3qi3zWH7zfzRfQucg6-mpi5c5N0NHqCyrfNzYpX4dpTrNSXip7GFQMI2QgTanJbL83rqFC--PlDYYl3D1zbO_bLsn06ixYd7BUfEIpmDyubaV1-RVAIZJSMf_XuIdEm02dD60LeDXF-Gm9pwYgiSRMETpM0Z1yJRZViHejAjG8C9KNlzoZ6qC85IVR-QAbkVWyEdgTpKmSYHXi7QO71Mfiqo2sW2GPV0kzHrxYUXhzXwQjr3Vumhv1gLpsdmPoeZHQ910OBZ2zh__Nky1rl9O90E_hZxtn0qtG5P3okmj6UHRISU6T4mMQogV9mDdU1PMOJtclDo9a2jLDGzOD55Gk4LyRSkqUY3Mi_YfSqkTkd0VHYVWkVAvrV-WishtMlI4_2u4WQY2MgYQVC_OX0giB17NxgUw2P_aeKEGf4W0nbImCdSsfgMjtPYXIJgSwot6OOFlb479gpivREUbruC8_sUyiFEX8fLEhmc1_R3arDoH2paRMd_6ZL_FFlFo6VwHVYocZPpltjTa2KS_eFJ9VV8R81EutCO_U0esKkWV3KMBamES7ywpt2KSN1K65F4RiXd9I98jt9U9OAFuQHbPJxN_J_HtTZUu_iaL9BxWvc38A9DmEfM68G01yRla1GP--KAyXbJMAuIzLBa2dej9R85gHaOAm_NsjWI6zY1NX40Mz4GIsHBJkpTNYky_A8soKWAndcQ3DI1_SaUAcXD3fu27wh4hLIdr5pkV9hosfHrdG-jCvowzi-Ywe-INUh2Y5iEahB3pSrlcXhnCXe8OQLfGJy7hKpBdXXsfKTeDGRhrlfvwfVLQnhCqfPgDaaufajN1iX_zJ7dfzr7S9n7cgG0RI-hDubBKoq5wadF0cMuWiyZOBVMFBOtMCNeV1OjMGKoMdIoRSH0Kd73SvCLCBobGBJy_kP9m37Aw05tBReVncJGRWU08ZRbnmp3vkIi5o2Q2294R6QbrPs11wm1i55XsSQgHBGXYhC_IM-gsYhz_VuAKguXNPbcP7Lf64bjt6MMlJCkDOzn0Eus-NtW7Sa-Iuy1UYOP5J0cYdWg-ALWzrGWOFREq-MbDlSed84B7lW_H7AHwKdj4ydKkPvHuEWK3PgEpr59wvFu_EPFvpENRMN78jmiHvf0_HewlaSm7UyqoHXclykPqxOwQlvhSbxVHuqppNC0Tb_k3xC0oETk4RbP2IJGNsAVrNCoUIlENOjc1UbNB95RxR32BAaX-VMO95OyxPmrzbhs1nBRhEuc2j5P-Vn4pWMTZfs2hPOu353Xo8uMNMX3khN7cv4eZvPqwwty5AVwone7SudnUhKM19sm1pW2NNG4KqYyFcFurtS&icons=IJzPhqWh4TDXkzY_6hpyBbMfA8XS-xgP-gnQzQSTtR0kgWbPqbXy1FBZe5wAhs69cZx4jlom8RKAOM4wEhJWWZx02fVhPusNK8qeovIDJsJBEzlBzQJLKq4iLSObZ6Dug3kqxXV3QxOPSBoi8j5qklSeGJ1O8DfQHs5uUAoFbBr1Al9Ltw&ext_cid=0&px_id=53418774&min_cpm=0.017805470312483956&out_id=1&campaign_type=lq-pop&aid=3301&cid=12212&uniq=&mid=6124057077578100204&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.013403978134390085&cpm=0&verify_hash=a38d42ed31e34127aa50a68c1e6d727c&is_native=2&real_bid=0.0004523039960861232&original_bid_usd=0.00054&original_bid=0.00054&show_type=0&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F131.0.0.0%20Safari%2F537.36&ip_mismatch=2001:1b60:1010:2:1012:a81a:91da:2339&geo=DE&carrier=-&label_ids=89,20,27,123,108,0,4,81&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1735096657&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00054&hostname=auc-inpage-hz-9-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.00000054&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=1&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=5b01335c-adf5-4de3-8038-ebca3ada5af6&prev_step_diff=387
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Dec 2024 03:17:37 GMT
vary: Origin
server: nginx/1.20.1
access-control-allow-headers: Content-Type

