urlscan.io logo urlscan.io
SecurityTrails logo

poop.cx Open in urlscan Pro
2606:4700:3030::6815:48cd  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://doodx.pro/e/PkAeHszN03w
Effective URL: https://poop.cx/e/PkAeHszN03w
Submission: On December 18 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 20 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3030::6815:48cd, located in United States and belongs to CLOUDFLARENET, US. The main domain is poop.cx.
TLS certificate: Issued by GTS CA 1P5 on December 5th 2023. Valid for: 3 months.
This is the only time poop.cx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a04:4e42:400... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 45.133.44.52 39572 (ADVANCEDH...)
1 2001:4860:480... 15169 (GOOGLE)
1 23.109.248.156 7979 (SERVERS-COM)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 45.133.44.53 39572 (ADVANCEDH...)
2 157.90.84.242 24940 (HETZNER-AS)
2 3 2a00:1450:400... 15169 (GOOGLE)
2 94.130.198.6 24940 (HETZNER-AS)
8 2a01:4f8:252:... 24940 (HETZNER-AS)
1 2a01:4f8:c0:2... ()
5 45.133.44.25 39572 (ADVANCEDH...)
2 2 2a02:128:7:49... 50245 (SERVEREL-AS)
1 23.109.87.81 ()
40 18
1    2606:4700:3037::ac43:abf6 (United States)

ASN13335 (CLOUDFLARENET, US)
doodx.pro
1    2606:4700:3030::6815:48cd (United States)

ASN13335 (CLOUDFLARENET, US)
poop.cx
2    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
berlagu.com
4    45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
3a12751332.cc72fceb4f.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    23.109.248.156 (Netherlands)

ASN7979 (SERVERS-COM, US)
wakenssponged.com
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
metrolagu.cam
1    2606:4700:3032::ac43:ae33 (United States)

ASN13335 (CLOUDFLARENET, US)
storage.multstorage.com
1    45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
d82c09157a.25eaeccf95.com
2    157.90.84.242 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de
fp.metricswpsh.com
3    2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
2    94.130.198.6 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.6.198.130.94.clients.your-server.de
nereserv.com
8    2a01:4f8:252:561a::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
fea6607a84.555dcda495.com
1    2a01:4f8:c0:2306::1 (None, )

ASN- ()
mcpuwpsh.com
5    45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
static.bookmsg.com
imdn.pics
2    2a02:128:7:4930::2 (Czech Republic)

ASN50245 (SERVEREL-AS, US)
p.a64x.com
1    23.109.87.81 (None, )

ASN- ()
fikedaquabib.com
Apex Domain
Subdomains		 Transfer
8 555dcda495.com
fea6607a84.555dcda495.com
15 KB
4 metrolagu.cam
metrolagu.cam — Cisco Umbrella Rank: 157566
3 KB
4 cc72fceb4f.com
3a12751332.cc72fceb4f.com
199 KB
3 bookmsg.com
static.bookmsg.com — Cisco Umbrella Rank: 40045
3 KB
3 google.com
accounts.google.com — Cisco Umbrella Rank: 23
2 KB
3 berlagu.com
berlagu.com — Cisco Umbrella Rank: 198086
2 KB
2 imdn.pics
imdn.pics — Cisco Umbrella Rank: 29986
5 KB
2 a64x.com
p.a64x.com — Cisco Umbrella Rank: 179792
335 B
2 nereserv.com
nereserv.com — Cisco Umbrella Rank: 38773
401 B
2 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 41404
426 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
65 KB
1 fikedaquabib.com
fikedaquabib.com
1 KB
1 mcpuwpsh.com
mcpuwpsh.com
4 KB
1 25eaeccf95.com
d82c09157a.25eaeccf95.com
207 B
1 multstorage.com
storage.multstorage.com — Cisco Umbrella Rank: 34059
907 B
1 wakenssponged.com
wakenssponged.com — Cisco Umbrella Rank: 163519
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
248 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
91 KB
1 poop.cx
poop.cx
4 KB
1 doodx.pro
doodx.pro — Cisco Umbrella Rank: 266372
442 B
40 20
Domain Requested by
8 fea6607a84.555dcda495.com 3a12751332.cc72fceb4f.com
poop.cx
4 metrolagu.cam berlagu.com
poop.cx
metrolagu.cam
4 3a12751332.cc72fceb4f.com poop.cx
3a12751332.cc72fceb4f.com
3 static.bookmsg.com poop.cx
3 accounts.google.com 2 redirects poop.cx
3 berlagu.com poop.cx
berlagu.com
2 imdn.pics poop.cx
2 p.a64x.com 2 redirects
2 nereserv.com 3a12751332.cc72fceb4f.com
2 fp.metricswpsh.com 3a12751332.cc72fceb4f.com
2 code.jquery.com poop.cx
metrolagu.cam
1 fikedaquabib.com metrolagu.cam
1 mcpuwpsh.com 3a12751332.cc72fceb4f.com
1 d82c09157a.25eaeccf95.com 3a12751332.cc72fceb4f.com
1 storage.multstorage.com 3a12751332.cc72fceb4f.com
1 wakenssponged.com berlagu.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com poop.cx
1 poop.cx
1 doodx.pro 1 redirects
40 20

This site contains no links.

Subject Issuer Validity Valid
poop.cx
GTS CA 1P5		 2023-12-05 -
2024-03-04		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
berlagu.com
GTS CA 1P5		 2023-11-05 -
2024-02-03		 3 months crt.sh
3a12751332.cc72fceb4f.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
wakenssponged.com
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
metrolagu.cam
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
multstorage.com
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
d82c09157a.25eaeccf95.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
notification.tubecup.net
R3		 2023-12-13 -
2024-03-12		 3 months crt.sh
555dcda495.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
puwpush.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
static.bookmsg.com
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
fikedaquabib.com
R3		 2023-11-11 -
2024-02-09		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://poop.cx/e/PkAeHszN03w
Frame ID: 1BA8120AADA2CC02D60A61CD0C2ABF04
Requests: 24 HTTP requests in this frame

Frame: https://berlagu.com/download/bohongi+hati
Frame ID: DFBB80107E4EBA288FFF92E9D3158705
Requests: 4 HTTP requests in this frame

Frame: https://metrolagu.cam/video?q=jiwa+yang+bersedih
Frame ID: DB0F8097AA9EDCD897DDD0A2679447B7
Requests: 6 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 4782A619194660609E794C4523D81226
Requests: 1 HTTP requests in this frame

Frame: https://imdn.pics/m/p/0/673/673494/conversions/UI3oV7aK-minify.jpg
Frame ID: 59E5B46798B20AC2A9F0034234562ECD
Requests: 1 HTTP requests in this frame

Frame: https://imdn.pics/m/p/0/673/673492/conversions/EH8qpL4L-minify.jpg
Frame ID: BABB91D172124F40AE2551B51E989718
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

video 2023-12-06 14-53-02 - PoopHD

Page URL History Show full URLs

  1. https://doodx.pro/e/PkAeHszN03w HTTP 301
    https://poop.cx/e/PkAeHszN03w Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

