urlscan.io logo urlscan.io
SecurityTrails logo

poop.cx Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://poop.vin/d/4bC2UEORUd1
Effective URL: https://poop.cx/d/4bC2UEORUd1
Submission: On January 27 via manual from MY — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 24 domains to perform 51 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is poop.cx.
TLS certificate: Issued by E1 on December 29th 2023. Valid for: 3 months.
This is the only time poop.cx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 45.133.44.53 39572 (ADVANCEDH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 45.133.44.52 39572 (ADVANCEDH...)
2 157.90.84.242 24940 (HETZNER-AS)
1 2001:4860:480... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
2 167.235.163.216 24940 (HETZNER-AS)
8 2a01:4f8:252:... 24940 (HETZNER-AS)
1 23.109.170.20 7979 (SERVERS-COM)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a01:4f8:c0:2... 24940 (HETZNER-AS)
1 23.109.170.28 7979 (SERVERS-COM)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 199.182.164.180 15317 (SERVEREL-AS)
4 4 2a00:1d26:c77... 49544 (I3DNET)
5 6 88.214.206.175 46636 (NATCOWEB)
5 5.9.105.245 24940 (HETZNER-AS)
2 45.133.44.25 39572 (ADVANCEDH...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
51 20
11    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
poop.vin
poop.cx
berlagu.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
9aba99956a.eb480dde95.com
1    2606:4700:3032::ac43:ae33 (United States)

ASN13335 (CLOUDFLARENET, US)
storage.multstorage.com
1    45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
331d7222fd.3e2a26326d.com
2    157.90.84.242 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de
fp.metricswpsh.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:400c:c09::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
2    167.235.163.216 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.216.163.235.167.clients.your-server.de
nereserv.com
8    2a01:4f8:252:561a::2 (Germany)

ASN24940 (HETZNER-AS, DE)
7a2d2c66d3.4b6563a120.com
1    23.109.170.20 (Netherlands)

ASN7979 (SERVERS-COM, US)
wakenssponged.com
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
metrolagu.cam
1    2a01:4f8:c0:2306::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
mcpuwpsh.com
1    23.109.170.28 (Netherlands)

ASN7979 (SERVERS-COM, US)
fikedaquabib.com
1    2606:4700:20::681a:74a (United States)

ASN13335 (CLOUDFLARENET, US)
img.doodcdn.co
2    199.182.164.180 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net
xml.galaxypush.com
4    2a00:1d26:c771::12 (Newark, United States)

ASN49544 (I3DNET, NL)
us.karoon.xyz
us.histi.co
6    88.214.206.175 (Clifton, United States)

ASN46636 (NATCOWEB, US)
track.trackingtraffo.com
5    5.9.105.245 (Frankfurt am Main, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.105.9.5.clients.your-server.de
ads.trackingtraffo.com
2    45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
imdn.pics
1    2606:4700:3030::6815:1352 (United States)

ASN13335 (CLOUDFLARENET, US)
p.a64x.com
Apex Domain
Subdomains		 Transfer
11 trackingtraffo.com
track.trackingtraffo.com — Cisco Umbrella Rank: 206147
ads.trackingtraffo.com — Cisco Umbrella Rank: 313867
339 KB
8 4b6563a120.com
7a2d2c66d3.4b6563a120.com
13 KB
7 poop.cx
poop.cx
299 KB
5 eb480dde95.com
9aba99956a.eb480dde95.com
210 KB
4 metrolagu.cam
metrolagu.cam — Cisco Umbrella Rank: 104487
5 KB
3 google.com
accounts.google.com — Cisco Umbrella Rank: 23
2 KB
3 berlagu.com
berlagu.com — Cisco Umbrella Rank: 128661
2 KB
2 histi.co
us.histi.co — Cisco Umbrella Rank: 39907
1 KB
2 imdn.pics
imdn.pics — Cisco Umbrella Rank: 25058
25 KB
2 karoon.xyz
us.karoon.xyz — Cisco Umbrella Rank: 62624
1 KB
2 galaxypush.com
xml.galaxypush.com — Cisco Umbrella Rank: 135117
1 KB
2 nereserv.com
nereserv.com — Cisco Umbrella Rank: 35934
401 B
2 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 37830
428 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
56 KB
1 a64x.com
p.a64x.com — Cisco Umbrella Rank: 28421
490 B
1 doodcdn.co
img.doodcdn.co — Cisco Umbrella Rank: 34480
16 KB
1 fikedaquabib.com
fikedaquabib.com — Cisco Umbrella Rank: 106284
1 KB
1 mcpuwpsh.com
mcpuwpsh.com — Cisco Umbrella Rank: 58611
4 KB
1 wakenssponged.com
wakenssponged.com — Cisco Umbrella Rank: 135172
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
248 B
1 3e2a26326d.com
331d7222fd.3e2a26326d.com
207 B
1 multstorage.com
storage.multstorage.com — Cisco Umbrella Rank: 32053
906 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
94 KB
1 poop.vin
poop.vin
449 B
51 24
Domain Requested by
8 7a2d2c66d3.4b6563a120.com 9aba99956a.eb480dde95.com
poop.cx
7 poop.cx poop.cx
6 track.trackingtraffo.com 5 redirects poop.cx
5 ads.trackingtraffo.com poop.cx
5 9aba99956a.eb480dde95.com poop.cx
9aba99956a.eb480dde95.com
4 metrolagu.cam berlagu.com
metrolagu.cam
3 accounts.google.com 2 redirects poop.cx
3 berlagu.com poop.cx
berlagu.com
2 us.histi.co 2 redirects
2 imdn.pics poop.cx
2 us.karoon.xyz 2 redirects
2 xml.galaxypush.com 2 redirects
2 nereserv.com 9aba99956a.eb480dde95.com
2 fp.metricswpsh.com 9aba99956a.eb480dde95.com
2 cdnjs.cloudflare.com poop.cx
metrolagu.cam
1 p.a64x.com 1 redirects
1 img.doodcdn.co metrolagu.cam
1 fikedaquabib.com metrolagu.cam
1 mcpuwpsh.com 9aba99956a.eb480dde95.com
1 wakenssponged.com berlagu.com
1 region1.google-analytics.com www.googletagmanager.com
1 331d7222fd.3e2a26326d.com 9aba99956a.eb480dde95.com
1 storage.multstorage.com 9aba99956a.eb480dde95.com
1 www.googletagmanager.com poop.cx
1 poop.vin 1 redirects
51 25

This site contains no links.

Subject Issuer Validity Valid
poop.cx
E1		 2023-12-29 -
2024-03-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
berlagu.com
GTS CA 1P5		 2024-01-03 -
2024-04-02		 3 months crt.sh
9aba99956a.eb480dde95.com
R3		 2024-01-24 -
2024-04-23		 3 months crt.sh
multstorage.com
GTS CA 1P5		 2024-01-18 -
2024-04-17		 3 months crt.sh
331d7222fd.3e2a26326d.com
R3		 2024-01-24 -
2024-04-23		 3 months crt.sh
notification.tubecup.net
R3		 2024-01-03 -
2024-04-02		 3 months crt.sh
4b6563a120.com
R3		 2024-01-23 -
2024-04-22		 3 months crt.sh
wakenssponged.com
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
metrolagu.cam
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
puwpush.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
fikedaquabib.com
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
doodcdn.co
Cloudflare Inc ECC CA-3		 2024-01-12 -
2024-12-31		 a year crt.sh
imdn.pics
R3		 2024-01-12 -
2024-04-11		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://poop.cx/d/4bC2UEORUd1
Frame ID: A2926E2A240C13273528AAA91CEE3976
Requests: 32 HTTP requests in this frame

Frame: https://berlagu.com/download/denny+caknan
Frame ID: BABBC6EB84088D257E838E1A7464ABFD
Requests: 4 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 979A23922B36F788097D6AA8DFB85E2E
Requests: 1 HTTP requests in this frame

Frame: https://metrolagu.cam/video?q=denny+caknan
Frame ID: F121CD7FF14A8C338EA4E35377F1B144
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: AD24978CAAA3284225D9E28F0C5BE466
Requests: 3 HTTP requests in this frame

Frame: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650626-zUw5F9ZB8vab.jpg
Frame ID: B566E138C722D2CCD3E20B8FF68FDB56
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

dela 2 - PoopHD - PoopHD

Page URL History Show full URLs

  1. https://poop.vin/d/4bC2UEORUd1 HTTP 301
    https://poop.cx/d/4bC2UEORUd1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