GET
H2 200 /
1d4b4f7bc7.36e0626972.com/in/show/ 0
201 B 75ms
26ms Image
text/plain 2a01:4f8:c0:2343::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1d4b4f7bc7.36e0626972.com/in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=hq&pr=t.co&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoo.phd%2Fe%2F38sdp1hqb7ms&refdom=poo.phd&auction_time=1735010257&subid=357529620&sid=1284118272&tcid=0&ver=7.368.0-b&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-24&iabcat=IAB25-3&keywords=&user_fp=6473378045444988268&score=35.908423988724024&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoo.phd%252Fe%252F38sdp1hqb7ms%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=23960&crtid=e0d41cb1b8b518b70ea6c1e22a005700&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3D_SxgB_iwMx2BRO8QpJQrWp3SF_agiyRrVP2sQNDJqpUxyGXIF5PrIV--8UFmsatFd3JAHNoZxzQYIl1JiJpycG4fFTjsQ2bFx9krpjjqy6EwzsxQXkKY-3rdXkEzJxtvZH4sazeWRTA8bDECDxXoCG9PkDCIOHCGxoib5ZDrj4Ep91r7tgP0DkVdrOABIlrk4yZjSpfwGc8ShFjATuiwL_HoYPZ7bQp6BXG32dAJrdcppa4LKuWpzhYAz7yyVsNtNwWiSs3UtIKaAhA8zoMKRL5rZQEJwHvUivaU7ZLH_-j6Ol6YFhGrFp-Gs5UdZNnGMvbv62SGi3sFhbOJ8xfQd2ZG2W0PPppbXTtTL2V9eJ5vScaqjIDOq5JiR7bgUiQEXUyLPacrB2aD4B3LhP_A81Uffql5S-RitKl_ug6cIRAt87Pr-Kmzh-pBIZxBLS64qGbzto69o5ZfDcBL4o0pJrWb3gHWNmjZYeqWefLxqezKwOz6YlaCGdb0vOsusaH3qif8MqdenYaQrbYU4SsFQHZqWwI9qvRcSS7AKzuCtZaB7e0cLXqAUk7zsb_vcs-0C-GceV6HBOFTFKeiPvH_p6P6iWf8y6q-D6cqjatwrqAfJajzXkRi9FKWB-2E0y7mzZOjzBF2Qglcclpf808a5Vz7lEBr4kvel_iel2KFDVA7lHpmCnp4RoOCYNC-ULiHAg-uXBK2OI2hfW2M33b8-n8VW0rX7cHyKNshZI-z-D6CiovF0Oj5IFAHFREuX-sHXnMC7zZU-iXIsqO2JrL7ALjVY44lFNy1-mRNxQJe0yz8uVW5v31EyUT5NnsWgVZ48ePD8P4udZ3xZ-XxVS_a7EWcfAxUzZ96s2Heosf_UxuC8PUxQrogarrgSXgLhsK2V71X7-CEPVKevz6eKtFRpr5DH6UvT1oPs82j_GtcIrlKndmLzVooQyxUjo8NPB-qOuZ3qJb33waSxixQ4eAK-ETbbdB74EZkqO4IM2VjM21fnQFpcWjhjo9LQmLhw-mSuau93k1Jnldn1KNfBy8uPGxBY9YovJQE73ICLSdlcgYV8bAa-W4lde0skLFPPFSWBzbjWsl_bhybO7nJ9i09eo8tocCrHjG8nExZHkZTXWTjxtbRKski2dViZJOlFOVhu-cMQOgtS01Ox2YP91KTQhjZZrQ1037MoGFuIYV0MLE6MaeSNLgZTykuovro_n4vOz6nnEgWAw9qMpeaMHWWXSb7RiUmz129wDBZA_b-_Gc%26bid%3D0.0064666780738695286&icons=P_ScdEeOHf3b9bD3mK-HQoq9TNXgbUA-GlOoJDIBcfvD-8kFLkVlN4nZEXzh8rIQT_jiHw9nvCyxmH5Mytc1EjZ9gtlzhdZbUzmckgFdGKxmUH9Ytqe2OksKCuZr9nloezu953BmoqGW--Gybj-37YOdONPaSDKu0t4rTs5P7e8aciM5U_YqA6Sxkrlb-F7PnSnNoF0NuL8p5zCr3u83ZbX4-Hxdfww1QKq1nyBpbeOXc5a0rNI2ZWPWtd1Chkqu_RjUaFFFl05LmlLiA7X973sVar_rUmd9-M8Z3uTcrLP1NywryMz_uNOiK7Bh3DXfNJvrBzqVc5X8AlmqAYTdAL77vSWV34mtcNPZjfBj9DO-6EAenK4qNBe-eEjFRBjck8Q-c0rwAWVx1RwKBx6ZvFH3rEguX5upeiD2y57obNyqYxB5sJkP8tKWhaMjaN_-aMRV6uTlnoZFAmPVFyo3yBVu4YeqY5qzUVXgZhHNGkY4C1eJyX9mCkShPvHOY2LLT8zw_s4JVpjxXTpNsz0CERR7JpzS9q0DQMEEECIDRbWpoIn7IZOw6IWjbBHLy6RSvDLvUOzwYmtSwsdyqbcbh2DTLK8DZ2EZMRS64Od2ZQ_Jqv1gjLuHqsZhtcXDrOpU2oJOqYqP-MfBuh8FFzBJ71RBFuL9u5Z69CK5VpeFSTAYExXeoK7I18v-Iecl12MbWcmgSv5LzNW6Jd9MxElCaq170OfgZ5rD4RKtoX46ci4dQP0Y8IHjBLAa31x3YD9Dx-nx21iGd_OI1jnIYrG_zeq-bHb-0iY70grt6PsQKk4wlcevmZWREMXuEJDj26MZdl-0hQShds_lpMaMZXZCJxPTsc1ofAsuDBxXA-DPrwf80z-IwfTHiw2961xauTPyKxhmO6Qu5EDuQ41RJ_vqhO2bHy3ulnDNeJ3aoM1fvdaTJKaczaDklOxOoi6rIwRV8-55x6V4UR_nx1S0UbZRFGalgLnNxTXU65GFdZ150_44yU2ZuV2OSsPOLgXhH-n7VDnanumsTPYgYPrpV5MjKN-wGz5yUXFqsErC9sPkj1ktxUdpVRbM5xYiYD_8ZZJwnkyZG3P5N52Giee-qK7vKHQYR6ApoWP6gL8Ol5aCxAYWhhEY6mXdV9mCr_dkHtK39cxZlVIYIhdoQhDee5uGNtJqLQe9awlRsfpnvNHOQNSjep5ZGYZ6IHXla-SPb6OJr57ydx_6Ne4ygZWJekNqVdvNDbFC_hyvh2ilfu8i5UZQcBDTp7PyC6TaNGEYkvzdSLlqzWUIswM8lfwyxkGaCeFpjPzH8fJO6IN8slihYYJNaHe0-2V8teA8_5zUp3iwu-a9MlJ5JMtsJKQ26W1-_WMs5_0cFUeX-6kBCOLpCVJZI6KA1BLMn-Upa8AskVSMNwyoGdQJbfl1yFDKRAKK63FjKwx22mc9wP1_-rLDbuDA9JhJrZZOjN2lYQ&ext_cid=296064&px_id=73418774&min_cpm=0.003883541201646091&out_id=0&campaign_type=hq&aid=127&cid=12697&uniq=82c2b0a2d836b90d5c596ca66dc8be2cb2608d0994fae3576656b0d574c8e0bc&mid=6124057077578100204&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.04282639180884629&cpm=0&verify_hash=d17504e49e19a35452e06d2af5ef7425&is_native=1&real_bid=0.005423602877736118&original_bid_usd=0.0079&original_bid=0.0079&show_type=0&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F131.0.0.0%20Safari%2F537.36&ip_mismatch=2001:1b60:1010:2:1012:a81a:91da:2339&geo=DE&carrier=-&label_ids=5,98,4,90&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1735183057&image_url=https%3A%2F%2Fgfxdn.pics%2Fm%2Fp%2F0%2F883%2F883209%2Fconversions%2FtT8F2vTt-in-page-ad-images.jpg&site=native-push-adult&price=0.0064666780738695286&hostname=auc-inpage-hz-9-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.0000079&ext_campaign_id_str=296064&is_webview=0&client_price=0.00662572997212414&direct_client_price=0&priority=0&client_payment_model=cpc&is_in_app=1&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&st=0.02&cpa=64bd6fee-323d-46db-922c-e2b8d1e50c3d&prev_step_diff=387
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Dec 2024 03:17:37 GMT
vary: Origin
server: nginx/1.20.1
access-control-allow-headers: Content-Type