90 %
HTTPS

63 %
IPv6

20
Domains

20
Subdomains

18
IPs

5
Countries

396 kB
Transfer

1331 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://doodx.pro/e/PkAeHszN03w HTTP 301
    https://poop.cx/e/PkAeHszN03w Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2tLj8RqN1m515YqfmkV4n43nTuqwnhe9xqbLTUDgTwcPcts001lWEnIomSisvPQ2ie6QO-OA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3qheSdVi1blVJpxmvYWOl4sg5amCWQ15Y9m0w8pkExcJflCihIymNnC5hCPkUjYIIUbsr1qA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2113825603%3A1702924770828483&theme=glif
Request Chain 30
  • https://p.a64x.com/in/tip_shows/?katds_ep=K5vEM4FernMNy3K6F5QGRmNFH7fX1eZKLfVYQPq0BaMthZnXoMz9tWvdcT6NxGzmJ2xZx78Dfb-qwMv5mw0qourzE0jYMb2vTMWib3iBlW3NjLm3Uk9Ltmduu_Jdi4n5MFgTV7PJ4LzcqFsPH4R8wCpD_TE1RJudPLn2gmo9ld6zbGL7zMBeV5-AMHT4JpmWdDLcA3P7Jw92T3veP_m8RHQoOM7GlkzbYJK-UNV8IRqtd_DrBqQEUDlzeq5uzGXDp0TcO2EQNLAeDqr77kFCKUaTxGFeOqhldedw5brlLqZE0Oq2ZWjSdZn7m6sDb5dRLTwud-WhxiZb7Gef0sLLyi5J8goGlijdxSc4KNN-O_OY1lY_vwzo0M6zt0A8WAKZjlrsQaHpfoYs2zViKJss5UUxEPoYSCQBMo2ItHpou_K1lkSKx9YRoSVfWFe-2wexw8DM1JIg54Xs88xPd13qzYUkUBbXZEMVLAND5DC9URsPwjw2zrcjff_4hamsNlHDmUN9gpQkInzmFYGqHy9SzqIoaIOlKTvHHBZmopGY6sjh6lMo9oX04-DueYC2lujOu36aHgqN8OtEGY1jNj7du0_mIa4Z5ny6t7fcm_jnPtkEd2e0ZMsYE7NSj9wJedox9tuifnHkgWJhMd4KmBxUe_HKWvvE5XLD_rMMYDqWLe6Ch4kEZHrdTKVsubR-Rjn-Av3MVlqFYBGiM06GoOAf39_u7b3bd4HzmQZzMRnTw8dyxQZS-vKHTKGBF5C5NRkuYCLihf4uEVXpmAF41fLt7RDKrXd3WToeOSNnGKuVigWgzP5Ruymv4_pnVXd9piY9Od7lpAd6VSNLmLDcS7cJ8NUUXlTOJKwRc6XcVUMfS1w_NyhNd-q77AuGVfvK9UVkfgA0r9W4UedMe5Bfpmh7DioLw8IqHgKZcTJyLSM&bid=0.00504732&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&st=0.03&cpa=85bd9f94-df5d-4e3e-88aa-2f81d5231f1a HTTP 302
  • https://imdn.pics/m/p/0/673/673494/conversions/UI3oV7aK-minify.jpg
Request Chain 37
  • https://p.a64x.com/in/tip_shows/?katds_ep=n63VEn5Rkzv_8BND6PkqLb9YKAjsi7lzwhQLRVOItY1RhOcChnqua7Q3idJJ0edNPEUv_MAQDdqmRqFER1kJxWlql_KbATFQ5CJg-MC6TgomSwdRtcnN0Qqnnky5PREF1tqR3royAGYDX5y0a_mQCN4CtQ654gVHC1ub90oJ5GtIaSk5935_pRMJIL3wJGBiFhHSw-4_uAtovTg4-Rw-1VF8f5gr6NvzYqAupA2pykxvljQriFXI9q3tAmbE5bTBk4DQBu4ewbQnPRdUlIcdvCqbl7tnsZ_yaup6ZdPfNnVqLi35Nr580KW9J4XFCyDbQwLFkrE8DMsgOhkp8Mqv61_L8PPG0KWOuRjxFFXAZsAJxS8vJfidPdGKLEmNJXxREc_h4efkd7tSaJQnFCZW4n3asQcwZwxO4M5dx3fTr0TUs1rmHRNR-_dcnKL32Q84mSULnEHlOG4MSy7vwkN3TbtloDKGwmN92-G46N7uueRtfG2wr7rfF0JrSkgjfjCSXDmspnAbf0WjolVYkbessMDOfHUcfjn25Z4yeR344DdtL0jTI9lpugl3KPKhuAajYc3WNoYMKRBj22iH4MoXoINAG9bNpEqUF11buLjWAToOroTX8QlGA7ajNXY4wp_g_0vn457nNdDuHkJdnvBdZ0qzuTf-A7hDQa9f1hoo9II64Puo1eXqC3Q7fkYDBYLf1DaYmMBw6tIT4ECnEJRwDfiMhyFL7fS-dQFaew6m95GQ-Nrfzv6p9_fzucx71LilTEX-OKlKLJt7Fna-X01p-5x8jSh7yAdj3HtAE7p3p5lEXfBLHUu-_hN87gZO9ZX_XAsmgfJ_RR5SDCtEOkRsamVgzuZd75G0rWZEq-LZr6JW2YyiyrIJlBVUE444qxgdGM63y5sPii84A0OPnh-otdx1kGzpjBh6h0cUqg&bid=0.003992378184758793&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.04&cpa=f7190bb8-0447-44da-9004-1342847d461f HTTP 302
  • https://imdn.pics/m/p/0/673/673492/conversions/EH8qpL4L-minify.jpg

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request PkAeHszN03w
poop.cx/e/
Redirect Chain
  • https://doodx.pro/e/PkAeHszN03w
  • https://poop.cx/e/PkAeHszN03w
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:48cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cad58b38beb9db083fa712f813237a305ec701c6da28bd41d3426228db5308f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
MISS
cf-ray
8379875678cb9b7c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 18:39:28 GMT
last-modified
Mon, 18 Dec 2023 18:39:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5wjlwUTWxNTgEdL6JWMEFBq4iEHCL0FMKOXYaYpOfQtdsRmjs6gPBGBB7%2BOsx09OtMriY5Wd5HJO17JtxK32fQYRvOfFMrcn%2FudIolHYL19pHDIDtnsceGJYQbr8myrAtMnSrol"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
837987531a1cb719-AMS
content-type
text/html
date
Mon, 18 Dec 2023 18:39:27 GMT
location
https://poop.cx/e/PkAeHszN03w
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRfZFGd0YawG9Zmg8H7KqhisEel7GQ0QNTgSLwYDduaDKy4OIGnh5cmJeiTcuaRdZ2M3MoopE%2FgUmrV2S8db7zokOMq%2F0aaP%2BxBbMn7qyKpCMOJtmqJ8OlkLGJ5Y4R9s19lWGFeb%2FBk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
jquery-latest.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 18:39:28 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3486514
x-cache
HIT, HIT
content-length
33202
x-served-by
cache-lga21983-LGA, cache-fra-eddf8230064-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1702924769.730655,VS0,VE0
etag
W/"28feccc0-1762a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
71, 431627
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e4fac1b5ccbb96c04cb5f7207441133c57d217bee3067f2c4f37fcad25720d77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 18:39:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93084
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Dec 2023 18:39:28 GMT
7733304e7a734865416b50
berlagu.com/jembud/ Frame DFBB 		244 B
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://berlagu.com/jembud/7733304e7a734865416b50
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a878558c0fdfa80a80a7fd0f4337836326111ce9e335abc9a40ec5b2103389b4

Request headers

Referer
https://poop.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
403
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8379875e4eee3c8f-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 18:39:29 GMT
last-modified
Mon, 18 Dec 2023 18:32:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auHmFbyc2M8C4RtV3q0czsGAi6yUClS%2Bdl4UDg9Etn%2BSm58ieTUN70lCB3f8tsbhBoRFlQidcPJr7wDhew0qSt9imIx%2Fb2t0zsxg1oBQhM2pxcU6m%2Bkv7wWUksCeG%2BLF7IqG8mrE4GIybQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
995d1d342cf6ed0edb9f0c69e7e10b32.js
3a12751332.cc72fceb4f.com/ 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3a12751332.cc72fceb4f.com/995d1d342cf6ed0edb9f0c69e7e10b32.js
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b68e5c9cf44a7b0d36f0affa8a13d413be7161e68578958f2c6eedf4eca92c71

Request headers

Referer
https://poop.cx/
Origin
https://poop.cx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 18 Dec 2023 18:44:29 GMT
date
Mon, 18 Dec 2023 18:39:29 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 09:00:21 GMT
server
nginx/1.18.0
etag
W/"657ac425-196d0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
collect
region1.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je3bt0v9167878827&_p=1702924768775&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=843779955.1702924769&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702924769&sct=1&seg=0&dl=https%3A%2F%2Fpoop.cx%2Fe%2FPkAeHszN03w&dt=video%202023-12-06%2014-53-02%20-%20PoopHD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1960
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 18:39:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://poop.cx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bohongi+hati
berlagu.com/download/ Frame DFBB 		651 B
619 B 		Document
General
Check archive.org
Download Go to
Full URL
https://berlagu.com/download/bohongi+hati
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bf43e7fed35d93350b5824c65660c62796d61c510918f1783f43146862833a1