82 %
HTTPS

55 %
IPv6

24
Domains

25
Subdomains

20
IPs

4
Countries

1067 kB
Transfer

2384 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://poop.vin/d/4bC2UEORUd1 HTTP 301
    https://poop.cx/d/4bC2UEORUd1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3S6Dpkg-k6XcYP54nJAuOfsiwQ-RG1V8vOSTkfCaNG22VeKhpk486OMw0VBt3tnYwKfwmCnA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2wBZeJTdgqP35PzpC0GQ0r-riUYlgAqYZPieWg9yV6MzJA6CtiY8ERjfud4MdSuPLnZrW5cA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1425292003%3A1706351248336775&theme=glif
Request Chain 38
  • https://xml.galaxypush.com/icon?sid=f6c000954067b87a035d402ef7476128&rnd=89455633&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=cd353b7c-4ecd-432c-a67f-098a8d0c66ee&prev_step_diff=509 HTTP 302
  • https://us.karoon.xyz/nty/metrics/save.img?event=impressions&bid-id=v2-1706351248495-7-7709-1178228-ca448541-526b-ebe9-c4e3-d5717ceb4b27&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DqykyTJrKAxTM0kXzIKtKEJ6pLzxEUUjXYPxql34hADtWfBy0uCl5KaGaNviSrQgZ9e9waNJuraKkJPz0WvdlYcmwfsEFJ36dimnV9qOBj9ku4lA3bBPcIM-49nLK4N9_Jrn1S1Y-BRrgdZ6ZREhFZQc4z86_V_u5cxfOL5hAED2M4u4efr9xK3jkvIxGU0l1T37wzKn-pCa3t5GmV-nnq3hBYKN1WV2fa5t4VNtyG_zc6tX3qFC0KmkSZHppygPT2LGRBCKrFKZa_VEyviBA98O2OO96jYuzXQ2qQrzQZABIw8dUw0yH0kWeCJYWAll8UYo6CjoBVJJOSqKFP8T1XWMvtzou9wNYLljpKhCuaU12m-_5u2oEySO01wg8hwg5nTHvU_AG_vm4PDVj-yJ-vBQa9d51bkO6fYZ4CXJtlhAsCaLhaZEhD-2dxBHF3lGGvbG9gCdUGRehg17QDANfwhoELh2wMDLUOsyjhCHF0uYGD3WH1EivMcEXksXiLUPe70qulZ5g1yq4-ghb437Z10g65xnBowD0fxIvzsrdVjsY_n-GOs3tya3f3WA HTTP 302
  • https://track.trackingtraffo.com/push/ic?auth=pz6u78&c=qykyTJrKAxTM0kXzIKtKEJ6pLzxEUUjXYPxql34hADtWfBy0uCl5KaGaNviSrQgZ9e9waNJuraKkJPz0WvdlYcmwfsEFJ36dimnV9qOBj9ku4lA3bBPcIM-49nLK4N9_Jrn1S1Y-BRrgdZ6ZREhFZQc4z86_V_u5cxfOL5hAED2M4u4efr9xK3jkvIxGU0l1T37wzKn-pCa3t5GmV-nnq3hBYKN1WV2fa5t4VNtyG_zc6tX3qFC0KmkSZHppygPT2LGRBCKrFKZa_VEyviBA98O2OO96jYuzXQ2qQrzQZABIw8dUw0yH0kWeCJYWAll8UYo6CjoBVJJOSqKFP8T1XWMvtzou9wNYLljpKhCuaU12m-_5u2oEySO01wg8hwg5nTHvU_AG_vm4PDVj-yJ-vBQa9d51bkO6fYZ4CXJtlhAsCaLhaZEhD-2dxBHF3lGGvbG9gCdUGRehg17QDANfwhoELh2wMDLUOsyjhCHF0uYGD3WH1EivMcEXksXiLUPe70qulZ5g1yq4-ghb437Z10g65xnBowD0fxIvzsrdVjsY_n-GOs3tya3f3WA HTTP 302
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650620-PSshgdx9S40j.jpg
Request Chain 39
  • https://us.karoon.xyz/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1706351248495-7-7709-1178228-ca448541-526b-ebe9-c4e3-d5717ceb4b27&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dpz6u78%26c%3DI9X10OhHBeqofAc5gNgnmqlbZd_ZLL0dotQj1AbhG7tO5udgnJqTbgxLtXXnXmTEAaP3ZjCsv23UdFB5x1Ks6uyFoX_n2oVkxOknL-pXjLp_cT-vORN7tJS3v247_JCDN8R5QHQa-HXdpwqKSFoqdXQuTCIqpQuiFNWDD-NXFUgaZonA8_pciTEjEd14_FH8E4myD_aWxKTe6JkxeuAbw8tcWRt-10FNa82Mi-OMjNkTw1CYGE1y0mnp6QeoIgn2nXWuBqtK5I2TlL3m8isfMaqxWTV1yDyjYbdqSVHB5Ha-B3dwfZRUoPwlIyioh7DANiurNoW_ObQGI8TQrTFa2LXgvQsdERGe5umkKtVOUPiVhk0yPtI22h0qv5e2DBQyxqKiEWddX0ujyVrpKoLo_s7wUX3EoIkJzCXOnAPRWW3mY1TPZmuXz6bZGrIsip_ROFlgNz-A57MUyhy71GA_1IV-j_dzdUT6cf6f9ccc2aTnkNOqOYwdvryMUOmfuKWIYkAvmXRD_UBRsbBxRJPbk1iLXz38XGJE0KLa4EYwhoHqiYGvYaOduDXMt9M HTTP 302
  • https://track.trackingtraffo.com/push/im?auth=pz6u78&c=I9X10OhHBeqofAc5gNgnmqlbZd_ZLL0dotQj1AbhG7tO5udgnJqTbgxLtXXnXmTEAaP3ZjCsv23UdFB5x1Ks6uyFoX_n2oVkxOknL-pXjLp_cT-vORN7tJS3v247_JCDN8R5QHQa-HXdpwqKSFoqdXQuTCIqpQuiFNWDD-NXFUgaZonA8_pciTEjEd14_FH8E4myD_aWxKTe6JkxeuAbw8tcWRt-10FNa82Mi-OMjNkTw1CYGE1y0mnp6QeoIgn2nXWuBqtK5I2TlL3m8isfMaqxWTV1yDyjYbdqSVHB5Ha-B3dwfZRUoPwlIyioh7DANiurNoW_ObQGI8TQrTFa2LXgvQsdERGe5umkKtVOUPiVhk0yPtI22h0qv5e2DBQyxqKiEWddX0ujyVrpKoLo_s7wUX3EoIkJzCXOnAPRWW3mY1TPZmuXz6bZGrIsip_ROFlgNz-A57MUyhy71GA_1IV-j_dzdUT6cf6f9ccc2aTnkNOqOYwdvryMUOmfuKWIYkAvmXRD_UBRsbBxRJPbk1iLXz38XGJE0KLa4EYwhoHqiYGvYaOduDXMt9M HTTP 302
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650626-zUw5F9ZB8vab.jpg
Request Chain 43
  • https://p.a64x.com/in/tip_shows/?katds_ep=6yyLE71uti4Z8L9kKry6Ee0SW3mnYhEzKNiCD1Mqp5LDqBHlfQb7Y52BBFGvoiZfOOggthyB9C5US-C4p9h7GjxCV5tTQNQ_ArairjZoQ-B0b4_DBBYLi4lrwns4L3QRbPbaPsZZWXsJPztema_RDBEeGDW9mdNtf-bgfTxf703lFxgkZiOqmp7shytY9fausnklAqyZLhb7xoi6CaemofMpq-7VUfuX6y6Llkyd0pYbaMacQWSheE6hqk7GsyCiSISQCmo189SmT0IuuMnJ1bjZaFtASYYuv9jw1tfZfik989AGP9c6Wi4TlNSJrPlMngtNkEgMMCQQhOFBwcUrzPTsAl-Yjo0Xto5FeYp1vSUGWxSQXnUlgkZBMk1BFldAPjLIw0XNcLmNcsoQ3ed5iwu-j9OZjIzintdNOtr8CFZz0KaQujM18RrfH7PqMfqnIsDrnD0cjJrpI10A_0UM3pn2BYUyAFRUMP4fHyc29tTjB4KPvtltG6rnuq9LJxVJ43Z3QtNV2vq_0-VAlbHskrVvm4HghnSA_zri91JFinz8J_Lo6NT1aob1vQIyQuCJExbcy3mO0bkZ33rFrtZSJiTAmbVz7BnH3tej31DEh5kNQlDL4-_ZRxiu8gswuRYggKi0JDlupKj_88Z1fjg34kI8KA8Xi3joJ76zgUeYecs1qOf1aF2ESs0NiFy0rObcNW_aPoOdtOep_PxpJdQ5fN-_PWih7mTt5HNryJSsxDAybz5PjwL-kaPAPntcr1-_VhG5rKprqV961S14b5SX7vAj6fy-BmQvkhA05bIIC-scimBUS9ctthS-OvAYoovFBAxU72pEezmqkk7e-GagJ3QWrrrakvGwPaD7Bbw84UWvO8l4KJh9&bid=0.0013519303637782828&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&st=0.01&cpa=38004927-d16a-44d0-9b16-98db570b41d5&prev_step_diff=509 HTTP 302
  • https://imdn.pics/m/p/0/681/681540/conversions/LGePkdU7-minify.jpg
Request Chain 45
  • https://xml.galaxypush.com/icon?sid=52789d6903e34d7d1816259da188e589&rnd=195932135&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.01&cpa=aa0ff5b6-10c9-4c9e-b49b-eb373d04ccee&prev_step_diff=575 HTTP 302
  • https://us.histi.co/nty/metrics/save.img?event=impressions&bid-id=v2-1706351248450-7-7709-1178228-d8963ac5-73e9-b9d7-b3f4-ef64862f77c0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3D9TfM9mZZ9DKFrNGcfuhCjv8Z-xHpge3fajEeRM-LX6BqjHn5tDZJi3XpYVy9Yvs_-toPtXyAMxLkJnQKaTVjY9kJF_OSaMVm1Ly1eyTiiTa_lWRmljpWLEQ4zJF71_oqxaodUJkVqGqYLFd0x94TH7xpe4CNgWeBtKT6SzbJp8PC9HCpvSHhzsLG2mibjo11ql2fzNyRu_q_BI0HLNsIZkbWD_1oLJhXHEw0xOsdUJ7V48_71PHTSBV3UIRX3vow6c9hMHvPcfkN7VvgD3mx1tpOp7Xde72TnzUHdbXnMbK7vp6xeYvCRz_4PiurC_eKU9Pdyw1H9QUPuH4O4GREQ1QF4FyVG-GoN8kgvVivECyX9ACwwhcsYUBWni6zstzS_4X6gGOGGTne5q8yrJZiio7I3iGP-suDtIvsMu925t3YYI3pm3ssrqxSsym9Qp3d_j3ze6xm286iXKO3JLkyWkNIEcsOVjORuMz_-xpD9u4ziXdIJsfVFxJdFrRdodv0EtFjrlsngG-v_BG2WOiAzwZfECUyaSZITUtlixLO1CntVUqkX-8TFnBX6sE HTTP 302
  • https://track.trackingtraffo.com/push/ic?auth=pz6u78&c=9TfM9mZZ9DKFrNGcfuhCjv8Z-xHpge3fajEeRM-LX6BqjHn5tDZJi3XpYVy9Yvs_-toPtXyAMxLkJnQKaTVjY9kJF_OSaMVm1Ly1eyTiiTa_lWRmljpWLEQ4zJF71_oqxaodUJkVqGqYLFd0x94TH7xpe4CNgWeBtKT6SzbJp8PC9HCpvSHhzsLG2mibjo11ql2fzNyRu_q_BI0HLNsIZkbWD_1oLJhXHEw0xOsdUJ7V48_71PHTSBV3UIRX3vow6c9hMHvPcfkN7VvgD3mx1tpOp7Xde72TnzUHdbXnMbK7vp6xeYvCRz_4PiurC_eKU9Pdyw1H9QUPuH4O4GREQ1QF4FyVG-GoN8kgvVivECyX9ACwwhcsYUBWni6zstzS_4X6gGOGGTne5q8yrJZiio7I3iGP-suDtIvsMu925t3YYI3pm3ssrqxSsym9Qp3d_j3ze6xm286iXKO3JLkyWkNIEcsOVjORuMz_-xpD9u4ziXdIJsfVFxJdFrRdodv0EtFjrlsngG-v_BG2WOiAzwZfECUyaSZITUtlixLO1CntVUqkX-8TFnBX6sE HTTP 302
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650620-PSshgdx9S40j.jpg
Request Chain 46
  • https://us.histi.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1706351248450-7-7709-1178228-d8963ac5-73e9-b9d7-b3f4-ef64862f77c0&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dpz6u78%26c%3DG6Qr3BMzMD0eeknpl6985hq6B6zS_E7JB7d9NIVCIb-ApbL6m_0ztTLTdi6JXCQvkrwtugaLbx4ucPF9vh5mmEYO9i8QmRdZXbn3rsiGepcTZi4ELhlfr7inbvJLvkAziT9-YI7rv405pR4XFMElrGYpfNtsIkA4zoWJqeXsEOgYsKFWBz3aC9hg254KcZAeELkz8H4EmqwNS0dGGWv_a57YwLS87-aRCGEMorWYomUSAvmDbAuOBvPsqzAeFuu6jZgzEfldnLkQJ6YchzAtCjUivf3b17EjHP1jJMJuc3xiCCMGtGVs5MFbibTSOC_kt0EU1w9l8X22FbNCJbiYJw5qPu9VLHc8ljfBrs-Y2WjEqEVkID6Ox2vK4GbS1urrWQX1E15CAnGcA1xAT3ynrA7qAY7KUiQOHpl9pBqJ3Ylr8Y-xXbQRlch8ejoVrrt7mCCTqsvOQ6kwYB5gFk5EPTadAku0tFhVz9daocbqNjHpxNPzi9SPSpFN_Mg0hpoxap6l7Wwg-x94VlD9DF5q-y9HmufI2u1DNZvfUsUhjlgRUipdHOgOeadIlwQ HTTP 302
  • https://track.trackingtraffo.com/push/im?auth=pz6u78&c=G6Qr3BMzMD0eeknpl6985hq6B6zS_E7JB7d9NIVCIb-ApbL6m_0ztTLTdi6JXCQvkrwtugaLbx4ucPF9vh5mmEYO9i8QmRdZXbn3rsiGepcTZi4ELhlfr7inbvJLvkAziT9-YI7rv405pR4XFMElrGYpfNtsIkA4zoWJqeXsEOgYsKFWBz3aC9hg254KcZAeELkz8H4EmqwNS0dGGWv_a57YwLS87-aRCGEMorWYomUSAvmDbAuOBvPsqzAeFuu6jZgzEfldnLkQJ6YchzAtCjUivf3b17EjHP1jJMJuc3xiCCMGtGVs5MFbibTSOC_kt0EU1w9l8X22FbNCJbiYJw5qPu9VLHc8ljfBrs-Y2WjEqEVkID6Ox2vK4GbS1urrWQX1E15CAnGcA1xAT3ynrA7qAY7KUiQOHpl9pBqJ3Ylr8Y-xXbQRlch8ejoVrrt7mCCTqsvOQ6kwYB5gFk5EPTadAku0tFhVz9daocbqNjHpxNPzi9SPSpFN_Mg0hpoxap6l7Wwg-x94VlD9DF5q-y9HmufI2u1DNZvfUsUhjlgRUipdHOgOeadIlwQ
Request Chain 48
  • https://track.trackingtraffo.com/push/im?auth=nmxuw8&c=WqkbWGuEvJouaRadbISd-yHuZrAZK24Jj-h_09Sa1K9M5dRNsJbuaCnqX4tLtOOIdD3ai5mDkLk1lcecDsQ8O3r318oJQivb6TJxLJqkZYAkqyRrHjJjzQQFkXz5ENHmdzuahi1FJpZ_BCixBq7UZoOeCEXM-Wr-Fm5tqJVY6iVT53nA0sE0-EUfOfj37Y36ouc0KObh-22N8fOHCotpmsBRvqiMdFKcHdjox6ChCmZSDniKSb9xsjVRV0e_k6mpAVqMb_HRRmx2F6faSDrWymSV5k55bxKe8uMXgHUpBoMK4Ess9HHXQs0eo0UR3T3AA74Hgj0VVzS5g2_mDyVzPv3A2_NfYoL-ljEyokSgWoPtILzV2Zlc-AtJFxlZUHpsbyns9dYQU8Us4d-BfxswaT-M_fSMK_b01-RI2LGE-foPIiS2fIUySub6iORlysGjcGYDg3WFkS0zUWBaCS4wgAGyE1--kENX5upMYy-QFYX9-lGMxqVfN4JTfvGVL44rbWq7VqLh9XKT2uJZgCkeGUw5xwCKCimctQm0rLmxpEUHsdhc4xz9Kw HTTP 302
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650626-zUw5F9ZB8vab.jpg
Request Chain 50
  • https://track.trackingtraffo.com/push/ic?auth=nmxuw8&c=S-UqSu--irBjsbMiVABK_TT9tGJj-o3EHqxYHpIvNTPUwK1Ft_PiaubbaBXs5flDZDI4KDXmAPtL11qL_ysjvg_SLUvgnDFa5unM1d9BqFKy4Y0h1LmzCWeI2Rua7QFFkMsdFcCqMsMEAJAP1_bUs4Kv5cbjvuFoYFX__dyunbyU4f1k2KiZNs_EzmbfWA9i1cc5Oqp-pl9bhcXEf62Rw7BWlJuPKZIdpqtF-Lt5ZNKw3GArmWDQDM_5nGsNUlejfajGrPmlJSiim-l2b80oyAAKX1BnWcMLQRleHl54StCaBmB7qj-SQV09ihq6onlLeKtA8qgOBMfpFHcG6UR2Zla_RSurCAiw7czTYPKtDiGbSedhy3FNCsUuPkuQPSXDt5pGTJlhQ1yP5vJclUeHqb2d1eVfvz22slbG9SloBznF9ctEoo5VUR2XKL2dsuoJERzo5xJVaCiFomD_aiSpMFFrXlZ489s_E106W_mabfIuDig8M5oqzyxlb6tHor2t_2nClk4J1THCEDT-_4TiBgWAdUAEHbpG68_8SiwxUSU1wDOtyQ5adg&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.01&cpa=61921d24-eb31-44de-b285-93def6b4c3d5&prev_step_diff=575 HTTP 302
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650620-PSshgdx9S40j.jpg