GET
H2

200

hpVYBda4-in-page-ad-icons.jpg
gfxdn.pics/m/p/0/883/883210/conversions/ Frame A109
Redirect Chain

https://p.a64x.com/in/tip_shows/?katds_ep=PiFcp62s_sJdQCkPltBRhRgD7nbuIeq0g3fq9eMsff5cM8TEbKE452qGxHK4yOfEY28X3DgCIjxlvtbFRmO34hiQKAyUF8y_3Wz_KYKAd18FZbqHMfi4O1Jlm0vt7nvWeCByFFpZzJbwIY8-RxD7idpI7OW...
https://gfxdn.pics/m/p/0/883/883210/conversions/hpVYBda4-in-page-ad-icons.jpg

2 KB
2 KB

22ms
22ms

Image
image/jpeg

45.133.44.25
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfxdn.pics/m/p/0/883/883210/conversions/hpVYBda4-in-page-ad-icons.jpg
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 3ffbe953e21b6e4b464043883968ce8a2ae3a36086e26609534858b55bcaaede

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: e8bb91232e4cc16fd4e6e4d47080e160
cache-control: no-cache, no-store, must-revalidate
etag: "66cd7899-627"
pragma: no-cache, no-cache
expires: 0
x-proxy-cache: MISS, HIT
accept-ranges: bytes
content-length: 1575
date: Tue, 24 Dec 2024 03:17:37 GMT
content-type: image/jpeg
last-modified: Tue, 27 Aug 2024 06:56:25 GMT
server: nginx

Redirect headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://gfxdn.pics/m/p/0/883/883210/conversions/hpVYBda4-in-page-ad-icons.jpg
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jQwXYidebJvxt5mXVcrYVBaIqFshPbVfdRGfAygQQa7ft1j3DB2PiqfZUPqubINR62LrljcevrSJqfd5uLUqu%2FXPSL47GJwXcLjLI57yofvWZX6d3lFiIAoPU08sVlsMQPBDUcqY9cnd"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6d70800a6f383e-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=23759&min_rtt=23510&rtt_var=5360&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4857&recv_bytes=6289&delivery_rate=24692&cwnd=12000&unsent_bytes=0&cid=e3d41eeca9942960&ts=53&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 03:17:37 GMT
content-type: application/json
server: cloudflare
priority: u=1,i

GET
H2 200 tT8F2vTt-in-page-ad-images.jpg
gfxdn.pics/m/p/0/883/883209/conversions/ Frame A109 6 KB
6 KB 78ms
22ms Image
image/jpeg 45.133.44.25
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfxdn.pics/m/p/0/883/883209/conversions/tT8F2vTt-in-page-ad-images.jpg
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 68957505fcf78bec0c335f896ae10461036bc7bfa3da7e438e749ed10cbea0c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: b25f11b47d2e60490af447805d1c5e7a
cache-control: no-cache, no-store, must-revalidate
etag: "66cd789d-1633"
pragma: no-cache, no-cache
expires: 0
x-proxy-cache: MISS, HIT
accept-ranges: bytes
content-length: 5683
date: Tue, 24 Dec 2024 03:17:37 GMT
content-type: image/jpeg
last-modified: Tue, 27 Aug 2024 06:56:29 GMT
server: nginx