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://berlagu.com
Referer
https://berlagu.com/jembud/7733304e7a734865416b50
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8379875ee8093c8f-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 18:39:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VKVq0Jrn586%2FlmbvFlZIaFtLJaS16toLwy3xV5XTqLUy0aFGLwRqWJmMuU4PtTXHcGiVYMHoLJV8fiFn%2FGj%2F1KqerBhqWzSFzSkJd07ORxLmuUpP4xXMShWpIxbHNPVImGc7WAX1RFuVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
114039
3a12751332.cc72fceb4f.com/420accc605bd674b41b4f29049a5ec6a/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://3a12751332.cc72fceb4f.com/420accc605bd674b41b4f29049a5ec6a/114039?version_name=b
Requested by
Host: 3a12751332.cc72fceb4f.com
URL: https://3a12751332.cc72fceb4f.com/995d1d342cf6ed0edb9f0c69e7e10b32.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f29a3f06f780d797b51ea8e1c4ce1182b749f4b531da6dc68e0c96f986df9bbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 18 Dec 2023 18:39:29 GMT
cache-control
max-age=300
x-proxy-cache
HIT
server
nginx/1.18.0
content-type
application/json
expires
Mon, 18 Dec 2023 18:44:29 GMT
embed.css
berlagu.com/ Frame DFBB 		1 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://berlagu.com/embed.css
Requested by
Host: berlagu.com
URL: https://berlagu.com/download/bohongi+hati
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://berlagu.com/download/bohongi+hati
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 18:39:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Nov 2023 14:04:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
21534
etag
W/"655cb90b-446"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4GoU0bt3yapNnwf3dklifQxnqXOVmjXDW15%2BYmBGaszu0NshPn6IXi4MH6ZLivEA9uN2sM5ojdJAw0eHbH9JSZVLJPSNaZ9ObAvY3cbtHevaeXfrvjva%2BoUZD2joRVr9s2g0eXXpPHntA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
83798760f921b740-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 19 Dec 2023 00:40:35 GMT
65101
wakenssponged.com/rizdGR8ExUj7Bb6T/ Frame DFBB 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wakenssponged.com/rizdGR8ExUj7Bb6T/65101
Requested by
Host: berlagu.com
URL: https://berlagu.com/download/bohongi+hati
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.248.156 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://berlagu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 18:39:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://berlagu.com
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
7733304e7a734865416b50
metrolagu.cam/jembud/ Frame DB0F 		249 B
617 B 		Document
General
Check archive.org
Download Go to
Full URL
https://metrolagu.cam/jembud/7733304e7a734865416b50
Requested by
Host: berlagu.com
URL: https://berlagu.com/download/bohongi+hati
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87c5f812f875cd480c6c4a674c155c1e574b6460c48fb3d3347dd3c23f49ca5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://berlagu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
837987614fec2be2-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 18:39:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeDwjlkAngvRzbSH0GbXFALRe0oZrV82FWZt0oI1t1UrfCZdd4buNjZdetSTnyCUtqVLtyvpj7RO4BgbZhoYwEZf92Fl5P%2Bu98Hcb8LJr1V72YYV6Uf21pzzC09USFUX9HUjPoNMwmIgLUUL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
count.html
storage.multstorage.com/log/ Frame 4782 		882 B
907 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.multstorage.com/log/count.html
Requested by
Host: 3a12751332.cc72fceb4f.com
URL: https://3a12751332.cc72fceb4f.com/995d1d342cf6ed0edb9f0c69e7e10b32.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ae33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

Request headers

Referer
https://poop.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83798761fa4eb966-AMS
content-encoding
br
content-type
text/html
date
Mon, 18 Dec 2023 18:39:29 GMT
last-modified
Mon, 18 Sep 2023 14:39:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQ%2BYSB9hGQxyhbyMzkHGuOmHTSZs3OTBLDrhMuZj3%2BWSWwE1EJqjFa8rkVBUlFQEKDrRYRxaIgxsYYYWWLdht4k6Kri%2F6%2FI8pKzm8vmq5tfhxSphAA2rxgRs6B6QQiCI0hK0sCsoUtQVuEa%2BQP68KxvPUz1eDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-request-id
e23f82fa563dc4051e8d0c6490f5d65f
track
d82c09157a.25eaeccf95.com/in/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d82c09157a.25eaeccf95.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzAzMzM2MjgxMDMwNDUxNjAwMCIsInRpbWV6b25lIjoxLCJ2ZXIiOiIzLjk1LjIiLCJ0YWdfaWQiOjExNDAzOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV1cm9wZS9CZXJsaW4iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4xNiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoidmlkZW8lMkMyMDIzLTEyLTA2JTJDMTQtNTMtMDIlMkNQb29wSEQifQ==
Requested by
Host: 3a12751332.cc72fceb4f.com
URL: https://3a12751332.cc72fceb4f.com/995d1d342cf6ed0edb9f0c69e7e10b32.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 18:39:30 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
0c1cd7348deb9642a7ce2f85082cd86f.js
3a12751332.cc72fceb4f.com/ 		560 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3a12751332.cc72fceb4f.com/0c1cd7348deb9642a7ce2f85082cd86f.js
Requested by
Host: 3a12751332.cc72fceb4f.com
URL: https://3a12751332.cc72fceb4f.com/995d1d342cf6ed0edb9f0c69e7e10b32.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
48d1682abf8acd3ba0e597a2613ae1b4043f689223489a78e832b6913b50cfe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 18 Dec 2023 18:44:29 GMT
date
Mon, 18 Dec 2023 18:39:29 GMT
content-encoding
gzip
last-modified
Mon, 18 Dec 2023 13:14:50 GMT
server
nginx/1.18.0
etag
W/"658045ca-8c18b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
15d2085485558836b967e0a1751f43e7.js
3a12751332.cc72fceb4f.com/ 		88 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3a12751332.cc72fceb4f.com/15d2085485558836b967e0a1751f43e7.js
Requested by
Host: 3a12751332.cc72fceb4f.com
URL: https://3a12751332.cc72fceb4f.com/995d1d342cf6ed0edb9f0c69e7e10b32.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ae13bd844124baad33e58b161461bf6c8806c2bcde3f4828cb2c2194a0fdc0ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 18 Dec 2023 18:44:29 GMT
date
Mon, 18 Dec 2023 18:39:29 GMT
content-encoding
gzip
last-modified
Mon, 18 Dec 2023 09:36:12 GMT
server
nginx/1.18.0
etag
W/"6580128c-15e63"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
fp
fp.metricswpsh.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=114039
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://poop.cx
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://poop.cx
Connection
keep-alive
Date
Mon, 18 Dec 2023 18:39:29 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
fp
fp.metricswpsh.com/ 		60 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=114039
Requested by
Host: 3a12751332.cc72fceb4f.com
URL: https://3a12751332.cc72fceb4f.com/995d1d342cf6ed0edb9f0c69e7e10b32.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
187322a97b4cb5aa4551e0357e49251c02c8e9594312ea83120efd8855b6875f

Request headers

Referer
https://poop.cx/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Mon, 18 Dec 2023 18:39:29 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://poop.cx
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
60
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2tLj8RqN1m515YqfmkV4n43nTuqwnhe9xqbLTUDgTwcPcts001lWEnI...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3qheSdVi1blVJpxmvYWOl4sg5amCWQ15Y9m0w8pkExcJflCihIymNnC5hCPkUjYIIUbsr1qA&passive...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3qheSdVi1blVJpxmvYWOl4sg5amCWQ15Y9m0w8pkExcJflCihIymNnC5hCPkUjYIIUbsr1qA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2113825603%3A1702924770828483&theme=glif
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Server
2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date
Mon, 18 Dec 2023 18:39:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-u2_pds8lpfN8tJvBEfV3aA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
403
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3qheSdVi1blVJpxmvYWOl4sg5amCWQ15Y9m0w8pkExcJflCihIymNnC5hCPkUjYIIUbsr1qA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2113825603%3A1702924770828483&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
dip
nereserv.com/in/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=1&event_id=158edf11-4872-4fc0-b5b8-a50dc24f11cd&subid=388464194&sid=3571097644&spot_id=418776&created_at=2023-12-18&timezone=1&ver=8.128.0&is_native=1
Requested by
Host: 3a12751332.cc72fceb4f.com
URL: https://3a12751332.cc72fceb4f.com/0c1cd7348deb9642a7ce2f85082cd86f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.198.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.6.198.130.94.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 18:39:30 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
multy
fea6607a84.555dcda495.com/in/ 		46 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fea6607a84.555dcda495.com/in/multy
Requested by
Host: 3a12751332.cc72fceb4f.com
URL: https://3a12751332.cc72fceb4f.com/0c1cd7348deb9642a7ce2f85082cd86f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
0cc66c415abd8829713f5f99d32c0398cbe73cce26937144301d39d5959acc10