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 4bC2UEORUd1
poop.cx/d/
Redirect Chain
  • https://poop.vin/d/4bC2UEORUd1
  • https://poop.cx/d/4bC2UEORUd1
23 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d85ebf3ab2f5f2d0777d4a0f1068cf5640c74eb24f31ff984c2c530d7db3038c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
EXPIRED
cf-ray
84c04da2aff24d44-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 10:27:27 GMT
last-modified
Fri, 26 Jan 2024 23:00:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZw48Bj%2B5WvVDM4eLiAFC0Zw5ckco%2BgNc1HLB1v3VUb%2FQ6uxXG2NN4obZga74PofBHqatCmnld%2FD46vwpYbb8xK2oXMX6aFbWRS08q2uVJo5H%2Fy1MGK8twxLp81PTHoMbNmx2gr1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
84c04da21a9c3733-FRA
date
Sat, 27 Jan 2024 10:27:27 GMT
expires
Sat, 27 Jan 2024 11:27:27 GMT
location
https://poop.cx/d/4bC2UEORUd1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKbF%2F3GPsuNOdM2C%2Bi02FKA4rXC7sIdfql5o7PTn72GBYOuzS9SF0LWtAHLVEn0XDPDaZaUd1ikX6di40BhfDbyIUea2m5nbl9OlP7tE03Ml6a%2BqHIAJRvzWKWzG0QvI2PL3A8HOEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:27:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5127643
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27748
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ow%2FLki2w6xl1k7X%2ByUS2l5HC8p%2BPuGXMz6jVORyPkKrCPZ3vtoCbSooxC48%2BoI3Q6k%2BZFHHiw2%2BjJU5ThY8I6EaQ6PDHhKENc5w%2BPAQyKPH6woiDpcnqbPMcnLXtP2BxPL3CC27%2BUFt7MJzMobJNmpMO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84c04da38fbf35f0-FRA
expires
Thu, 16 Jan 2025 10:27:27 GMT
bootstrap.min.css
poop.cx/theme_2/css/ 		204 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/css/bootstrap.min.css
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10c142c79bbbfe42ce677eedeee70f918de0e759feabc175f423543aee886a6b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/d/4bC2UEORUd1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:27:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 02:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
28321
etag
W/"6522101c-32faa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhHOmsUZDJqIeuLK4u2%2F4ZgBw67XDr3yOk4aAuJfSuveYdqA9jEvnE3s3rjmDXanP0ZCjy9ONyN1gX5zDENOXFrciOtvwhAOpZgCw36JIS2YzpkUVrqa57xYZ6KCbYg1FdH0hAm%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
84c04da348784d44-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Jan 2024 14:35:26 GMT
style.css
poop.cx/theme_2/css/ 		204 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/css/style.css
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5d197171351e1ddaebb1bfe4f70c9103109d98395ff67c3aac7064ac474a22c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/d/4bC2UEORUd1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:27:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28345
cf-polished
origSize=259373
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 08 Oct 2023 02:19:46 GMT
server
cloudflare
etag
W/"652211c2-3f52d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ybiqLFu4wjseSsl0iJ1W6G8bSIAvuUUdvEXq%2FDGVV4TDan8rhSM3mPIjsXjoRAeDwVOxI25vU59n%2BR%2FtdrKoIF1WYyUUxRetVSaU83F4otKIQvroXaL46WmKMIsA5KzgOOKMdCf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
84c04da3487a4d44-FRA
expires
Sat, 27 Jan 2024 14:35:02 GMT
embed2.css
poop.cx/theme_2/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/css/embed2.css
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e772b331d8bf7685c6b985af9da4eb0b7390ab159ae3197c3e41638b1f1a638

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/d/4bC2UEORUd1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:27:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28345
cf-polished
origSize=2267
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 27 Oct 2023 23:48:23 GMT
server
cloudflare
etag
W/"653c4c47-8db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjXkhj5nQkA9xgLsj467%2BaEQvqv2CKeoyRkfOcCvMy9u9ul2ktXlvDIYEQFlqyLfxsFXsGngOf0%2BvatU950tRUX15%2BY8WHiEa%2BE37MSFzDkJaAYeNrSsxsZ4dumDImG%2FLOnK0ZnG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
84c04da3487b4d44-FRA
expires
Sat, 27 Jan 2024 14:35:02 GMT
js
www.googletagmanager.com/gtag/ 		283 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0912333a6d5dbc22367f987d70223f647eb703d78f6b2d94d56bc1887d92ac2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:27:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96060
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jan 2024 10:27:28 GMT
316455524f455532436234
berlagu.com/jembud/ Frame BABB 		244 B
654 B 		Document
General
Check archive.org
Download Go to
Full URL
https://berlagu.com/jembud/316455524f455532436234
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a98b7f982e5c39ec15d7ea7f554a59a029b9e24a18c635d3bf94f0eea54fefc

Request headers

Referer
https://poop.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
MISS
cf-ray
84c04da4db76360f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 10:27:28 GMT
last-modified
Sat, 27 Jan 2024 10:27:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8snwD%2Bejjm0YlD3PhRrhaKDdgJ%2F0Cy75I%2BYuSKW8R5p5EVVEdO791aqjBsxKuLpY3TkIr%2F%2FR7sZE2GAP0XW%2B8z4itxj2N6EejYThLKAx2k%2F3K%2FR4mYWSaEBD5DGCCLm2m8zU%2Bk02Scncg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
avertastd-regular-webfont.woff2
poop.cx/theme_2/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/fonts/avertastd-regular-webfont.woff2
Requested by
Host: poop.cx
URL: https://poop.cx/theme_2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf

Request headers

Referer
https://poop.cx/theme_2/css/style.css
Origin
https://poop.cx
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:27:27 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 02:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2638
etag
"6522101c-5d04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUZ2BW8xHjgCdmWPMTkGPkKPXDv3c69FyzvC65GZ1RdyBfua5Nhu8JkOBHs%2FRB7B%2Fwcy4TbsIBbLsL9G%2B0Qv4bhcfjYRc4d5r3UdkSFkjdvSIV1QLDXYywE5NkAJDwuxjVLthwYd"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84c04da3ca1a363b-FRA
alt-svc
h3=":443"; ma=86400
content-length
23812
fa-duotone-900.woff2
poop.cx/theme_2/css/fontawesome/webfonts/ 		180 KB
181 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2
Requested by
Host: poop.cx
URL: https://poop.cx/theme_2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e228b909313044a18dec1a674cfd4935071c36eb3eb6a0cd38a45afac6ae3996