GET
H2 200 /
1d4b4f7bc7.36e0626972.com/in/show/ 0
200 B 76ms
49ms Image
text/plain 2a01:4f8:c0:2343::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1d4b4f7bc7.36e0626972.com/in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=hq&pr=t.co&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoo.phd%2Fe%2F38sdp1hqb7ms&refdom=poo.phd&auction_time=1735010257&subid=388464194&sid=3734872506&tcid=0&ver=7.368.0-b&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-24&iabcat=IAB25-3&keywords=&user_fp=6473378045444988268&score=36.95091565231058&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoo.phd%252Fe%252F38sdp1hqb7ms%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2F28916837-32063-1307.metabatted.com%2FiSZFC4Y0Pg7lZtczvQOYbhxKk9RQ5tmHZvtTX8qfEJsSPJ-TybkXjR4R-UM3kUTQ6e-qUA0%3F_%3Da06050d7-c1a5-11ef-8b9d-e65c61db627a%26d%3DBQ5qQHPeFJe-lTmBKJ87LocOtPajIGWz9r0TUpP9rKysvj4yMXnrbmiWg-bP2rwg_rrN6PRrS5zT6iy8X3-i0zUypRCufrU2wo8_rQBVP0zjBvcEYRB-n5G7d3YVyO6ySwpkGQhvh4wh_XIBmeYqRpuvdXnyaThAwBUH6dtMGoHlu78sPrHf7VOcoec-vgiMowd-3GcZj84TAmTuaH3pYmGpJaZjlS3XS0erXc0dpWlBl9lUOUp316BM-5xsl2gElaXbw58lmXUVECMF0ohaq7JSw8RSxivMF9fK-Q_3bmfBFvEpwbu5EIZSyFooZyzVx7tjxZ7WBamWS7OdPVMbv7NCMVufGS9mhR5tfmAEPZxExL4rIyJP7AsyXfBNN5W6dcS9JKI4KYL8HsdEQqL1BQBccOe2Iq000693IW_RwlfyGiDHQ--aChsVKXiEhPhZ1GTVrcmTpJs8k28ia5gbVIn-QxsG3FFznbSj2OE0ktt9C_7eSWZk2ofl2vxhdhAc4AxZR51SXM_JOVoW07ycmJzqo071KbtxaCQxvHAFy2cr8Wc7cyDMFYF3Lk4fZTjV7YyUl9PW6_qC526vXxqE6dtK1PwvwBCMCT3b6nT4tkyJ2bETZ8aSAG4cINkJK6xjGR-W_-fl4ZZ1usRluc_V6oZMYdeXZvuZCTCOSCeQuVeAOn0HA3I75jlcqx8QBgYxlgsR18L4bUovMoABfBSwbT_ZfXrfDKsMo1flqdAu1VdXF4MBk9b5rzwFLP5nySUscyW4w5DVwFGTfmAt_Jxt-7VKTiRSlNpTR3YvZCRdNP8oDXzUF3wpO8k5B_fP5Il4OIemtQ5pfLcZdeVS5omf5rWhChld_L7tNpLpJzpcu15qHDW7mys9OIplc_VGJ7hmcONV3_8hEcY0lmgKmPxURV2QMrh01tVQmGCdm9zxiO3oJzuGJ30DPe_-4vWWFJwDOXivfEmynQxrHf9ciLvGdOq8QFV9WwJ_EPN4PqcQ_yrAU4Zk9-ZXD5QwjneZ_yS2qXXyKkBuynrItLhPk3hCmOfByYaz2GsN8rZ4SUGPhikiPaFYo3ciKQKPsIi-LzW_OaCYLaUzSPZlRywljXeyxG2bCHe_XGlbfuddnkpxb8l3iXcAg8nhLcz1qfkvyVZjTIr-V88XmRylPACSiIe5F5isRXa-IlKVNXM5WFndHf7aJ7MTqFanRj7_1A-pFDexJr5kclLA05n95XwSzQCGceCbBUzQJxGFSb8SG-EDQE9OebvLFJCWk3UixwYW-NTTeRHpSZPzZGs5PeYd6zuN4ak1qI70FhmCt-EWxWe2u2OhzqyKYW-i_0JqzYtU05XneSUOpAJTi-DHDfK-QUIzSanx7V7MKzvv4sU3yBGNaBdZpl7EVfbSo4mQIs0POvc2&icons=qtGfKmtEWml6CqbMk_WgrUXmYbL-xyP-SKhjuRXMrSuu2CmE3dUoddZtCA4_4FyvYPQlYncSgTlscR3sK_2nFOco9Wrfi3XpmCcTfLdAgwIXRpLm1XIu_PtgkN09tRWkjf9NKvx9lD0gjbVYKrwbBwF1gyQUtTGvQPBhFTQGAvnqVTt9RQ&ext_cid=0&px_id=121457705&min_cpm=0.026462802675869417&out_id=1&campaign_type=lq-pop&aid=2012&cid=19039&uniq=&mid=4173032971029437438&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01737161490222703&cpm=0&verify_hash=656dc717e4265b2ac2276b523e2a629a&is_native=2&real_bid=0.0003944159946441633&original_bid_usd=0.000432&original_bid=0.000432&show_type=0&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F131.0.0.0%20Safari%2F537.36&ip_mismatch=2001:1b60:1010:2:1012:a81a:91da:2339&geo=DE&carrier=-&label_ids=4,89,20,27,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.000432&hostname=auc-inpage-hz-9-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.00000043199999999999995&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=1&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=5173dfb0-4002-41f0-9633-653b643754de&prev_step_diff=413
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Dec 2024 03:17:37 GMT
vary: Origin
server: nginx/1.20.1
access-control-allow-headers: Content-Type