Request headers

Referer
https://poop.cx/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 18:39:31 GMT
content-encoding
gzip
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
6860
multy
fea6607a84.555dcda495.com/in/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fea6607a84.555dcda495.com/in/multy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://poop.cx
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Mon, 18 Dec 2023 18:39:30 GMT
pragma
no-cache
server
nginx/1.20.1
vary
Origin
deffad9d-edd5-4665-8c85-d8515d48446f
https://poop.cx/ 		204 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://poop.cx/deffad9d-edd5-4665-8c85-d8515d48446f
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
204
Content-Type
text/javascript
dip
nereserv.com/in/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=1&event_id=446b4d82-1bd8-46ab-b9e2-09a33bdc1eb7&subid=357529620&sid=3355308141&spot_id=418774&created_at=2023-12-18&timezone=1&ver=8.128.0&is_native=1
Requested by
Host: 3a12751332.cc72fceb4f.com
URL: https://3a12751332.cc72fceb4f.com/0c1cd7348deb9642a7ce2f85082cd86f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.198.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.6.198.130.94.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 18:39:30 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
multy
fea6607a84.555dcda495.com/in/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fea6607a84.555dcda495.com/in/multy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://poop.cx
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Mon, 18 Dec 2023 18:39:30 GMT
pragma
no-cache
server
nginx/1.20.1
vary
Origin
multy
fea6607a84.555dcda495.com/in/ 		46 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fea6607a84.555dcda495.com/in/multy
Requested by
Host: 3a12751332.cc72fceb4f.com
URL: https://3a12751332.cc72fceb4f.com/0c1cd7348deb9642a7ce2f85082cd86f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
88364bcab5b57ca794951641360840d69650755fdc54d4c0ab4561676ab9e4b1

Request headers

Referer
https://poop.cx/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 18:39:31 GMT
content-encoding
gzip
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
6812
video
metrolagu.cam/ Frame DB0F 		2 KB
958 B 		Document
General
Check archive.org
Download Go to
Full URL
https://metrolagu.cam/video?q=jiwa+yang+bersedih
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b954f7c47e9a8613bf0cbc4d88f2ac18ad3bebd4b1dd5a3b3c6a8830f23e2e43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://metrolagu.cam
Referer
https://metrolagu.cam/jembud/7733304e7a734865416b50
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83798769dbb92be2-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 18:39:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nrV82Osea2WoKSi7KfoyiDVPzJb646clHx6PjfCIPQktdPQmjyA6PeMvO6YsGg2ICh0GzJdybG1nU7yG%2BgbM1%2FjuwfhdYFzSNTJVLhMhYp84YxVkUtsT4FTEXw9ajsctoZJOUK%2Bjx%2FEN7IY"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
/
mcpuwpsh.com/get/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcpuwpsh.com/get/
Requested by
Host: 3a12751332.cc72fceb4f.com
URL: https://3a12751332.cc72fceb4f.com/15d2085485558836b967e0a1751f43e7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2306::1 -, , ASN (),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2fcceecbcc8c2c7ec1d0f4c8b8d70a384a59000f2e1068757859b2c885677315