Request headers

Referer
https://poop.cx/theme_2/css/style.css
Origin
https://poop.cx
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:27:27 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 02:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3238
etag
"6522101c-2d09c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2Fqjo%2BbVjigE%2B88cmq7W0mcpFMhWKxRsVHLirHt%2BwOQP8HkDWILZAfuEnLjFv1NUPZOFgqz7MM2l%2BUdWavIrde28FVywvnsjADTHQSz0sBh5sMJvFoXHZdWsAiR0nM3Jw28ql2Sb"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84c04da3ca1b363b-FRA
alt-svc
h3=":443"; ma=86400
content-length
184476
avertastd-bold-webfont.woff2
poop.cx/theme_2/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://poop.cx/theme_2/fonts/avertastd-bold-webfont.woff2
Requested by
Host: poop.cx
URL: https://poop.cx/theme_2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06244cc9cd0c998581b1bf93f5222deee7d2d0b09299190e163961afa973ba91

Request headers

Referer
https://poop.cx/theme_2/css/style.css
Origin
https://poop.cx
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:27:27 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 02:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2638
etag
"6522101c-5c34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bOZ%2BaBbDm8bHj0D28NUyZ2zqGwE%2BjxEiaLHJWrboN8%2BlIr7X%2BBhDClRnwwl1qNCYqDl1nXuzIfa92uRbwKoWtSYs4zo5dHDSVQFYiA1yAVeljLAhy%2BLN4wbqmisTVnmPEUgMgI9"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84c04da3ca1d363b-FRA
alt-svc
h3=":443"; ma=86400
content-length
23604
78c21f22c4cd687d24670f932de3f4d0.js
9aba99956a.eb480dde95.com/ 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9aba99956a.eb480dde95.com/78c21f22c4cd687d24670f932de3f4d0.js
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
70bef0b9b90f224dcce56929057d20668fd82f6a6044195d3655b893657ff11b

Request headers

Referer
https://poop.cx/
Origin
https://poop.cx
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 27 Jan 2024 10:32:28 GMT
date
Sat, 27 Jan 2024 10:27:28 GMT
content-encoding
gzip
last-modified
Tue, 16 Jan 2024 12:25:49 GMT
server
nginx/1.18.0
etag
W/"65a675cd-1986b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
114039
9aba99956a.eb480dde95.com/28331d50716b82485ef278748d469fe8/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://9aba99956a.eb480dde95.com/28331d50716b82485ef278748d469fe8/114039?version_name=b
Requested by
Host: 9aba99956a.eb480dde95.com
URL: https://9aba99956a.eb480dde95.com/78c21f22c4cd687d24670f932de3f4d0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
09eebba468108e323031564615deea9304b6774ea53f6e23c0ed1034cc0673bc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 10:27:28 GMT
cache-control
max-age=300
x-proxy-cache
HIT
server
nginx/1.18.0
content-type
application/json
expires
Sat, 27 Jan 2024 10:32:28 GMT
count.html
storage.multstorage.com/log/ Frame 979A 		882 B
906 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.multstorage.com/log/count.html
Requested by
Host: 9aba99956a.eb480dde95.com
URL: https://9aba99956a.eb480dde95.com/78c21f22c4cd687d24670f932de3f4d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ae33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

Request headers

Referer
https://poop.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84c04da53a146946-FRA
content-encoding
br
content-type
text/html
date
Sat, 27 Jan 2024 10:27:28 GMT
last-modified
Mon, 18 Sep 2023 14:39:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwZFXrzeJfX7OpIjLA6v6pmN58L4naElrbOqCL3uUxIrqUsikrTV1lPZAmFjaxft9D%2FvC9gKb1ZXPHl642P7lkaC9Q3PH9xvtHjZB3%2Fe%2BRZp5cd2uFI8XmgADtFArw7Q%2BjrAWLaZryg7cE6M%2FEFsS5UTe0ODCA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-request-id
01d6be6c470b534d99f2bc601babe1e2
track
331d7222fd.3e2a26326d.com/in/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://331d7222fd.3e2a26326d.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDM4NTk3OTc3NDk3NzY1NTAwMCIsInRpbWV6b25lIjoxLCJ2ZXIiOiIzLjEwMC4xIiwidGFnX2lkIjoxMTQwMzksInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdXJvcGUvQW1zdGVyZGFtIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMDQsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6ImRlbGElMkMyJTJDUG9vcEhEJTJDUG9vcEhEIn0=
Requested by
Host: 9aba99956a.eb480dde95.com
URL: https://9aba99956a.eb480dde95.com/78c21f22c4cd687d24670f932de3f4d0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 10:27:28 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
2c601b3a642e433dfeb80b0fae71cf3a.js
9aba99956a.eb480dde95.com/ 		160 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9aba99956a.eb480dde95.com/2c601b3a642e433dfeb80b0fae71cf3a.js
Requested by
Host: 9aba99956a.eb480dde95.com
URL: https://9aba99956a.eb480dde95.com/78c21f22c4cd687d24670f932de3f4d0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
707f4bca62a098521539aad4688c70e7b244ccc91055e51613f8f8b1f5f7aad3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 27 Jan 2024 10:32:28 GMT
date
Sat, 27 Jan 2024 10:27:28 GMT
content-encoding
gzip
last-modified
Thu, 25 Jan 2024 12:36:05 GMT
server
nginx/1.18.0
etag
W/"65b255b5-27f7c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
988e36d9349e98df2124cbfa5971cfbf.js
9aba99956a.eb480dde95.com/ 		90 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9aba99956a.eb480dde95.com/988e36d9349e98df2124cbfa5971cfbf.js
Requested by
Host: 9aba99956a.eb480dde95.com
URL: https://9aba99956a.eb480dde95.com/78c21f22c4cd687d24670f932de3f4d0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
400420a907e249563e02e17e24a717c05f45a5c4ec10226e690a6996bdfc42c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 27 Jan 2024 10:32:28 GMT
date
Sat, 27 Jan 2024 10:27:28 GMT
content-encoding
gzip
last-modified
Tue, 23 Jan 2024 11:11:52 GMT
server
nginx/1.18.0
etag
W/"65af9ef8-1693e"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
fp
fp.metricswpsh.com/ 		60 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=114039
Requested by
Host: 9aba99956a.eb480dde95.com
URL: https://9aba99956a.eb480dde95.com/78c21f22c4cd687d24670f932de3f4d0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
d96e3c3e43b7ae967e86225375a0aacbdf6c44c5e88a8073aa68ae407e19a8f2

Request headers

Referer
https://poop.cx/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Sat, 27 Jan 2024 10:27:28 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://poop.cx
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
60
fp
fp.metricswpsh.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=114039
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://poop.cx
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://poop.cx
Connection
keep-alive
Date
Sat, 27 Jan 2024 10:27:28 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
collect
region1.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RRBBHD087X&gtm=45je41o0v9167878827&_p=1706351247956&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2026009035.1706351248&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706351248&sct=1&seg=0&dl=https%3A%2F%2Fpoop.cx%2Fd%2F4bC2UEORUd1&dt=dela%202%20-%20PoopHD%20-%20PoopHD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=552
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 10:27:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://poop.cx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aa0e983012efe701b06446149ad585d2.js
9aba99956a.eb480dde95.com/ 		435 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9aba99956a.eb480dde95.com/aa0e983012efe701b06446149ad585d2.js
Requested by
Host: 9aba99956a.eb480dde95.com
URL: https://9aba99956a.eb480dde95.com/2c601b3a642e433dfeb80b0fae71cf3a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f66764ec186ab49165ce4fa6a0d60df7b888566212b1b060c83618c972008f78

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 27 Jan 2024 10:32:28 GMT
date
Sat, 27 Jan 2024 10:27:28 GMT
content-encoding
gzip
last-modified
Fri, 19 Jan 2024 16:09:32 GMT
server
nginx/1.18.0
etag
W/"65aa9ebc-6cbbe"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3S6Dpkg-k6XcYP54nJAuOfsiwQ-RG1V8vOSTkfCaNG22VeKhpk486OM...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2wBZeJTdgqP35PzpC0GQ0r-riUYlgAqYZPieWg9yV6MzJA6CtiY8ERjfud4MdSuPLnZrW5cA&passive...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2wBZeJTdgqP35PzpC0GQ0r-riUYlgAqYZPieWg9yV6MzJA6CtiY8ERjfud4MdSuPLnZrW5cA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1425292003%3A1706351248336775&theme=glif
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H3
Server
2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date
Sat, 27 Jan 2024 10:27:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-ardeSsymNeLQqxXFHM2GHQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
405
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2wBZeJTdgqP35PzpC0GQ0r-riUYlgAqYZPieWg9yV6MzJA6CtiY8ERjfud4MdSuPLnZrW5cA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1425292003%3A1706351248336775&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
dip
nereserv.com/in/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=1&event_id=23943cc2-0e13-48c6-bb68-ea726c2c63dc&subid=388464194&sid=1942878774&spot_id=418776&created_at=2024-01-27&timezone=1&ver=8.137.0&is_native=1
Requested by
Host: 9aba99956a.eb480dde95.com
URL: https://9aba99956a.eb480dde95.com/2c601b3a642e433dfeb80b0fae71cf3a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.235.163.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.216.163.235.167.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 10:27:28 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
multy
7a2d2c66d3.4b6563a120.com/in/ 		44 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://7a2d2c66d3.4b6563a120.com/in/multy
Requested by
Host: 9aba99956a.eb480dde95.com
URL: https://9aba99956a.eb480dde95.com/2c601b3a642e433dfeb80b0fae71cf3a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
64a0a0a5b68d49a20740ffd51c4555337fa780f1d8750444597f56035f982528

Request headers

Referer
https://poop.cx/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 10:27:28 GMT
content-encoding
gzip
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
6711
multy
7a2d2c66d3.4b6563a120.com/in/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://7a2d2c66d3.4b6563a120.com/in/multy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://poop.cx
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Sat, 27 Jan 2024 10:27:28 GMT
pragma
no-cache
server
nginx/1.20.1
vary
Origin
denny+caknan
berlagu.com/download/ Frame BABB 		651 B
626 B 		Document
General
Check archive.org
Download Go to
Full URL
https://berlagu.com/download/denny+caknan
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67443304cc50dd9bd220220ed95b9ad147b89d2e235e9c4dc1c9b47e163327fa