GET
H2 200 /
1d4b4f7bc7.36e0626972.com/in/show/ 0
200 B 77ms
50ms Image
text/plain 2a01:4f8:c0:2343::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1d4b4f7bc7.36e0626972.com/in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=hq&pr=t.co&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoo.phd%2Fe%2F38sdp1hqb7ms&refdom=poo.phd&auction_time=1735010257&subid=388464194&sid=3734872506&tcid=0&ver=7.368.0-b&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-24&iabcat=IAB25-3&keywords=&user_fp=6473378045444988268&score=36.95091565231058&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoo.phd%252Fe%252F38sdp1hqb7ms%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=23960&crtid=e0d41cb1b8b518b70ea6c1e22a005700&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DIkXkzLQ7YmO-CoXk_X_JTZ2UnXWU-V9R_UOwPH5MgtmpStm0Sv03MMCO73GLPxXPfTpSZQ0VP8NVVB-M4D43Xj_R1DyrE7ZK_j3qHeqWM-pDyyigdkKZnmE910XAR0j-ml8YG_kKjrrR-7ihFk0ZAQLKYldTb-cmIPsjW8gTi0myxSovcrgs_hv80rVe_KhrrMx92hijRdII8PX5-Jj9YMLQBmx9GB57y2-OLtddKwHicOmvXTFzWvckFcAn3ToxdORTnUYPFWp_NmxF-oaSSsgI5lZs-v4ujv7KsOhaeFR3D1g9avAQga-Gf0IUcX-PusRFoPK2xHXm1UFSBgkHVkrhTajc4ZXT_j1qxsY91G4QtUhCloQhpvK37CWAjlIwc9hOgUrrg8pYH2--Ij0vOQuLVDwG3eh4Hv-GuAfWggFbddls0c4ulDKFXTMY7n_X968BXOUCouapwEOewrdP7t7OnoMndOd6akLCR0MzaBrJvQiigMDD9LkSIUC7IOcdQdNJYdeWFxpUYcbtL2_SyTGbvj2ZUEOTm6IlQlC8eUfsA7iN4TtmAnpowK20U8cJKSM9q4d78-hkmIZaPLcoMwQJYP1Sy2SORXHn4tEvvDxTLxLZr3EXi1nJv8AEiSNwdCPtbmoVy1-9qrFAhTRq1yymWXnUUHhOykBdsF7TFFhnFBp1NeYiacWIuPKcT3yGWsL2dgjpDJw9aB8aPaL6D-Nz9rjupabSE6yzdnykdAKBACsQ7n4Yaiiak1cBCkjCPldDMGi2g1ZbyLE-JKEEOOMgw4w6NPIR-NMVbtD4JewROy9UKbD43T9ZRGjS21ePpDgV9npATzJ1_cKa6n2tO9yJiHPLU1YMwOEvfIO0PK2XEcWKgeEIMLoS2cnSkIpoXCkEgpV6ZIDHtzQHcH1T2BK4SMm0lCb6BpzU5_ya2qEVlXw9-PVZTzKzVDLqVSnxkVXHwr4ywIVjVNFP5h6l59rbPhTB1DY4tUS8GUJ08Pt-LUcOYeV2Zvg-F61BCk7q20hZ1uyayMLKJVAzEUjGFfDgW6i90CGCEbHot89WuOpyqMKPXUhB4_s2-troEBvvL6bdqKWRRjOh0G_bbmELOZs-pE0q3npQ5A32z48pj1Q6-d_vzuW20ao1oQn4TyjQmkeA-a5wuo5FGG5lOykNGpe4g02ofuKnox7KS_K_8XaKbAhq3ionLa6M00t9wtgpVDBD878sbv_d_RJMyQKMFuaEsSpcjECaEHUIslTJwBA%26bid%3D0.005431947457425478&icons=lrxgiFoflch34mGnvN4jlvuyS2ntAovsfjD-c48Y0UV9Qa7OHzhZYQKn2NolpkKm706I2K1VMmnr_nAXrDq_xY8m0F9CQuP89tOc9XKntoGVg5gzgAiWEcS99bSvTvNNJ1PI7Y-_qL3MRvHa5RJ451K-55wTI6s1aVP0img94A_svZW8tIDSdiHfytpjL6s3mCRR-IWDaGeP6lQxLaAK1kyQpIvuoo3KlROETYIefDNjE0kyIV1bGeCogzyLX3JATH_YOZIb2uHSxZWJG25_krJedQT0ehoYd8eiFYDy29PFJshmk_1dd575f7FZpEQuPCUqnRb4EQHQXVxFpMEzhj064jsc93bVzCcAy2OebU2ZAhudooSeXEtuj0wzRpELvzMw7gjfTgqRLzJM36EczSSFb6H7YuWhj1XgkXJTsZvqAF2mL3jixDxABxoEx43B2ck6mI6iB46TLFxdyz0Xqy3Eur4mYgF_ifCP8mT_Y3A5S5S1VA0tNOljYt-yQg2rPcICmbCCCyhONjfvzwc6xft7DPbMHcD6fT6uu88HZA0R4joB_ni-Q8uKv_ZLWPABScE6OepbYjE47NpHpQgtDsPmSuT3imK9mZveiyytu-xFPdCFV-chc7LO12R1Lq_L0AszYhhyfnM12O2dRW_B3emMidFd9u4fAKZlfstrgqmK0ewT2yrzoc7W8DXs---mIqexxYgvv9XwPc3t-SAfwm96k5nQK8i3elIL2mY1wPAZtiHUWm8ZNtXkWYNIzrhzxVCZprefuIWbn3usYMU_84XpxrMk-k53CtQ8Ow3p2PsKnlHEjr-ygEUYW4ZZjpW0QBybKx4flZElp0AdI9fZA7MB6N7Ddb57DtG3x0fcPdJuNH_P78dO1FF_VXIaZmjWm2bcxRFQsCnvo3yjjJGQ1Np8UJ9EN43MdCysF8hOAtmY50MdszdaaPeyIO3CUw3zqke6zDcYHtkzEsLc5qQPyEHlOEBbOGGe46yqi78VahrZP2b28l8TaZvdc_lJcgsLr6ZKiTEciIr3QY7-n319Y05_X91w8u5qCgG24joPqzscpB8YHlR_tE7E8lHavO3ENIHprCLJlautFr_zTIqmEBGurzFb8sCJ96bteqHg6J3SKV5oC5IgE7ZMMj_LrdadQGwFA_MrU8IGa9c-j1iJEvU2M9l5lCZuVVrfaIeQhtFJjqi939b7NBanCZ8nbl4jMiBIsqNqSZjgENWKPJgzHJYCIuhbFvU7tpoVKgu8fDLUQOsxfFbdj8XEruzdINFZZ8-PcWXqD9cTHHvUpRm7K_hAhFHkF7c3JRZZqZpUCFu7pLBiPdSQ6DCq_wfs-1Y0Z8gkGXZd6HR7FVdR58QJubGYHu6E-oN5MZC0IIaLLpaS0bjwLbfLCP9gu8YALu-4S2hEZ3-1OB0ps3lDEn721WRk3dqCpAicPyVqEJe9yak6nxmy3IrPvkRi&ext_cid=296064&px_id=73418776&min_cpm=0.001561388157575169&out_id=0&campaign_type=hq&aid=127&cid=12697&uniq=82c2b0a2d836b90d5c596ca66dc8be2cb2608d0994fae3576656b0d574c8e0bc&mid=4173032971029437438&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.017218465706933576&cpm=0&verify_hash=87e565a48d36bb729f2bc6534a139d4b&is_native=1&real_bid=0.004555774313375633&original_bid_usd=0.0079&original_bid=0.0079&show_type=0&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F131.0.0.0%20Safari%2F537.36&ip_mismatch=2001:1b60:1010:2:1012:a81a:91da:2339&geo=DE&carrier=-&label_ids=90,5,98,4&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1735183057&image_url=https%3A%2F%2Fgfxdn.pics%2Fm%2Fp%2F0%2F883%2F883207%2Fconversions%2F0OErF2ya-in-page-ad-images.jpg&site=native-push-adult&price=0.005431947457425478&hostname=auc-inpage-hz-9-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.0000079&ext_campaign_id_str=296064&is_webview=0&client_price=0.00662572997212414&direct_client_price=0&priority=0&client_payment_model=cpc&is_in_app=1&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.02&cpa=e6e4ffa9-01e8-4d62-b44f-8f7c421e91cd&prev_step_diff=413
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Dec 2024 03:17:37 GMT
vary: Origin
server: nginx/1.20.1
access-control-allow-headers: Content-Type