Request headers

Referer
https://poop.cx/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 18:39:32 GMT
server
nginx/1.16.0
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
3679
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=0dca29e7-2092-4392-9679-7a422e3122cb
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 18:39:31 GMT
date
Mon, 18 Dec 2023 18:39:31 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 		790 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 18:39:31 GMT
date
Mon, 18 Dec 2023 18:39:31 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
/
fea6607a84.555dcda495.com/in/show/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fea6607a84.555dcda495.com/in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,all&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fe%2FPkAeHszN03w&refdom=poop.cx&auction_time=1702924770&subid=357529620&sid=3355308141&tcid=0&ver=8.128.0&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-18&iabcat=IAB25-3&keywords=&user_fp=9467538808887432857&score=65.79347547675258&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fe%252FPkAeHszN03w%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fs.viiqxpnb.com%2Fh%2F746%2Fm3iesqo2xr7fvexg2gjy5lgjwktuk54zyhwlhd6fzn5hq2d2nj7gieduafrcpd7jzl5e4kxtkkxezmsb75bkzctfqjzyz22szbf65rxm2dv4f57ew5fyavzqtjziagnnlfhl6quk3tm3vd4nq6xy6s46i6l7t4gbtsejfnnxk7eebwnjy5vmqrsu5fzxojtxyjyfbhlsq6riuumajfejc5lmwjff5scbv2kiitgqi6s6vqduuiy7fvhn4n3jq3kbqdfeqqet5vxjes6ssohj4vgwj3zunp2aoccwcm7so2nph4xgndlgqupjjv4umwt2pjxxu5semqdh6ydtn52umrsuabfemqdgit5gur5wkrherzdwy5f2uusk3j72gmsmubaf7q3uotvdo5xcpvi5at7ursczmr23sz3gli4k3ffvfhmzd5kvszd7dn5rlbb2dknx76drtspe5xcrs23gnh3mts4f5msdkayfqoz6oa2hweyukecbofsjmzaxuxrebfqcu4cuczpx6ljtfesbemsvp7memvwloookbplr5j5ejtkiphy322eojmamsulttvkf75ncnpde73eovhbo36526vaja6zoda7bunq7njsgmaa3dm4ta6bffmatkvzgfaqskmaudrgemhick5xqajsthqcsgirdce2aaojddv7qwfdhlytrsmbzoayfgak6dmirgdyzfzjskargfv6qetypfn5waljgijsqo7lieyzhgecmk5juary5guisydzhb5rg2oqucuzcgldlpfyui2ycorwhy333ivdfcbkhi34fiucqkfggmy3yprkeixlspfrhsuwl5d5lj7gdykplw5b2wlhn3r22cdumbjeevs2lnhuinqrewjwiykz5dng63pch2o5rv2n67hmyqk7jms2mkfsmqr2tnyprsprynrtw2az4le6xmjzpprazyzi2obbjv47s4zuhywkyjji3pb3fnkk2st3prg7n353n4fc52s2mmizhemwhfuw7kl5eczcnkhnderjaexaglqvgoirizczrl325urfa%3D%3D%3D%3D%3Fu%3D&icons=eNE1GbcL3ArcKCvrSSaBR4HzAhG7OaLdBU4ROQWbnZI8ZYSYtAYTroKDOygGxm-1atbgqDtopv3m4_XQFUWuTEBvaczqfzaspSEZz_2q4oZ4PmN60dt-X8L9-8tWJjPyeJaPLmcU3W9so9Uk6nogGGhBSGOnseXoD1UpW3gcC7q7iuBdtA&ext_cid=0&px_id=31418774&min_cpm=0.021316418265392583&out_id=1&campaign_type=lq-pop&aid=412&cid=2766&uniq=&mid=6961524713251981587&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.054717572219783024&cpm=0&verify_hash=302afee9cc723ca44452dadfa28cb2d6&is_native=2&real_bid=0.001117352690186504&original_bid_usd=0.0011843890821933746&original_bid=0.0011843890821933746&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.109%20Safari%2F537.36&ip_mismatch=2a00:c98:2050:a007:2::10&geo=DE&carrier=-&label_ids=4,89,27,93,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1703011170&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0.0011843890821933746&hostname=auc-inpage-hz-5-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.0000011843890821933747&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=3f1f49e3-876d-4eff-b9f9-34b864be05f9
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 18:39:31 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
/
fea6607a84.555dcda495.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fea6607a84.555dcda495.com/in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,all&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fe%2FPkAeHszN03w&refdom=poop.cx&auction_time=1702924770&subid=357529620&sid=3355308141&tcid=0&ver=8.128.0&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-18&iabcat=IAB25-3&keywords=&user_fp=9467538808887432857&score=65.79347547675258&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fe%252FPkAeHszN03w%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=11772&crtid=575a5c3136bc3ef4ac3a751eef048a47&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3Dc_sjaQC-mNcdz7zmQQUwFImIlHIQq_3DZPOyF8xNqpQdaTrfdTe9cBi4eCWCsiV_SDve94Z7JfV80pAKbFRd0Yp3uZp4jZPtj-xWIu4wlNJ6Onkxm7IPBGxf4EbhXB9Hr4sR1ELVF-wdDiBKO7pK026OQp8qBbA_4s9diKnzwmdmvN1bpqOPZpgre3T8k4TT6_i1vjbJEKf_985sEAEcbdOwbdhJw30b8mrlGdUKwXg1s2FyKJBK3rx9Z-DyPFNeInC5a5buLR--yrI39_81TjG8AxfTxAQSN_sRX69dStR_1pyZC0Nobk5qdo6nnUH85fmjpEkHIH-tBS_Nxctuo9Xib7wQdQHCYxtPhh-ZUuxmv98jTacr6I8_g3G-2uVjeK9jfUvi8It9EoNJp_Lg4BBNfGtk8y2dvfHLG2uImCg7100qUVWkO9qWw1rS-_rSAQECzYFCRsjwEIZ2iWX2x_19o3r1zGppjnbXjF1QcJc1R954UMm8NqPkV6p9beLjc7t-Xz_yK5k_OZXIU8zvXyvEOndhzQwJ0Lo52t8IdqefHi6liAKimxBJJS2oRw1jua25Jru-dePCUslqaxHZYtOSX9T9PbWGC1A8bG-UX-FwruiAYKK6hM7tNURZ6Oe4ZNSwZS1puRWpvlgjjC1h2vaWBbEeVtoUEavXRM3nhoTj5e-VwZA9UR40BjO_vLckn2J2SOAOvt463TVeq49AAy8hLC0-fqsWLwHQkzTIg6ExHxrb8EBTxqp2Rgci00KWikiF8H4b9Qax6xVqtE3TG6pZ4Al-4L7NdophmOw1igyXslX0hDWf1XTZijMWI7SodFmVkZehgywzUdYu5utSACNdCiFH9BSZv_PhiMOVt9I0YBgakC2IaZmzhhXk8HGiUasECRTP1B2R0V8qLajRrOq7pdaSz6BYw_qbJF2g5eskfii0Zi4XEe-nhvQRLD7bi_0_gYXISZaXAvzasg19Vcv3uyH6vhak5qV_qqRZ7DIaHau9Fy71fj74U5XW4JSTinrnOcAOetuWC5Pon-Pae3EN_hsQDkDkJgGfld6G5zH_11r6Sl0spu6HwliUd4BZ2bGov2qoQOqpzKZ6QSV_B76Y7cs15WZQBTB9NFmUS2ZE-VHJQC_d7m6BZwrlBdEe4bN-IVZyW_XsLyDwzRRj6_NaJRwbF4DVMIOFSXAck3NlATlF07bxz_7nKsNk2s2YcNVppuxrVJB5LbQTl1Lg_V3VklY1LZyxCUHS7_U9CfEvhvzOHTSnY-2U3Q2MKc7Y7GMVOMAaFRKRJAirY1XH_ywV6Nh_yYGgrLNiFyrBSsuN_vUabuFhuPCUUic-PbVZPF7RsBQqdGh8pQwy8CL7J9l0kvEujJIMiqZz4N40-SCYqYVyyX3Ci0ybfNsIIHaFxAAhidTXhkQg7yblX-CXL42NGtOxNiGZ1Moish8ohmOOTs7kZHF2FwGe_F5k5S33yPSm2nmnamkyekR_pUkKaauv9vQcc4KbUP38z_Mqnodz-MG7Hw%26bid%3D0.00504732&icons=ccNKn-MirC74JOS6uyxCTK2hhi5cHQp4DO6LZPDfPE4hFCC4dFOHvGzBgNaOFEy2MgteNFlADLNROB0Vsunub_wZJDGomKpXtNNfc2DSmY_WAgv1Y6J-VXIShY5jcI2Ksr6y46giF78Y9UKtW2rsJErv3R0A85xHXHpWsfIlqo6JBbKYNkltcdXRbTc4gBBL37Fl9OSxQjivnSYw8xzJ5IXd6iPq68iXQCavca2nkaH-HlQ_W0wfATclRA3GPM__sVx7Wd7PGstRkEfAzUhio3R6_Dg4VQvrynv5bB8Lzww-60eoGR1hU54MNdBl384LEX27qThTUpjgXpqv9H64jXRomLpIA1DjNgAvV8QEi8kRewtGJ1uy3WEmmqOagTFPyanF3BX4ymCfJ0wbYzUwvuRvJcFO_xziUYvSKpVDQC85wAfJpUI4Pcrh78FZQr0qRECGUlsG502cWDrdK3fdRhQXCiJIYilhedUo7O8XsvqnA8gqCk0KIeR6MKs57-TRC9wUxrOORJryaBQ34AlaKu3M8h96lhvBR9vuUbedGV9FQ_5XSOlA0uYo2qrEKyBNquZ1Yp53G1v2W9C1afY1yz7asOVuG50p_Cz3cJX7xamHjSzy4GM7-WJ3AesJkGWl6QQ55QmFmTvABvriuKXqadEuRE7WBoVuEKciEdMIAXMuHYQLVQzfCJm1W6jp9W30KLfUunFQQLN450W2nFmBFe4O5aFARFBJkFnM5qDl9rnA9ttaPqxvCrBmyjXTWNZnLZa4C13oG7_vk2YJuK8wIPMjFqCNzC-yKrQOpc56M0IbGBKvdBQ0Zthm49o1MCOdsA2MHWWkILGKjzghsDZc28gi1IgZ_OtDp38bi87_Smkb-nOJKQIQRxiTKhalLSrSlx2FJnQMGa9m3bLOaXMTiGhbkMxyMEFgx39tt8hzQdOG8gXbEoWo1G9fI8QEPEabmJJDY7IF1bV1uHO9czuweVjM7s5tkCUZUhnDC6eg6cPycuQvtccEQWgpSdDdHQu1JD-MZ7IkoTWDx_TdDkKh3OYZvgGVLPi_wu5BXkc34obGsJ16BJhkveusEWbAeqn17b4FwgERlKia-uvVz9wRTEFqoKzjDgz2U0lWFwbw3wQcOzqMSfQfIJxeFP3_UZL0AiOXnBbN66rVnjql3hdY3qNOPx2xfl1F4lWf5VN3JRDEnDRjzmXqopn_cpms33HMVtguy2AS59qMah4DWTUn0OA20En3cLYDmoauusDuvl5uweiRsRrkDWjMBoHdArtD1jRk_PX2zno0yomrbdII1KNHkreTixWx9EOjrp8efPvr-b1Q44sn2D-p6-_cS-TrS4pPu2hg6Tv0wmAnDJPz-UOZ5C65otBE&ext_cid=186814&px_id=73418774&min_cpm=0.0014001676087567535&out_id=0&campaign_type=hq&aid=127&cid=14410&uniq=6994a47220febeaabc800b167ed594426cfe4b88ca223e086204018f813f20d3&mid=6961524713251981587&skin_id=2&vertical_id=23&skin_test=0&from_cache=0&ecpm=0.01623540676431092&cpm=0&verify_hash=3fb13d7f41f03739045a3268b15b078d&is_native=1&real_bid=0.00504732&original_bid_usd=0.00504732&original_bid=0.00504732&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.109%20Safari%2F537.36&ip_mismatch=2a00:c98:2050:a007:2::10&geo=DE&carrier=-&label_ids=98,23,90,4,119&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1703097570&image_url=&site=native-push-adult&price=0.00504732&hostname=auc-inpage-hz-5-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.0000050473200000000005&ext_campaign_id_str=186814&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&st=0.03&cpa=5aba630b-8a29-403d-9718-282a104b08b9
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 18:39:31 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
UI3oV7aK-minify.jpg
imdn.pics/m/p/0/673/673494/conversions/ Frame 59E5
Redirect Chain
  • https://p.a64x.com/in/tip_shows/?katds_ep=K5vEM4FernMNy3K6F5QGRmNFH7fX1eZKLfVYQPq0BaMthZnXoMz9tWvdcT6NxGzmJ2xZx78Dfb-qwMv5mw0qourzE0jYMb2vTMWib3iBlW3NjLm3Uk9Ltmduu_Jdi4n5MFgTV7PJ4LzcqFsPH4R8wCpD_TE...
  • https://imdn.pics/m/p/0/673/673494/conversions/UI3oV7aK-minify.jpg
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imdn.pics/m/p/0/673/673494/conversions/UI3oV7aK-minify.jpg
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c8cfcf582c003d20048a26e4add693c38a2b95c29821a7601767dabb127110e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Mon, 18 Dec 2023 18:39:32 GMT
last-modified
Tue, 12 Dec 2023 15:35:17 GMT
server
nginx/1.20.1
etag
"65787db5-82d"
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
2093
x-request-id
95f63b7afd5b0ace17f3022a1ad1fb14
x-proxy-cache
HIT