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://berlagu.com
Referer
https://berlagu.com/jembud/316455524f455532436234
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84c04da57c74360f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 10:27:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7LZeXrBHiQIdSJNllXkAxkXHr5707T1xDBqgsbt4KrqqKiUCZwGLT5NbhCEUmsY9V4SVmvPemtarAk0W97JgF297G%2FZilk3mLyrfZrpYaCWXbfCZgw9Q7jfBXsZ6CmkWKbKlAgCkEwj5g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
4ca455fb-f6b2-4d31-9a9e-ee464d6b7c54
https://poop.cx/ 		204 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://poop.cx/4ca455fb-f6b2-4d31-9a9e-ee464d6b7c54
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
204
Content-Type
text/javascript
dip
nereserv.com/in/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=1&event_id=8dee5ca7-92c1-49aa-9485-6ae0b6be74ca&subid=357529620&sid=23153366&spot_id=418774&created_at=2024-01-27&timezone=1&ver=8.137.0&is_native=1
Requested by
Host: 9aba99956a.eb480dde95.com
URL: https://9aba99956a.eb480dde95.com/2c601b3a642e433dfeb80b0fae71cf3a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.235.163.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.216.163.235.167.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 10:27:28 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
multy
7a2d2c66d3.4b6563a120.com/in/ 		40 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://7a2d2c66d3.4b6563a120.com/in/multy
Requested by
Host: 9aba99956a.eb480dde95.com
URL: https://9aba99956a.eb480dde95.com/2c601b3a642e433dfeb80b0fae71cf3a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a1bc4da3ed57568b0c4e9905845cd8013c9611b92152cec1853ae396516c230c

Request headers

Referer
https://poop.cx/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 10:27:28 GMT
content-encoding
gzip
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
5608
multy
7a2d2c66d3.4b6563a120.com/in/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://7a2d2c66d3.4b6563a120.com/in/multy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://poop.cx
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Sat, 27 Jan 2024 10:27:28 GMT
pragma
no-cache
server
nginx/1.20.1
vary
Origin
embed.css
berlagu.com/ Frame BABB 		1 KB
875 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://berlagu.com/embed.css
Requested by
Host: berlagu.com
URL: https://berlagu.com/download/denny+caknan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://berlagu.com/download/denny+caknan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:27:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Nov 2023 14:04:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18248
etag
W/"655cb90b-446"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxiMZ5R9%2F9Of8U6g8zPdpSApHgCs2OHi1SUOIOyaEl5e6ZHq9ls08IBmhtWpoEurkBg6zwVUq%2BV6DKKLhgh2kjlHT3PUJrA%2BwUh%2BmbzkeYhDRyLeWDnGh%2FCvNJ2rDqiyzcrBTPcnjS54hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
84c04da61c240c35-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Jan 2024 17:23:20 GMT
65101
wakenssponged.com/rizdGR8ExUj7Bb6T/ Frame BABB 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wakenssponged.com/rizdGR8ExUj7Bb6T/65101
Requested by
Host: berlagu.com
URL: https://berlagu.com/download/denny+caknan
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.20 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://berlagu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:27:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://berlagu.com
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
316455524f455532436234
metrolagu.cam/jembud/ Frame F121 		243 B
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://metrolagu.cam/jembud/316455524f455532436234
Requested by
Host: berlagu.com
URL: https://berlagu.com/download/denny+caknan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2531c692e317eeb813ce11aa49a7e1b33fce3dcd7d52925da175238476b64280

Request headers

Referer
https://berlagu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84c04da669655d7c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 10:27:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyXTDKgD23pSLiiLqZXPASR8NfEeuNyxdWgJmarWvRwg0SlBZC%2FhzaFxKMLjRUUEPCy%2Bin%2FNXlXbmhxrz9uKDNPQJy6ZEGIKYq8BwmMDbMhhAG0ezH4xs9hsWVn0%2Fa0OwbX%2B%2BFo5tNV60VxP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
mcpuwpsh.com/get/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcpuwpsh.com/get/
Requested by
Host: 9aba99956a.eb480dde95.com
URL: https://9aba99956a.eb480dde95.com/988e36d9349e98df2124cbfa5971cfbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:2306::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
35db3c3edd0df379987ee9b21e145718729cad3f38119cc37bfa0c37b6c29c3d

Request headers

Referer
https://poop.cx/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 10:27:28 GMT
server
nginx/1.16.0
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
3651
video
metrolagu.cam/ Frame F121 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://metrolagu.cam/video?q=denny+caknan
Requested by
Host: berlagu.com
URL: https://berlagu.com/download/denny+caknan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3090ebb387a3abc90ca859c6928c8b1537e56d593bcafd7af2a40c975ccc99bb

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://metrolagu.cam
Referer
https://metrolagu.cam/jembud/316455524f455532436234
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84c04da6f9d25d7c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 10:27:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxvAzT3AZ3m3ywbigb4t8NT2E500yQ9Dbh3wDn%2Fx4romiVE4%2F0nqB7sklvKKAW%2BU9OyFFfRMOdY3WzJdws3gTdCtaM9Q8XbqlJP9zo%2Fxrr7HLaKBWxYYe4b3YoqtnPdP%2F0QjRpoRlLdOicrC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
64343
fikedaquabib.com/rotaInGRWQGA24/ Frame F121 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fikedaquabib.com/rotaInGRWQGA24/64343
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/video?q=denny+caknan
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.28 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://metrolagu.cam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:27:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://metrolagu.cam
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ Frame F121 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/video?q=denny+caknan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://metrolagu.cam/
Origin
https://metrolagu.cam
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:27:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4946935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2F%2Fe8ee%2BWCBHEH40moiW79Z8vv6bJpxpd%2FTkhPTWv6j6b1zhMkP0oTxkxC2b11G0qKGpwkixrJQRNGrDdJclOLj3fUbKCZxIblzEH29n6x6OC8kUWEAVEUvd5wWz5E4NoH7zq4psjYzFHMni5vFI0O%2FY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84c04da77a059116-FRA
expires
Thu, 16 Jan 2025 10:27:28 GMT
embed.css
metrolagu.cam/ Frame F121 		1 KB
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://metrolagu.cam/embed.css
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/video?q=denny+caknan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://metrolagu.cam/video?q=denny+caknan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:27:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 15:07:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16246
etag
W/"651596cf-446"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUZSozFRhW6VsNisGvFoNH%2BK2zJlrjl%2BU3WeZYyU92aoUQjEOGHr1wvBRC8PU844O0YzUHFDMmGu4ANxssyt5W38Qz6FFJLt9yfigOBJTGduxzr0pQQ6n1SbKa8OSs77A1AZZAe%2Fx6VdFkjl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
84c04da76e816702-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Jan 2024 17:56:42 GMT
c0iu51jav731jnxb.jpg
img.doodcdn.co/snaps/ Frame F121 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.doodcdn.co/snaps/c0iu51jav731jnxb.jpg
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/video?q=denny+caknan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a7c6bde22f938495c099f21d042a4e34c7dfba8d678b7962a44c704f529619d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://metrolagu.cam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:27:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
16051
cf-bgj
imgq:100,h2pri
last-modified
Wed, 10 Jan 2024 17:06:52 GMT
server
cloudflare
etag
"659eceac-3eb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cc3r0m7zR5YjLbIrDsJ1K7LuQqQOrXkXkiMZt2g%2B9pm%2BTY8tibgKQ4ph7%2B2cKuOzl40Kmxou9knADmzQ2njRWz8ZyWHk8hoVvTFCTrwhJV3IAJmtO0MZPOwdS6sX4Xe7Dx7p8ejo8yuHvpvG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
84c04da7b9411905-FRA
expires
Fri, 09 Feb 2024 17:30:04 GMT
play.svg
metrolagu.cam/ Frame F121 		633 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrolagu.cam/play.svg
Requested by
Host: metrolagu.cam
URL: https://metrolagu.cam/embed.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://metrolagu.cam/embed.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:27:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 10:51:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4747
etag
W/"650c2028-279"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FM1FlWMOp5Ow%2FNzZnqS6xOyNd%2FW0LI5VtrFek%2FzOqXGtcD%2FgyflHZ3rVyDV%2FOzFxmV5F2WgacSes8EDfdYs4zyqA4ZI8vvBPUS%2BEf%2BLIk09%2FEKDBoK%2F4bTSLY8i%2FyE0qfrmqHwdYBOS1S5g"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84c04da7df006702-AMS
alt-svc
h3=":443"; ma=86400
1703072650620-PSshgdx9S40j.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain
  • https://xml.galaxypush.com/icon?sid=f6c000954067b87a035d402ef7476128&rnd=89455633&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&mlf=1&mlc=1&st=0.01...
  • https://us.karoon.xyz/nty/metrics/save.img?event=impressions&bid-id=v2-1706351248495-7-7709-1178228-ca448541-526b-ebe9-c4e3-d5717ceb4b27&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Faut...
  • https://track.trackingtraffo.com/push/ic?auth=pz6u78&c=qykyTJrKAxTM0kXzIKtKEJ6pLzxEUUjXYPxql34hADtWfBy0uCl5KaGaNviSrQgZ9e9waNJuraKkJPz0WvdlYcmwfsEFJ36dimnV9qOBj9ku4lA3bBPcIM-49nLK4N9_Jrn1S1Y-BRrgdZ...
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650620-PSshgdx9S40j.jpg
48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650620-PSshgdx9S40j.jpg
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
HTTP/1.1
Server
5.9.105.245 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.105.9.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5f8bc5e478d468fa0b4bb11f5e34edcddfaeed2a55360ae9edabaf3ee1958b97

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:27:29 GMT
Last-Modified
Wed, 20 Dec 2023 11:44:10 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6582d38a-c0ac"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49324

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 10:27:29 GMT
Server
nginx/1.18.0 (Ubuntu)
Location
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650620-PSshgdx9S40j.jpg
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
1703072650626-zUw5F9ZB8vab.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain
  • https://us.karoon.xyz/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1706351248495-7-7709-1178228-ca448541-526b-ebe9-c4e3-d5717ceb4b27&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2...
  • https://track.trackingtraffo.com/push/im?auth=pz6u78&c=I9X10OhHBeqofAc5gNgnmqlbZd_ZLL0dotQj1AbhG7tO5udgnJqTbgxLtXXnXmTEAaP3ZjCsv23UdFB5x1Ks6uyFoX_n2oVkxOknL-pXjLp_cT-vORN7tJS3v247_JCDN8R5QHQa-HXdpw...
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650626-zUw5F9ZB8vab.jpg
96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650626-zUw5F9ZB8vab.jpg
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
HTTP/1.1
Server
5.9.105.245 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.105.9.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5c1a14f44c2ce714f0a47fc599cc2526c6f9b494902e094f4bef5043ca5d7429

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:27:29 GMT
Last-Modified
Wed, 20 Dec 2023 11:44:10 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6582d38a-17f35"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
98101