GET
H2

200

M4Y7kv1Z-in-page-ad-icons.jpg
gfxdn.pics/m/p/0/883/883208/conversions/ Frame 7096
Redirect Chain

https://p.a64x.com/in/tip_shows/?katds_ep=OT0pSfPt8LvROCPw0j3pbZnaPF77U_FHf8DPetZi3HfZUlT7eNpqEqqJNYIc1_C8jYqsFdko3IO89nziGjYyNHrjbLxQKETVCSAgI-uUf4d9iOpuE8wiGVkfxdNSHJr5dSTnw2IQ2SUjscky2tZy5r031GJ...
https://gfxdn.pics/m/p/0/883/883208/conversions/M4Y7kv1Z-in-page-ad-icons.jpg

2 KB
2 KB

21ms
21ms

Image
image/jpeg

45.133.44.25
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfxdn.pics/m/p/0/883/883208/conversions/M4Y7kv1Z-in-page-ad-icons.jpg
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 3abd3bcb6f6074a158ed763d91471a96a4204361f534f0465117b82735f7e4ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: c59dcd8e8ed68008e60741db0eed9407
cache-control: no-cache, no-store, must-revalidate
etag: "66cd788e-691"
pragma: no-cache, no-cache
expires: 0
x-proxy-cache: MISS, HIT
accept-ranges: bytes
content-length: 1681
date: Tue, 24 Dec 2024 03:17:37 GMT
content-type: image/jpeg
last-modified: Tue, 27 Aug 2024 06:56:14 GMT
server: nginx