Redirect headers

location
https://imdn.pics/m/p/0/673/673494/conversions/UI3oV7aK-minify.jpg
access-control-allow-origin
*
date
Mon, 18 Dec 2023 18:39:30 GMT
access-control-allow-credentials
true
server
nginx/1.20.1
content-length
0
content-type
application/json
64343
fikedaquabib.com/rotaInGRWQGA24/ Frame DB0F 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fikedaquabib.com/rotaInGRWQGA24/64343
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/video?q=jiwa+yang+bersedih
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.87.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.cam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Mon, 18 Dec 2023 18:39:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://metrolagu.cam
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
jquery-latest.min.js
code.jquery.com/ Frame DB0F 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/video?q=jiwa+yang+bersedih
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.cam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 18:39:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3486517
x-cache
HIT, HIT
content-length
33202
x-served-by
cache-lga21983-LGA, cache-fra-eddf8230064-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1702924772.544862,VS0,VE0
etag
W/"28feccc0-1762a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
71, 431628
embed.css
metrolagu.cam/ Frame DB0F 		1 KB
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://metrolagu.cam/embed.css
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/video?q=jiwa+yang+bersedih
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.cam/video?q=jiwa+yang+bersedih
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 18:39:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21729
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 28 Sep 2023 15:07:59 GMT
server
cloudflare
etag
W/"651596cf-446"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djoBAuY1GuJM56rKomHeRQtKyaCCzc6nxv5gwsURSzrAcgPdjWDPHGQZ8Q0jl1rO1xMjjcw3AW8ubwvqn7FjJIuuAVFXlG4X3CVYd8pA58u1%2FGZ1vs8xIXz38ZNhqXP4DSxdu3kNQBMjf4XN"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
8379876e2b9018e4-FRA
expires
Tue, 19 Dec 2023 00:37:22 GMT
IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 		790 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.04&cpa=9703ef0e-96ef-48ec-bc46-d04c1a540883
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 18:39:31 GMT
date
Mon, 18 Dec 2023 18:39:31 GMT
last-modified
Fri, 08 Dec 2023 10:18:03 GMT
server
nginx/1.24.0
etag
"6572ed5b-316"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
790
x-proxy-cache
HIT
/
fea6607a84.555dcda495.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fea6607a84.555dcda495.com/in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fe%2FPkAeHszN03w&refdom=poop.cx&auction_time=1702924770&subid=388464194&sid=3571097644&tcid=0&ver=8.128.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-18&iabcat=IAB25-3&keywords=&user_fp=9467538808887432857&score=65.10843258722696&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fe%252FPkAeHszN03w%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=https%3A%2F%2Fs.viiqxpnb.com%2Fh%2F746%2Fm3iusqo2xr7fvexg2gjy5lgjwktuk54zyhwlhd6fzn5hq2d2nj7gieduafrcpd7jzl5e4kqpzm32oxpmk2pi44wsgogoc6xiohfo5rxm6dan74vnnsbesluqioqhzvsmkkwfnogyz3vm7dmnq6xxdotpxxc6xq5ut2ejfnkj2zfirl5dy5fmqrsu5fzxojtxyjyfb2dsjorujim4q52lc5lmxjffpmcappjtlee76zlmw4uhzobxhmt32dln7xkaxzjuzo73orsknusvsba7pch2ubp2ivhkooowcm4cof45a5fizxcmavxjjv4emwt2pjxxu5semqdhi2d4mnzeaqk3ajduislaiz4n4qtnrjhuyyhsntqetncmidvv7rsjlg6fgs7robr3u53w5bkxd2tl3stltdkfop2w6qvbstducy557rsearlxnmux6awupinjcv6yjo4lmzhajkkj44efjopkmqfyojyfkizoeuzsmq2baebeari2nfdsswjclbuhg4kwimhhwkjtp52uuzcvfnu4ivkc7f3yx4h5ohqfezhxnri5xaltrrrrnu3wogpevfl3qy2fv34vn6thhqro2neie6vqttfnft4mw2ukcyevny2cair4giagsglcheuccmajlmhvwaaude5qaly4guetszj5bydue5jyhj2tqgral4tsqbz2gand4vl3cvdbaorrhyahkllwfasqqfagcuqte5jbdusvokj5ozrsaqkhkviewri3m4kh4vt6krtx6ksqcyeh273pp4qrkyqqhywsmcbkcvefgakfjjggsrdskz7fqy3ypzkeh3komfghesdzmabxu2lunz2eoqkwel55h3nky3ypxg5gkej4txoy2jacrwfethvvcxsofdcnpa7t67y3d4syacikxm5tvgdkvjnpmbkxuqwqljje2gzhii6we23ygmpbueq4cefeoyezjvdeixfs5df424kxp5afoueuqnnrnefhin5lthe63ad5oyhgnjeuu3sgftxtmfg6g2htaxgidsaca3d6leefap2xabv6pwjdzjtikty%3D%3Fu%3D&icons=y8OXyz0J24WqKEwgD6Euvh_yfuLMT9q7rrNabYWYmYJ7UbeYcFER5Ca6l-wpAF8JoGjNlCg50aGx0E8Uyz7X78RG5ANQEWLUCkow4YY5NM5TNfVRmKiGriv7u4cHbfKfWPfYbqtErUIczcTkD8WD5ozVnz0ClvK3Qq05d0skFQHAm9h2TQ&ext_cid=0&px_id=31418776&min_cpm=0.03765499771493231&out_id=1&campaign_type=lq-pop&aid=412&cid=2766&uniq=&mid=5979598356439161886&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.09698707946480212&cpm=0&verify_hash=1efe07f94702398cf5fdcf06ea890bda&is_native=2&real_bid=0.0011211634947573689&original_bid_usd=0.0011884285187721254&original_bid=0.0011884285187721254&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.109%20Safari%2F537.36&ip_mismatch=2a00:c98:2050:a007:2::10&geo=DE&carrier=-&label_ids=4,89,27,93,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1703011170&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-adult&price=0.0011884285187721254&hostname=auc-inpage-hz-4-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.0000011884285187721254&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.04&cpa=7267850c-bbf8-4555-98c5-5fd024c452ae
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 18:39:31 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
/