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 10:27:29 GMT
Server
nginx/1.18.0 (Ubuntu)
Location
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650626-zUw5F9ZB8vab.jpg
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
/
7a2d2c66d3.4b6563a120.com/in/show/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7a2d2c66d3.4b6563a120.com/in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fd%2F4bC2UEORUd1&refdom=poop.cx&auction_time=1706351248&subid=388464194&sid=1942878774&tcid=0&ver=8.137.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-27&iabcat=IAB25-3&keywords=&user_fp=14839489015305858395&score=66.93365248573528&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fd%252F4bC2UEORUd1%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=deb8a1347412aa118ea249aa7b9c5b14&url=https%3A%2F%2Fxml.galaxypush.com%2Fgo%3Fs1%3D278-3986-1833-2704-0-0-5819%26s2%3Dpublisher.com%26s3%3D116670263%26sid%3Df6c000954067b87a035d402ef7476128%26rnd%3D89455633&icons=Gtmqo4yJyT0BmFxsBAw0hhjHN3bld9ZxLWgAG7JJJUWWQEbuJH2f9ABK2ZBxwEJwGcRaDv-uE2yai2Ax-tCEVGHsqwmaBTxEzMIum2sU5bm3w2rk6aLnqDyx7hER9aXv07kybh9Wd80Ga2GOaWjNYLUtk85aC_cdTQ&ext_cid=0&px_id=116670263&min_cpm=0.026835545979778528&out_id=1&campaign_type=lq&aid=3760&cid=15768&uniq=&mid=4968847186023590101&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.11553866096174568&cpm=0&verify_hash=d3c796fac285ad74c1aab5e99d44fd31&is_native=1&real_bid=0.002008148944079881&original_bid_usd=0.00403&original_bid=0.00403&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.224%20Safari%2F537.36&ip_mismatch=2001:1af8:4010:b010:2547::11&geo=NL&carrier=-&label_ids=0,4,88,108&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fus.karoon.xyz%2Fnty%2Fmetrics%2Fsave.img%3Fevent%3Dtracked_impressions%26bid-id%3Dv2-1706351248495-7-7709-1178228-ca448541-526b-ebe9-c4e3-d5717ceb4b27%26price%3D0%26img%3Dhttps%253A%252F%252Ftrack.trackingtraffo.com%252Fpush%252Fim%253Fauth%253Dpz6u78%2526c%253DI9X10OhHBeqofAc5gNgnmqlbZd_ZLL0dotQj1AbhG7tO5udgnJqTbgxLtXXnXmTEAaP3ZjCsv23UdFB5x1Ks6uyFoX_n2oVkxOknL-pXjLp_cT-vORN7tJS3v247_JCDN8R5QHQa-HXdpwqKSFoqdXQuTCIqpQuiFNWDD-NXFUgaZonA8_pciTEjEd14_FH8E4myD_aWxKTe6JkxeuAbw8tcWRt-10FNa82Mi-OMjNkTw1CYGE1y0mnp6QeoIgn2nXWuBqtK5I2TlL3m8isfMaqxWTV1yDyjYbdqSVHB5Ha-B3dwfZRUoPwlIyioh7DANiurNoW_ObQGI8TQrTFa2LXgvQsdERGe5umkKtVOUPiVhk0yPtI22h0qv5e2DBQyxqKiEWddX0ujyVrpKoLo_s7wUX3EoIkJzCXOnAPRWW3mY1TPZmuXz6bZGrIsip_ROFlgNz-A57MUyhy71GA_1IV-j_dzdUT6cf6f9ccc2aTnkNOqOYwdvryMUOmfuKWIYkAvmXRD_UBRsbBxRJPbk1iLXz38XGJE0KLa4EYwhoHqiYGvYaOduDXMt9M&site=native-push-adult&price=0.00403&hostname=auc-inpage-hz-3-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.00000403&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&mlf=1&mlc=1&st=0.01&cpa=f3e411cb-e8b9-4103-bb21-7b90a81cd98c&prev_step_diff=509
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 10:27:28 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
truncated
/ Frame AD24 		483 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
xJblj5fH-minify.jpg
imdn.pics/m/p/0/681/681541/conversions/ Frame AD24 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imdn.pics/m/p/0/681/681541/conversions/xJblj5fH-minify.jpg
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e06d6259001c8a686db75ef2dda491480f6d611bdf0c70dca8bcc97d43174612

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Sat, 27 Jan 2024 10:27:28 GMT
last-modified
Wed, 20 Dec 2023 09:30:02 GMT
server
nginx/1.20.1
etag
"6582b41a-54c0"
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
21696
x-request-id
bb1685eaffd7234395e6e99a32d5f8eb
x-proxy-cache
HIT
LGePkdU7-minify.jpg
imdn.pics/m/p/0/681/681540/conversions/ Frame AD24
Redirect Chain
  • https://p.a64x.com/in/tip_shows/?katds_ep=6yyLE71uti4Z8L9kKry6Ee0SW3mnYhEzKNiCD1Mqp5LDqBHlfQb7Y52BBFGvoiZfOOggthyB9C5US-C4p9h7GjxCV5tTQNQ_ArairjZoQ-B0b4_DBBYLi4lrwns4L3QRbPbaPsZZWXsJPztema_RDBEeGDW...
  • https://imdn.pics/m/p/0/681/681540/conversions/LGePkdU7-minify.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imdn.pics/m/p/0/681/681540/conversions/LGePkdU7-minify.jpg
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
28c909a34a66e2e0ff9fca3115b71db4e628e50657953aa0a85a6b452bb92f7a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Sat, 27 Jan 2024 10:27:28 GMT
last-modified
Wed, 20 Dec 2023 09:29:55 GMT
server
nginx/1.20.1
etag
"6582b413-e5b"
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
3675
x-request-id
64ccf1f92ee3d9516572a8610bf432e2
x-proxy-cache
HIT

Redirect headers

date
Sat, 27 Jan 2024 10:27:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e5TR46NXaiF7v2zSsqiUM2sSlX6l3edmVQr5I7ZJsM0dYG2d37VM0v6FGs%2BqgAQ6JjiCRYQQFy8Ms%2BnfWGcAlbXmrawP8BgwNGU%2FOYVwBcgxvkbzbzH3aXUe3hEPM1xBYHuE5QarSUj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
location
https://imdn.pics/m/p/0/681/681540/conversions/LGePkdU7-minify.jpg
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
84c04da8ec6a2bb5-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
/
7a2d2c66d3.4b6563a120.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7a2d2c66d3.4b6563a120.com/in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fd%2F4bC2UEORUd1&refdom=poop.cx&auction_time=1706351248&subid=388464194&sid=1942878774&tcid=0&ver=8.137.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-27&iabcat=IAB25-3&keywords=&user_fp=14839489015305858395&score=66.93365248573528&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fd%252F4bC2UEORUd1%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=12084&crtid=ad38a470267813975ff328ce454b3c5c&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DAwBtYGT8xLZWYPbyHkZpyxDWoYB3BS85Qg8tD28FRIgxvi_Z9Yrowk1ZlBGKns9rVfk5_Msm3lyojt3pBqS7Ma6cR5lyiZEsNoxObEzCE-fLnGKDUrqGvMoogjeJDJf7RH-5O_cvOxWvyA8rvQg2hYTuMRkWi2pgwLKFP6wZj3ow7QCFh-LuUV363jimFoGDcixsSnpYbR9nTo9XhlrO7Ig9fCJHAcLPo2IOADLbYwMhcjKquol7RNztG9Tn5fW8jZSOtKfwhcm5ip196YE6FHP04mU5JuF6fIUere1d41PT6HEnuTxJct3yJKj1fY3ZWB6b3PJjy2boC_EDoWleW10OsG1apta0AmJ2pTgjojFfBMOF1nhCMpZb8gEwU3vQCkf1oV-dY1PIKMT7WsP8oF3TJFuHn6WzmttY4sYJsLuOd1bV5qqD-_ntFrcYqNob_GCNvKmIX6eNzKNwXZhiuIUMjv5EGT06QzUkJLTqGcUt4axuRTcg6d1JxBKN25Ragoq-b097SRnc_Wu3LLF6YUIzv__gWyS4zvD8CusukJAwTCPBxOvTrt5QXdGtHa1eUD16c0b7Qy5arc_Gwd4Gfp6q5I9oTen3sEpRzPSsv4P6U4EYTy3udz7Gel8-gwSLL1RG2SFMck9bQlmOJP02XTb_xNe44hZTRbAWyQEUXtyi07fLNO1MQpoaMMXheoZ2twdcFjk477OnF0VZFs709ReVwi5o5FUMso6MzpSh8F09h3ToeiQnimxuIje8hFPEfxaZz1dJsjLLNGhcH717cYDrOiBW59XCsp0oTs6_V8gHxRwvyH5knlLFx2BCcxB8sr8V5dwJkRFUxxnbyAdd2XIKOFrDMHFr3ZO_fBC1LuuB42Pv5PtI4Ze9IJf39_syBXDTuvJKFTfp7rGGpHYo4-rlmkxoSYGPfuHKmlGivu2FyBf7palaGpEjBYMkieBuKqcREKMipcBV1fCrdR-M1ks3zk2d2Y2BYtrT9ttQbgI4kPnJcePP0m-p2wekFr81NA1FqfhXmN5AUT1yF1UzWUpSG6mNA2eN7KgDi9P1a0Z_IHbJNjuP6CavdldNNAUT9O0D24PSrwL5g942xXFUX3uf5YsnBP8tqQLRCg-fvvmHyCQ4W_9pcO20YQy-Nwc5lp0OAF3Ie6U7PDosW8NIS41RED0dFqp9JUTeCbBn3ZtHwFAEh0idsxVXWhbID1ENzkq9-KL1YGJ4GBbdmqOmvkmfTw2_BfE_Vjub1tUrAaMZGDacr7LeBMaIOh_99cMdwNAs1DV6M5oWSGJ6wknrmnkHnLewvGHCaVmdqZyJZCwvet7-mVHGW6bDcVhTBG78mbdUHiNzEqBthm0VRMx8YUhuRfaqQaJWt520FiojKhOLNKsVqOPLuB-ifQWCWfQTo1icdeAKbLq52Jq_cnDGAR98dRsMyeZ5j_LN1SGRUoj0HDadHexWKyGJBFNj3BXeXhPloEvEYFYo1gOGUNoEJ1OiWSA6X4imozWA6hflwugRT-DwB5M%26bid%3D0.0013519303637782828&icons=Z_ITwEgxH2RXmvJPvYmRATaPPaMG45aRBZ1fcr_it7RYw0wFbjRqsfpxR5GJtUDOtiNmi_DDdIdMmaNScYt3pF7me600B9TdFimOZv0kPJs4_XoRjSg3gH13nTqtIzfTzGaVEUZJulD7JbUF5neWdyR86wsZUn4ynkenVET9x2iBqlRnXb2lBfn7ChI0anGCYWck4lvVIufy-QIZF-KLBbN_0MNNIXfzAGbpJWDWQ0wkNCnauOIi2DRUdM6OE1IkWvQgZl_vIGTWg5hhqodfMmI_e7Ec2feyXBSc3vI053_cRDq_7eTuMXesOq21JxnpRWgGIV05mIqfMG076xFHqk5i7pBXiyHTDexv1qb4x1SrC83chO--TbB-xPWco-SM9upgigGuVNexzwptx8QsJD1szp4QGh2AGLUzw9Pp5Sw-PAjO0OjFOmeWU0B9OP8u_yU5IHVkjPKPRl_j7B1Ud7WbH4NJTLRFBoFvZ6ike4qBSKuWVT70jXtOxB-MWHWJQ4-7hdaVrKTuWMzskHRh-xD3quE6Tfk2gEdvVKohCXR1-2QRjUBakgK1HzLztdniX15pg7iHN8yrZE3evYT-rXuxOmlrAvGk0-WnwozTVF1YRuAfqIBZ1Sw4GnGEPMviP4RLNBcv8xkmKq5F6Zp4pRGvPjeBad9kPLNP_9G7yoqTkTRnWQ7R3w232-P2lmCDWBr7aaJik7DenMFh_GsgW7sSn3B7cyCr5kJLNzHKzWo59oNFArW91QFzewo6Cw2LTGpL19HlP0MlwSb4CE2r4pNERVW0F8ORszwtkPT_d5e1d0h24AjFl0XT5X4uJlGqEPW5Twam-FDWMcakKxlVHuOoBSIRJt03C31HgC4w45xwvwFEVxU8B7jTEeeWdmoAUmXhrdEyFOT8D5PR1yS9AUIzgo_prcN0PFQQojaqHB4W6DqGeoysigOEHz21zM4eHPmdWImKmJWpAQDWFV5fChPiLL2hY5pJNT3gzJzX7DhQtN9m78PZU_Vaa1iXSkjXlakXkaG_zU7n0vYw4STeXYnEzQT_zUaiwTExIC_aNuQvEKcvCrs9B6D_jGxe3SOK1F5IHkNRGt1IZqCxuORjCiIIS5fW4YgeGFJMeizh9D4RkvcdH_mvJZTeuoACXQDq4JIjmEaUy2SMB_unTpIYLsXdAHjCJr6y-pu2sXbNBvuloat9l-B8v96IyMnMK1qT-qClByOT6d-KHQNFpX8_9mz8Z57R1mqz7WCwJBqqfRE-9BTfCSdtOvU4RPFA6obVgAV7vex80WuGMVA3CdKYwLt0b7-Mh3xbQcI9qRcVFCI&ext_cid=189370&px_id=73418776&min_cpm=0.0007746161129404744&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=02e8fad9b7939022471efaa2ae1ee14cfb322bc94116f6af8dbd88268f2ba107&mid=4968847186023590101&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.0016709300398826629&cpm=0.0013519303637782828&verify_hash=474dc5b9b4598447960eb58f97feeff8&is_native=1&real_bid=0.0013288123862744876&original_bid_usd=0.0017&original_bid=0.0017&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.224%20Safari%2F537.36&ip_mismatch=2001:1af8:4010:b010:2547::11&geo=NL&carrier=-&label_ids=5,98,4,90,33&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1706524048&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F681%2F681541%2Fconversions%2FxJblj5fH-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-3-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=189370&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&st=0.01&cpa=f4f8752f-56d6-4fb7-9300-ef3eebb52d1f&prev_step_diff=509
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 10:27:28 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
1703072650620-PSshgdx9S40j.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain
  • https://xml.galaxypush.com/icon?sid=52789d6903e34d7d1816259da188e589&rnd=195932135&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.0...
  • https://us.histi.co/nty/metrics/save.img?event=impressions&bid-id=v2-1706351248450-7-7709-1178228-d8963ac5-73e9-b9d7-b3f4-ef64862f77c0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%...
  • https://track.trackingtraffo.com/push/ic?auth=pz6u78&c=9TfM9mZZ9DKFrNGcfuhCjv8Z-xHpge3fajEeRM-LX6BqjHn5tDZJi3XpYVy9Yvs_-toPtXyAMxLkJnQKaTVjY9kJF_OSaMVm1Ly1eyTiiTa_lWRmljpWLEQ4zJF71_oqxaodUJkVqGqYLF...
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650620-PSshgdx9S40j.jpg
48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650620-PSshgdx9S40j.jpg
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
HTTP/1.1
Server
5.9.105.245 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.105.9.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5f8bc5e478d468fa0b4bb11f5e34edcddfaeed2a55360ae9edabaf3ee1958b97