Redirect headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://gfxdn.pics/m/p/0/883/883208/conversions/M4Y7kv1Z-in-page-ad-icons.jpg
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bh9whmU40CHaE9gUBpvbtJRZjD8iVII7aGXO6NR99JIH8Lqiz4nPL675mf03ll0MEio7mZJh6QeonuU3SitJ%2B8rKzwwcxv8bDWnNAJ2y%2BKACNHM8kkJc6%2BGbhcBBtocw7Dl08z8WFyr%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6d70800a71383e-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=23562&min_rtt=23510&rtt_var=8853&sent=10&recv=8&lost=0&retrans=0&sent_bytes=4103&recv_bytes=6198&delivery_rate=130571&cwnd=12000&unsent_bytes=0&cid=e3d41eeca9942960&ts=46&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 03:17:37 GMT
content-type: application/json
server: cloudflare
priority: u=1,i

GET
H2 200 0OErF2ya-in-page-ad-images.jpg
gfxdn.pics/m/p/0/883/883207/conversions/ Frame 7096 5 KB
6 KB 61ms
28ms Image
image/jpeg 45.133.44.25
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfxdn.pics/m/p/0/883/883207/conversions/0OErF2ya-in-page-ad-images.jpg
Requested by: Host: poo.phd
URL: https://poo.phd/e/38sdp1hqb7ms
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 912b34b348bb51e6ef8520a0410eba101754583caffb323b9c929cb29ba539d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: ba8e33e3821218f5e3fe021d3d1fac04
cache-control: no-cache, no-store, must-revalidate
etag: "66cd7892-15ee"
pragma: no-cache, no-cache
expires: 0
x-proxy-cache: MISS, HIT
accept-ranges: bytes
content-length: 5614
date: Tue, 24 Dec 2024 03:17:37 GMT
content-type: image/jpeg
last-modified: Tue, 27 Aug 2024 06:56:18 GMT
server: nginx

POST
H2 204 rum Show response
poo.phd/cdn-cgi/ 0
199 B 28ms
26ms XHR
text/plain 2606:4700:3030::6815:4001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://poo.phd/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:4001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://poo.phd/e/38sdp1hqb7ms

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8f6d708249ccdc86-FRA
access-control-allow-origin: https://poo.phd
date: Tue, 24 Dec 2024 03:17:38 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 favicon-32x32.png
ax4.poopstream.co/ 874 B
1 KB 32ms
32ms Other
image/png 2606:4700:3031::6815:3a32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ax4.poopstream.co/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f317e2e66d2069d81ed96acacfb92649a11457b7e31ea576279aa4c10a006fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cf-cache-status: HIT
etag: "f2e40d166c5bed85215c32b5d351c40b"
age: 2442
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JyVJFoJfLv1SH8AHj4t9N%2FPx3eOXjIF57tawUiK8rw8lVDJPy1qBdVxrSpCu4OU%2FJBKG9fj6sy1a%2Bw6FMNJH1GUBYegxMUljTLQ4m0lO9zq064HyMjdEk3jMJVuV%2FSF16qQf7CcKFmJH0NEYXU%2Fwpw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=22169&min_rtt=21613&rtt_var=2967&sent=10&recv=13&lost=0&retrans=0&sent_bytes=5360&recv_bytes=2286&delivery_rate=179096&cwnd=256&unsent_bytes=0&cid=09da9ac6ac6c63de&ts=2111&x=0"
date: Tue, 24 Dec 2024 03:17:38 GMT
content-type: image/png
last-modified: Thu, 14 Mar 2024 17:13:01 GMT
vary: Accept-Encoding
cache-control: max-age=1200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f6d70824b559f40-FRA
accept-ranges: bytes
content-length: 874
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 35ms
34ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je4cc1v9167878827za200&_p=1735010256119&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1766285749.1735010256&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1735010256&sct=1&seg=0&dl=https%3A%2F%2Fpoo.phd%2Fe%2F38sdp1hqb7ms&dr=https%3A%2F%2Ft.co%2F&dt=Erin%20Bugis%20Viral!%2C%20Main%20Di%20Mobil%20Sama%20Gurunya%201%20-%20PoopHD%20-%20PoopHD&en=scroll&epn.percent_scrolled=90&_et=3&tfd=5843
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://poo.phd/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://poo.phd
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 03:17:41 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP982awOuVmpJ8yZRMi4v69OZD6RyN2Svkl6rU15JjeSdLN7XmOyLds19AG5ySHmHSdE4fAtuzA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1493313475%3A1735010257616873&ddm=1