fea6607a84.555dcda495.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fea6607a84.555dcda495.com/in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fe%2FPkAeHszN03w&refdom=poop.cx&auction_time=1702924770&subid=388464194&sid=3571097644&tcid=0&ver=8.128.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-18&iabcat=IAB25-3&keywords=&user_fp=9467538808887432857&score=65.10843258722696&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fe%252FPkAeHszN03w%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=11772&crtid=b6c82fac5346b2440a7bb1202400e157&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DGSvKubwLsJyv7h9z6r9vlfLuyJp9FFdKbcYX2cHHECUTZD9Ys1KiwS4fVG4Mg7Maj9s5fd0MGC87P4zf2yVkHwQDrhqj4KI4q1shR6cwd4YkRlcTwreZvr7Dc90isQsQBl4nsDmjZ6AcGRemdWj4BFZ-WPQIP-84eH12vzt0-xJq9Q1XRRMGKmFqvwQK38A-__9TZRp9RoS2GLRdViLpQTz2TdinBNMjemdTiKiU7xzXcthjIEAaryPddgxgdDf7EpV70hvwmb3tkcvtwMEFOGjAZ1R4v5TCD3FdWU6oMXbyMz91xGTcZAE9zHkSDu5Rpsjb8LE4rQ5p-YpIEqoUbCJDQ5jXCCmSiz4Flebem8KUu-q7hJaEXakb9cwwTQztcGNKUryP4icmY7GbrcksD1SrfpIU0tpwz3AhyZ60MHxBlR1vzkHyKqVdk1Fzg9LmA79nkfj0_E-PzOVO4MtIco3Wlik6ELMW7Yaz_iTBgdXG1vR4qrMN9sL1iQlDWtGjSyRsYADfmSIt5onVNjERJ573yzrRp_SC1EelgkHnwKksxjRFeGkmRL5jPSpB4621_M3pXHNO-SQs7RbXMKxXPIy2KOqx3N2Hykjkp83M9UX8pw_DAfEfvNHAxvTzXWTFT17uo7gOxL3zNRAKYrXxVbfj9S8vT6i4XaVi7c8ash3n3RyWtL7Fdqm9XldLDmCn_G0zZTjtNLe0WftCFO1twG6QdjMl3RnbTexH37kJ0-D14TXoB3TPY9ftr9YKtfjy7EkOMfb8_NyBlfTOd9bn7cPZMIMMwd18rLsOIlMTG2Tihwcjyo8B_ppKemtDh-GTnJ-IugIDJBIwcqQmCtE_YwpiSzotPmp4bLBYtOSItdY3ZcWsSeRTxEPOkWCe8EVVOKuub3PMKNXESNuEImjb2AqrBlZ9UFSTLVrSRTi1S0REglJimTecg783Tt9up4iH_Y9ASPbZfpREXgAIqyotF_f9UJNglNB0WrR516OmnAzR_ic1CD4aprxVSKULy9EXqkn0d4-B_iOwIE30JeFgRG2qPx0dVo1opeeuOsIA4iHjHMB8U90j5zQ1_jWg86gXJELG5lzQbm23T5dZBq-fSwaEnbWsHVGQaL_NccqenqUUzg31jnCBCtyfjgtHWDKijPDzn1mjVhLSueXYyq4olhUMxy-LB0f0rN3vLhv9MCj-WEETjeo_5U2McFkKekHgznhHQ90IBEp6Uh97O_IDxz526VKdo4G4KDSzoVVADGeq_IHY7y-iHlR7A85WHb2l8cQRIG2K__j7allDWHEHSOfx444UqEmrx7Meq1tCBww-CYF2TqbW2y8EyvnjYUknbS2DPLMglPX7wihQrfmtwd0TfH-qME84CucummA_t5BxVGyM1Am7en166MUIhb31q1m660jxAaAbWoO3BtYU7tyJVJD04102hSsuPAjYQed2qkS9jxAfoftPnuzf5eo3h1NtI-7YEbMXU76mPoYimFCRwj_0s1WHDMO6X4vjI4gv1jw%26bid%3D0.003992378184758793&icons=8JjUqEGROeaD1Ui4Dc2yCydu-dow0_-di58zJjGz723UFcC9OxFuQ8Q7arviQMzL8bpCtaZXFhvAn9YHRk6S76mhYqeV5tAZO5G6iGOqz8ITM1almG97h28bAUFM0WWWhps7yK1MYfL8rhe4YNpm53K0yTgc2KElL579Zww5SD6KPQrqqEyC1fmn6F41-1_zJw_oXs1uctYw3HHK4UqaR_wU0l_0f8bhwQf6jmogY50ZkSCLQ2DAo9gVI49jYn3zQ-7Qpnr8SQqbkjofw1MCqf1hS0-0xZ3eKOVEYG65jCACuC6Dn1gX16b7dXpj5W8RSpTxAJ6OGKkBtW_t8a_7kwHp6Hk7H6GlS-eWUjiCawUTDiZGzXfGNLAjPSg2GMvm9Nfe0kjKyD-AT6xwZhwZegvaKbjkG_DuXOWyzciGs3-gyKlWaDbcf7Tlorft0wfyl_vNd_s1hBLyKjdDUOGL-NfWEmzi9lwR6HCZmF74M7qpOf7pPwPq2wVBgPEEC2NbUId_B7gk8HuSYsD93B509izISSrYEOSYfrhR1GsGr1gcC60LguhkIsOTVpojbFeohDqWsORMlV33MAjua6GIHzRQMGX2O_cVh_4WcZQnv2WQuWN12nEeDHAeEqMbs_iTvPyesd92eAHwVEMiQ_iKLrekmOOZ0CM0Jmnp3PSOqBPfGIvEvZ9rOErLJDebJXo03RWFTNHyqqJMlVtUBLZTSNMGj415qtvG85sJdtCxvaRN4fqAeD_PKs4T9pt29RQuec6eqInouu9-7RiFZX2lFwiGk1830Wg2CaLSiSSoiHPcNAdXUtLHus1lYmzvfywieEL4D_hpW1AwQxGOLhmc9SojilOnCW3AFH5BMY1f3Hf_45kQm64_Cr7Bzb4CBHN7OsQmfhWtLzMz6gsoBgKIdfbWO0SZQeZGztKbHzJKzATzlvfVmNuoJeHgH9cmuBznsVlrn-_3pfYX9yYH2JpoBV6I-Q_HUq_3jVvX9EpV8mVi5lqnYVeemPjWQortJWb_nskT71hyL7iFy53zJqLqCarE5_OLkR3marLyjjN36Tm1geuzxL-2eAjHhbdesE1Wcx9sd5H0OZ_DaXVZ3TyLvr0XYY9-Ntgah6yMyrEEFrNhVB4mf7kvUstG0QiwSzAhqNusy0CxdqDLtuCJyGUbYmdAdcSqV7gNuqOzVkeIThHnSqylJTX733gGN7mac-cnIu8JmuAOxDFpjGGiAr3ZBOmSv1slxRKb9gISfKg1rx2vmLDgFeTboGROwcWbRfIwM0XND4m9qksQC6EJKMUZ12vnOgK6zsBLRoVMYReOBNcr_WEHY0--JetSGHvEWSKgIpeyoOtj7YxHWZSMDfuHwL0E84LJ7nAkmq47LuEXHF0E&ext_cid=186814&px_id=73418776&min_cpm=0.0014797238270408749&out_id=0&campaign_type=hq&aid=127&cid=14410&uniq=6994a47220febeaabc800b167ed594426cfe4b88ca223e086204018f813f20d3&mid=5979598356439161886&skin_id=2&vertical_id=23&skin_test=0&from_cache=0&ecpm=0.017157887441906296&cpm=0&verify_hash=e661e19ad6600db24be48d897e24960f&is_native=1&real_bid=0.003992378184758793&original_bid_usd=0.00504732&original_bid=0.00504732&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.109%20Safari%2F537.36&ip_mismatch=2a00:c98:2050:a007:2::10&geo=DE&carrier=-&label_ids=90,119,23,98,4&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1703097570&image_url=&site=native-push-adult&price=0.003992378184758793&hostname=auc-inpage-hz-4-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.0000050473200000000005&ext_campaign_id_str=186814&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.04&cpa=82c38359-1d27-4905-8dda-797d5eec6414
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 18:39:31 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
EH8qpL4L-minify.jpg
imdn.pics/m/p/0/673/673492/conversions/ Frame BABB
Redirect Chain
  • https://p.a64x.com/in/tip_shows/?katds_ep=n63VEn5Rkzv_8BND6PkqLb9YKAjsi7lzwhQLRVOItY1RhOcChnqua7Q3idJJ0edNPEUv_MAQDdqmRqFER1kJxWlql_KbATFQ5CJg-MC6TgomSwdRtcnN0Qqnnky5PREF1tqR3royAGYDX5y0a_mQCN4CtQ6...
  • https://imdn.pics/m/p/0/673/673492/conversions/EH8qpL4L-minify.jpg
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imdn.pics/m/p/0/673/673492/conversions/EH8qpL4L-minify.jpg
Requested by
Host: poop.cx
URL: https://poop.cx/e/PkAeHszN03w
Protocol
H2
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
15f67b314ed7abc25b83fc33863e97e2873871bbd62a4d299bef82a08501428b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Mon, 18 Dec 2023 18:39:32 GMT
last-modified
Tue, 12 Dec 2023 15:35:08 GMT
server
nginx/1.20.1
etag
"65787dac-9ba"
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
2490
x-request-id
edcbb2d6d18080ea8a28d900c413f8af
x-proxy-cache
HIT