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:27:29 GMT
Last-Modified
Wed, 20 Dec 2023 11:44:10 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6582d38a-c0ac"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49324

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 10:27:29 GMT
Server
nginx/1.18.0 (Ubuntu)
Location
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650620-PSshgdx9S40j.jpg
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
im
track.trackingtraffo.com/push/
Redirect Chain
  • https://us.histi.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1706351248450-7-7709-1178228-d8963ac5-73e9-b9d7-b3f4-ef64862f77c0&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fp...
  • https://track.trackingtraffo.com/push/im?auth=pz6u78&c=G6Qr3BMzMD0eeknpl6985hq6B6zS_E7JB7d9NIVCIb-ApbL6m_0ztTLTdi6JXCQvkrwtugaLbx4ucPF9vh5mmEYO9i8QmRdZXbn3rsiGepcTZi4ELhlfr7inbvJLvkAziT9-YI7rv405pR...
0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.trackingtraffo.com/push/im?auth=pz6u78&c=G6Qr3BMzMD0eeknpl6985hq6B6zS_E7JB7d9NIVCIb-ApbL6m_0ztTLTdi6JXCQvkrwtugaLbx4ucPF9vh5mmEYO9i8QmRdZXbn3rsiGepcTZi4ELhlfr7inbvJLvkAziT9-YI7rv405pR4XFMElrGYpfNtsIkA4zoWJqeXsEOgYsKFWBz3aC9hg254KcZAeELkz8H4EmqwNS0dGGWv_a57YwLS87-aRCGEMorWYomUSAvmDbAuOBvPsqzAeFuu6jZgzEfldnLkQJ6YchzAtCjUivf3b17EjHP1jJMJuc3xiCCMGtGVs5MFbibTSOC_kt0EU1w9l8X22FbNCJbiYJw5qPu9VLHc8ljfBrs-Y2WjEqEVkID6Ox2vK4GbS1urrWQX1E15CAnGcA1xAT3ynrA7qAY7KUiQOHpl9pBqJ3Ylr8Y-xXbQRlch8ejoVrrt7mCCTqsvOQ6kwYB5gFk5EPTadAku0tFhVz9daocbqNjHpxNPzi9SPSpFN_Mg0hpoxap6l7Wwg-x94VlD9DF5q-y9HmufI2u1DNZvfUsUhjlgRUipdHOgOeadIlwQ
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
HTTP/1.1
Server
88.214.206.175 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 27 Jan 2024 10:27:29 GMT
Server
nginx/1.18.0 (Ubuntu)

Redirect headers

location
https://track.trackingtraffo.com/push/im?auth=pz6u78&c=G6Qr3BMzMD0eeknpl6985hq6B6zS_E7JB7d9NIVCIb-ApbL6m_0ztTLTdi6JXCQvkrwtugaLbx4ucPF9vh5mmEYO9i8QmRdZXbn3rsiGepcTZi4ELhlfr7inbvJLvkAziT9-YI7rv405pR4XFMElrGYpfNtsIkA4zoWJqeXsEOgYsKFWBz3aC9hg254KcZAeELkz8H4EmqwNS0dGGWv_a57YwLS87-aRCGEMorWYomUSAvmDbAuOBvPsqzAeFuu6jZgzEfldnLkQJ6YchzAtCjUivf3b17EjHP1jJMJuc3xiCCMGtGVs5MFbibTSOC_kt0EU1w9l8X22FbNCJbiYJw5qPu9VLHc8ljfBrs-Y2WjEqEVkID6Ox2vK4GbS1urrWQX1E15CAnGcA1xAT3ynrA7qAY7KUiQOHpl9pBqJ3Ylr8Y-xXbQRlch8ejoVrrt7mCCTqsvOQ6kwYB5gFk5EPTadAku0tFhVz9daocbqNjHpxNPzi9SPSpFN_Mg0hpoxap6l7Wwg-x94VlD9DF5q-y9HmufI2u1DNZvfUsUhjlgRUipdHOgOeadIlwQ
date
Sat, 27 Jan 2024 10:27:29 GMT
server
openresty/1.21.4.1
content-length
0
/
7a2d2c66d3.4b6563a120.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7a2d2c66d3.4b6563a120.com/in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fd%2F4bC2UEORUd1&refdom=poop.cx&auction_time=1706351248&subid=357529620&sid=23153366&tcid=0&ver=8.137.0&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-27&iabcat=IAB25-3&keywords=&user_fp=14839489015305858395&score=73.88993211213442&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fd%252F4bC2UEORUd1%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=deb8a1347412aa118ea249aa7b9c5b14&url=https%3A%2F%2Fxml.galaxypush.com%2Fgo%3Fs1%3D278-3986-1833-2704-0-0-5819%26s2%3Dpublisher.com%26s3%3D116670261%26sid%3D52789d6903e34d7d1816259da188e589%26rnd%3D195932135&icons=2iX0OcVJmtpOrQXbhEgcGLIAgqFWZO-7g2x8fXaqDPuXDhtsGDsHQ3X0loUcNzr_d_DgpNhIUJLjiiN3Ahq13bq7zvtjM1umaAEVY2fHDdxkr2Od1DtbTR9TUzyImuMuG-IqYaD7kP0DrWuZdbf7kT-8dNZxXWjTFFU&ext_cid=0&px_id=116670261&min_cpm=0.005003901532872748&out_id=1&campaign_type=lq&aid=3760&cid=15768&uniq=&mid=1343794504354170732&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.02154396572099538&cpm=0&verify_hash=557aff447e24e6149607368597b3c715&is_native=1&real_bid=0.002008148944079881&original_bid_usd=0.00403&original_bid=0.00403&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.224%20Safari%2F537.36&ip_mismatch=2001:1af8:4010:b010:2547::11&geo=NL&carrier=-&label_ids=4,88,108,0&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fus.histi.co%2Fnty%2Fmetrics%2Fsave.img%3Fevent%3Dtracked_impressions%26bid-id%3Dv2-1706351248450-7-7709-1178228-d8963ac5-73e9-b9d7-b3f4-ef64862f77c0%26price%3D0%26img%3Dhttps%253A%252F%252Ftrack.trackingtraffo.com%252Fpush%252Fim%253Fauth%253Dpz6u78%2526c%253DG6Qr3BMzMD0eeknpl6985hq6B6zS_E7JB7d9NIVCIb-ApbL6m_0ztTLTdi6JXCQvkrwtugaLbx4ucPF9vh5mmEYO9i8QmRdZXbn3rsiGepcTZi4ELhlfr7inbvJLvkAziT9-YI7rv405pR4XFMElrGYpfNtsIkA4zoWJqeXsEOgYsKFWBz3aC9hg254KcZAeELkz8H4EmqwNS0dGGWv_a57YwLS87-aRCGEMorWYomUSAvmDbAuOBvPsqzAeFuu6jZgzEfldnLkQJ6YchzAtCjUivf3b17EjHP1jJMJuc3xiCCMGtGVs5MFbibTSOC_kt0EU1w9l8X22FbNCJbiYJw5qPu9VLHc8ljfBrs-Y2WjEqEVkID6Ox2vK4GbS1urrWQX1E15CAnGcA1xAT3ynrA7qAY7KUiQOHpl9pBqJ3Ylr8Y-xXbQRlch8ejoVrrt7mCCTqsvOQ6kwYB5gFk5EPTadAku0tFhVz9daocbqNjHpxNPzi9SPSpFN_Mg0hpoxap6l7Wwg-x94VlD9DF5q-y9HmufI2u1DNZvfUsUhjlgRUipdHOgOeadIlwQ&site=native-push-adult&price=0.00403&hostname=auc-inpage-hz-0-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.00000403&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.01&cpa=333075a8-0c86-4fed-871c-f1e7a3cada38&prev_step_diff=575
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 10:27:28 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
1703072650626-zUw5F9ZB8vab.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/ Frame B566
Redirect Chain
  • https://track.trackingtraffo.com/push/im?auth=nmxuw8&c=WqkbWGuEvJouaRadbISd-yHuZrAZK24Jj-h_09Sa1K9M5dRNsJbuaCnqX4tLtOOIdD3ai5mDkLk1lcecDsQ8O3r318oJQivb6TJxLJqkZYAkqyRrHjJjzQQFkXz5ENHmdzuahi1FJpZ_BC...
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650626-zUw5F9ZB8vab.jpg
96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650626-zUw5F9ZB8vab.jpg
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
HTTP/1.1
Server
5.9.105.245 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.105.9.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5c1a14f44c2ce714f0a47fc599cc2526c6f9b494902e094f4bef5043ca5d7429