Domain: poo.phd
URL: blob:https://poo.phd/85619738-c8a4-4908-ad2b-9a0c1f8a541d

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-21 11:27:04	Name: muc Value: 9b79b067-af71-4bd9-8d3c-e5b7163977f4
.t.co/	1970-01-21 01:56:52	Name: __cf_bm Value: FIK7uim8dx86QwHJ4AAEDCCpC7uz2CLirQ7YItAjOVM-1735010255-1.0.1.1-.updxd0sqPP7K2zUtwRoMxeO8F_4ctv2BhmHhC2TsoiITqykhkr5VfOLqJ47yAPQ5DPnMbK7HWMv54IJQDy9uQ
.poo.phd/	1970-01-21 11:32:50	Name: _ga Value: GA1.1.1766285749.1735010256
.poo.phd/	1970-01-21 11:32:50	Name: _ga_RRBBHD087X Value: GS1.1.1735010256.1.0.1735010256.0.0.0
fp.metricswpsh.com/	1970-01-21 10:42:26	Name: id Value: 15394769204873233730
qt.draftedorgany.com/	1970-01-21 01:58:16	Name: GL_UI4 Value: eJw9jUFugzAURCFgkrSB9kscoEcIBISyrLrpInewPvhD3Bg7sh3S3r5upXY3b%2FQ0E0XRqnyCeMm2kNywhRc6NgN1zYhVRV0%2FtlUtmkNfd%2B2%2BPiK2ArbScY%2B9Ip%2FCxs1oPfdLCruJNFk58MEIyuE5WH%2FNRZu7ToH1FrXIgc3BUDmse2vujmyZQKpxJijeCYUi597O1gRmM34YC0l1qEKWOuR4DyvjyqR4AHaS%2BvZZ7LKoKLIIHq8K%2FWjszKUIyCaLgiB%2Bhc2AniZjv2AtyF28uQIYJfi%2F%2F%2FvN1M8aZIIWOQQ0%2Fkz2G8ivUcQ%3D
uk.pivotsforints.com/	1970-01-21 01:58:16	Name: GL_UI4 Value: eJw9jUFugzAURCFgkrSB9kscoEcIBISyrLrpInewPvhD3Bg7sh3S3r5upXY3b%2FQ0E0XRqnyCeMm2kNywhRc6NgN1zYhVRV0%2FtlUtmkNfd%2B2%2BPiK2ArbScY%2B9Ip%2FCxs1oPfdLCruJNFk58MEIyuE5WH%2FNRZu7ToH1FrXIgc3BUDmse2vujmyZQKpxJijeCYUi597O1gRmM34YC0l1qEKWOuR4DyvjyqR4AHaS%2BvZZ7LKoKLIIHq8K%2FWjszKUIyCaLgiB%2Bhc2AniZjv2AtyF28uQIYJfi%2F%2F%2FvN1M8aZIIWOQQ0%2Fkz2G8ivUcQ%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://poo.phd/e/38sdp1hqb7ms Message: [GroupMarkerNotSet(crbug.com/242999)!:A0901D00EC350000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13741674c3.198636861c.com
1d4b4f7bc7.36e0626972.com
accounts.google.com
ax4.poopstream.co
berlagu.com
dood.cm
dx4.poopstream.co
enrtx.com
ff2f72443e.096f5e98aa.com
fp.metricswpsh.com
gfxdn.pics
nereserv.com
p.a64x.com
poo.phd
poop.skin
poophd.net
region1.google-analytics.com
static.bookmsg.com
static.cloudflareinsights.com
storage.multstorage.com
t.co
www.googletagmanager.com
accounts.google.com
poo.phd
157.90.84.242
162.159.140.229
167.235.163.216
2001:4860:4802:32::36
2606:4700:3030::6815:4001
2606:4700:3031::6815:3a32
2606:4700:3032::6815:1ef2
2606:4700:3033::ac43:80ab
2606:4700:3033::ac43:b9ab
2606:4700:3035::ac43:a8ce
2606:4700:3037::ac43:c87b
2606:4700::6810:5049
2a00:1450:4001:811::2008
2a01:4f8:c0:2306::1
2a01:4f8:c0:2343::2
2a02:b48:8300::24
2a06:98c1:3120::3
2a06:98c1:3121::3
45.133.44.25
45.133.44.53
04c2ddb8efff611d743e48266830865b4a40272524bdbf20770f544bd206f912
13490022ca8b3c3937341cc48efdbd346e7c43670e4bcaec7e0653dd63f19325
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
2711371827b9466f54134a529aa6b719dcd1dfc363c47731e2aab31239cf93e5
3abd3bcb6f6074a158ed763d91471a96a4204361f534f0465117b82735f7e4ed
3ffbe953e21b6e4b464043883968ce8a2ae3a36086e26609534858b55bcaaede
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
68957505fcf78bec0c335f896ae10461036bc7bfa3da7e438e749ed10cbea0c6
6f247d24254bc663a4b64c21b7a263c62d4d904df200566e7466902db93cc428
70d5367070d0a06ffb2dcd0272a5d335dcda2fae4b7d983299d075ed4faa7e18
78c30b418896961856ee26e09ac3990b9e790852ad1333a0d30e8ede9f771a6f
80165e06a75a3cb294bd71ccc729cdf953364e87bce88f3d8f08bc359c3b9ac4
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8f317e2e66d2069d81ed96acacfb92649a11457b7e31ea576279aa4c10a006fa
912b34b348bb51e6ef8520a0410eba101754583caffb323b9c929cb29ba539d6
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
b728e2ad86dd916dce86b251c82b88b5d81f04e2bc41fed7367563c15b3653b2
c87f2bdad497498d609266828219843734f4d1e74bf578b77e28086f1af4940e
d3c816c5d93d1c03a829e12f6123a6dfdf8ed45ed6d2396779ce7c2e3b3f32bc
e2169889c4ed69b44773f6b1bba57b4b49c2b62a7690d4ce66a192809fc90332
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4458185d2dea4139a703f057349fa501847b1c44d6c18409b06d57883a996eb
f68900edbb1a1d7a042e67072f184a95449bf3dc1840b790214f76fb47408ab6

poo.phd Open in urlscan Pro 2606:4700:3030::6815:4001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

90 %HTTPS

75 %IPv6

21 Domains

22 Subdomains

17 IPs

5 Countries

426 kBTransfer

1465 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

poo.phd Open in urlscan Pro
2606:4700:3030::6815:4001 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

90 %
HTTPS

75 %
IPv6

21
Domains

22
Subdomains

17
IPs

5
Countries

426 kB
Transfer

1465 kB
Size

7
Cookies

41 HTTP transactions
0 data transactions