Redirect headers

location
https://imdn.pics/m/p/0/673/673492/conversions/EH8qpL4L-minify.jpg
access-control-allow-origin
*
date
Mon, 18 Dec 2023 18:39:30 GMT
access-control-allow-credentials
true
server
nginx/1.20.1
content-length
0
content-type
application/json
play.svg
metrolagu.cam/ Frame DB0F 		633 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrolagu.cam/play.svg
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/embed.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.cam/embed.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 18:39:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 10:51:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4772
etag
W/"650c2028-279"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnJxLb92gOsnb6c3LGJEmq2iJ0Qp6nRdJLBIa7X2Zf6Qr%2BMbKZHIhtow1m1UkmtYOqCaSoTVGX5hP9PsmQB6%2BOAmAE4ec66m%2FCTF1LQXtBTk8BQij0SpjJfjYbywyBXFkKfW%2F1wH0mTsGcL8"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8379876f5cec18e4-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture function| $ function| jQuery function| R function| X function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| __adFormats object| __formatsGetters object| _admSptsInVw object| AdManager object| a3klsam object| activesInpages function| __fp-init object| popunderMetricsForSurvey

7 Cookies

Domain/Path Name / Value
.poop.cx/ Name: _ga
Value: GA1.1.843779955.1702924769
.poop.cx/ Name: _ga_RRBBHD087X
Value: GS1.1.1702924769.1.0.1702924769.0.0.0
wakenssponged.com/ Name: GL_UI4
Value: eJw9jVtugzAURHmTtIF0JBbQJfAQRP2suoh%2BImNfiBOwI%2BOCuvtaldqvORqd0XieFxRn%2BFsSI%2FxiLV7Hlsau4qyititZ3VwuYhQdr5tuFA0NbzjKtbdsmMlGOKwLM7a3W4TTRIqM5D3XgjK8OOuvuSu9qwjxYJgSGeLFGXOGdDB6X8kUISLFFkLycTXaZbywmzYIq7p0LJVjv0Sg1yLMn5B%2BSiXcMD8hqMo8Tzw8P2ZmR22WXorERzwZJgj%2BOw6cWZq0%2BUYqaL1b%2FQD0LPp%2F%2F%2Fc33KsSiaBNcneu7ZXMD8STTuk%3D
wakenssponged.com/ Name: GL_GI10
Value: eJw1y0sKwjAURuHkghVB0J92AV1BMRF8jFXswJluII0X7aBpSFLF3VsHTs7gwCeEoGIOaj0Warur1EZXerWv1FpDPkDHE8g6TM8cOuM%2BkAFUjy84TGqOkSEt8mvi1jXGPkvTlTczuCFCtlhe2ER%2Bc1P%2BObmI2aEPvg8mjdZnEpT6X%2BO9EJCvLP8ClsgjfQ%3D%3D
fp.metricswpsh.com/ Name: id
Value: 932625149418970039
fikedaquabib.com/ Name: GL_UI4
Value: eJw9jVtugzAURHmTtIF0JBbQJfAQRP2suoh%2BImNfiBOwI%2BOCuvtaldqvORqd0XieFxRn%2BFsSI%2FxiLV7Hlsau4qyititZ3VwuYhQdr5tuFA0NbzjKtbdsmMlGOKwLM7a3W4TTRIqM5D3XgjK8OOuvuSu9qwjxYJgSGeLFGXOGdDB6X8kUISLFFkLycTXaZbywmzYIq7p0LJVjv0Sg1yLMn5B%2BSiXcMD8hqMo8Tzw8P2ZmR22WXorERzwZJgj%2BOw6cWZq0%2BUYqaL1b%2FQD0LPp%2F%2F%2Fc33KsSiaBNcneu7ZXMD8STTuk%3D
fikedaquabib.com/ Name: GL_GI10
Value: eJw1y0sKwjAURuHkghVB0J92AV1BMRF8jFXswJluII0X7aBpSFLF3VsHTs7gwCeEoGIOaj0Warur1EZXerWv1FpDPkDHE8g6TM8cOuM%2BkAFUjy84TGqOkSEt8mvi1jXGPkvTlTczuCFCtlhe2ER%2Bc1P%2BObmI2aEPvg8mjdZnEpT6X%2BO9EJCvLP8ClsgjfQ%3D%3D

1 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3qheSdVi1blVJpxmvYWOl4sg5amCWQ15Y9m0w8pkExcJflCihIymNnC5hCPkUjYIIUbsr1qA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2113825603%3A1702924770828483&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a12751332.cc72fceb4f.com
accounts.google.com
berlagu.com
code.jquery.com
d82c09157a.25eaeccf95.com
doodx.pro
fea6607a84.555dcda495.com
fikedaquabib.com
fp.metricswpsh.com
imdn.pics
mcpuwpsh.com
metrolagu.cam
nereserv.com
p.a64x.com
poop.cx
region1.google-analytics.com
static.bookmsg.com
storage.multstorage.com
wakenssponged.com
www.googletagmanager.com
157.90.84.242
2001:4860:4802:34::36
23.109.248.156
23.109.87.81
2606:4700:3030::6815:48cd
2606:4700:3032::ac43:ae33
2606:4700:3037::ac43:abf6
2a00:1450:4001:813::2008
2a00:1450:400c:c0a::54
2a01:4f8:252:561a::2
2a01:4f8:c0:2306::1
2a02:128:7:4930::2
2a04:4e42:400::649
2a06:98c1:3120::3
2a06:98c1:3121::3
45.133.44.25
45.133.44.52
45.133.44.53
94.130.198.6
0bf43e7fed35d93350b5824c65660c62796d61c510918f1783f43146862833a1
0cc66c415abd8829713f5f99d32c0398cbe73cce26937144301d39d5959acc10
15f67b314ed7abc25b83fc33863e97e2873871bbd62a4d299bef82a08501428b
187322a97b4cb5aa4551e0357e49251c02c8e9594312ea83120efd8855b6875f
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee
2fcceecbcc8c2c7ec1d0f4c8b8d70a384a59000f2e1068757859b2c885677315
48d1682abf8acd3ba0e597a2613ae1b4043f689223489a78e832b6913b50cfe3
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf
87c5f812f875cd480c6c4a674c155c1e574b6460c48fb3d3347dd3c23f49ca5a
88364bcab5b57ca794951641360840d69650755fdc54d4c0ab4561676ab9e4b1
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
8cad58b38beb9db083fa712f813237a305ec701c6da28bd41d3426228db5308f
a878558c0fdfa80a80a7fd0f4337836326111ce9e335abc9a40ec5b2103389b4
ae13bd844124baad33e58b161461bf6c8806c2bcde3f4828cb2c2194a0fdc0ca
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
b68e5c9cf44a7b0d36f0affa8a13d413be7161e68578958f2c6eedf4eca92c71
b954f7c47e9a8613bf0cbc4d88f2ac18ad3bebd4b1dd5a3b3c6a8830f23e2e43
c8cfcf582c003d20048a26e4add693c38a2b95c29821a7601767dabb127110e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18
e4fac1b5ccbb96c04cb5f7207441133c57d217bee3067f2c4f37fcad25720d77
f29a3f06f780d797b51ea8e1c4ce1182b749f4b531da6dc68e0c96f986df9bbd