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:27:29 GMT
Last-Modified
Wed, 20 Dec 2023 11:44:10 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6582d38a-17f35"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
98101

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 10:27:29 GMT
Server
nginx/1.18.0 (Ubuntu)
Location
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650626-zUw5F9ZB8vab.jpg
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ Frame B566 		483 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
1703072650620-PSshgdx9S40j.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/ Frame B566
Redirect Chain
  • https://track.trackingtraffo.com/push/ic?auth=nmxuw8&c=S-UqSu--irBjsbMiVABK_TT9tGJj-o3EHqxYHpIvNTPUwK1Ft_PiaubbaBXs5flDZDI4KDXmAPtL11qL_ysjvg_SLUvgnDFa5unM1d9BqFKy4Y0h1LmzCWeI2Rua7QFFkMsdFcCqMsMEAJ...
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650620-PSshgdx9S40j.jpg
48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650620-PSshgdx9S40j.jpg
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
HTTP/1.1
Server
5.9.105.245 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.105.9.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5f8bc5e478d468fa0b4bb11f5e34edcddfaeed2a55360ae9edabaf3ee1958b97

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:27:29 GMT
Last-Modified
Wed, 20 Dec 2023 11:44:10 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6582d38a-c0ac"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49324

Redirect headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 10:27:29 GMT
Server
nginx/1.18.0 (Ubuntu)
Location
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1703072650620-PSshgdx9S40j.jpg
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
/
7a2d2c66d3.4b6563a120.com/in/show/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7a2d2c66d3.4b6563a120.com/in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip&ssp=3964&page=https%3A%2F%2Fpoop.cx%2Fd%2F4bC2UEORUd1&refdom=poop.cx&auction_time=1706351248&subid=357529620&sid=23153366&tcid=0&ver=8.137.0&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-01-27&iabcat=IAB25-3&keywords=&user_fp=14839489015305858395&score=73.88993211213442&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.cx%252Fd%252F4bC2UEORUd1%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=10453&crtid=deb8a1347412aa118ea249aa7b9c5b14&url=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fc%3Fauth%3Dnmxuw8%26c%3D1GP27plxa9CqkDilnq4kWAVaUAG17jqp4qMt7PVNZi9MtvXWWOJ28WKGwwzBLDjvtVgvdC4v7Ht5YXhVcum-pZ6iis2HAz6mMhQDtNS4BcRsv1tuaYUQ8uYv39yiK_aRGIDqkPmLiMp53-zRGeWAYDQxbi6SoAtj0s0LrXIgMS3txWDFyiNFq6BS128q__EWw3QtVhdP0YeIIHKyCs9G31pA1MtFzjs4QB90fehFDwqCTxc_T9MvfjKwp67-8CJlxXbgo5Ei5Rn1OvjNQ0ZxoqXlc22OrA2570Y6E92lXyTgMt6-Lfx_W8NTfj622EJzDMd9yb-5Dfy5HzzSI9pg8cfx_GNTc5tgpRWmxLHnu3h__k-8Ne6kUEqbNAd4Op3D40A0g4l-98l-AlItuztRXpkM6WJNI-T3AWCreDKQzfA2L7I8k5RcYOJEw7WUDLxfpCYjLhA-_iZ589oR1D33fFIKs6Z3-WN6FDUBj5VyBbnMqkvn28eCHk5xO0nbtaUUg1nCKyxEe26PvuBZsmqXzGnXu3AMZ4idClmZxhz1zVld8a9j8r08S5BNWZWDTzLSW615q2wmfgdmhOSjF6Iz-G5OOH8re6q1SZESTWFZ12jHRXFL9xqss5e1o7PmCu_1I4kEq60enRR9nzAKZF49h5RGvaGaonv2LtNHL6JLdBfrrjkhwVe1_snTefwUsLfM4Jdqd_ZUze4-jjfZr_xrv9V1z7k2vrFNromONmheHyDMBPZEanjIPdu9fg3uabU4r8EOfQ&icons=mu24TOIyF-TKN2R0dlDIlNnQjjUDcqSdjv6N3PVnpdK2f5bHyGBFwC3REBY3qRepp6aC_z5WuaGWQf40N_r3phoIB0oEgpwOUA5qXSDrXXwRtA7_tUP-wTdLm7LAIbrEbUjL4WTnVvGIadJemqoN1Fcb-IaLJokVfjw_1ghXnfq9Klqlna1SHnVXFcysKbFUpDoRI3pa_xfs69-yCz4wlBu8XpiegkECW867_8B1TZO1Tb3fzoLLnWUdKBuYhqcL1CkL7paNW8DKjW24zNKLED9c_uEZQzGG13bTUrxgeQ8OyBqPgq6ssFCof0FywtVnRK90sruZqgJy7zhi-b7jr4kff-8JE3o8zT2PqbAIryGx-qO3JEy6mkL7KOpNb4s8jmciqC1RLWFpdVoIiexfICN1dbqdJYLQmgsHFUjaRMEqr9etUFVZHqsWsJnUG5u5nfiauGnXdp7TQowHLR6eDXwn1ZZ4mjBbr-XYdhQOY2gX8nqATQescZJ618QcHYT4nw4Drij0aFPdKAru3a8rzzqvgO5SAdyTT15tMKHPWgt5W-g4-7dwbK7syuF8Lbf5cn_VRm4eciU4W5v6yS8qBVcmkbE8fWAIlpll5ie079PBJ0dcECwAO5w7Xq0h9bnE-J0QaWhkoTUZofWQ360q-560jRdZXmNAGO5YCTNIsOsNLsGpEchWglI88r7rET8ST-mpzGO4uKxs3nXZAbZ7X-rSi98RCBSi7eZh9EZIigddPAe2oIVXRztoAZBU9Hvc3tnvFVEGY7Oz5G5Nu1L7ZENIM1c-ZKO4AMPV0G-dtpl_018pm41c7BPJfcJe69efot3FNKDgPD8BblJ_NUALNcYVUX1f8MvI-u7g9b17xc_qHLD7ng&ext_cid=2937&px_id=31418774&min_cpm=0.020803417453842357&out_id=0&campaign_type=mq&aid=3755&cid=16401&uniq=&mid=1343794504354170732&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.6638827005249484&cpm=0&verify_hash=e76a975807727afc3c1d414aa7d7b9e0&is_native=1&real_bid=0.037305000424385&original_bid_usd=0.05&original_bid=0.05&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.224%20Safari%2F537.36&ip_mismatch=2001:1af8:4010:b010:2547::11&geo=NL&carrier=-&label_ids=108,0,101,4&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dnmxuw8%26c%3DWqkbWGuEvJouaRadbISd-yHuZrAZK24Jj-h_09Sa1K9M5dRNsJbuaCnqX4tLtOOIdD3ai5mDkLk1lcecDsQ8O3r318oJQivb6TJxLJqkZYAkqyRrHjJjzQQFkXz5ENHmdzuahi1FJpZ_BCixBq7UZoOeCEXM-Wr-Fm5tqJVY6iVT53nA0sE0-EUfOfj37Y36ouc0KObh-22N8fOHCotpmsBRvqiMdFKcHdjox6ChCmZSDniKSb9xsjVRV0e_k6mpAVqMb_HRRmx2F6faSDrWymSV5k55bxKe8uMXgHUpBoMK4Ess9HHXQs0eo0UR3T3AA74Hgj0VVzS5g2_mDyVzPv3A2_NfYoL-ljEyokSgWoPtILzV2Zlc-AtJFxlZUHpsbyns9dYQU8Us4d-BfxswaT-M_fSMK_b01-RI2LGE-foPIiS2fIUySub6iORlysGjcGYDg3WFkS0zUWBaCS4wgAGyE1--kENX5upMYy-QFYX9-lGMxqVfN4JTfvGVL44rbWq7VqLh9XKT2uJZgCkeGUw5xwCKCimctQm0rLmxpEUHsdhc4xz9Kw&site=native-push-adult&price=0.05&hostname=auc-inpage-hz-0-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.000049999999999999996&ext_campaign_id_str=2937&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.01&cpa=580bf9e3-c3ec-45b7-adf9-a52f26d35de4&prev_step_diff=575
Requested by
Host: poop.cx
URL: https://poop.cx/d/4bC2UEORUd1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poop.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 10:27:28 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery function| R function| X function| gtag object| dataLayer object| __adFormats object| __formatsGetters object| _admSptsInVw object| AdManager object| a3klsam object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| activesInpages function| __fp-init object| popunderMetricsForSurvey object| __inpageSkins

7 Cookies

Domain/Path Name / Value
.poop.cx/ Name: _ga_RRBBHD087X
Value: GS1.1.1706351248.1.0.1706351248.0.0.0
.poop.cx/ Name: _ga
Value: GA1.1.2026009035.1706351248
fp.metricswpsh.com/ Name: id
Value: 11243153218583426910
wakenssponged.com/ Name: GL_UI4
Value: eJw9jd1Og0AUhKH8qoU6CQ%2FgIywNtuHS%2BBBekmXPKcXCbrOsEN%2FejYlezZfJN5kgCHbVAeGa5oi%2B5CteREvUXM4s2oYEScltezqehBLnRvXEEg%2Fj0jnZT%2Bxi5MssrevcGmM%2FsGY7qk4Z4gLP3vprbtpsOkbSW6mpQDJ7YyqQ9dZsC9sqQqzlzEjfr9b4TGb5aSyi%2Big8j9pzKLAzSxWVj8g%2BRk1%2BWO6xq0VZpgGe7pN0F2PnbqQ0RDJYSYzwDbmSjgdjv5ERLzdn7oCZqPv3f3%2BjrRZIiddR%2BXPjrmx%2FAL9jTuc%3D
wakenssponged.com/ Name: GL_GI10
Value: eJw1irEKwjAYBpN%2FiIg6fNjFLU8QiNiCa1VciqPOafujAU1KUgTf3jq4HMdxQggqliA%2FYLUvzdZaY3eVqUrIO%2Bh4AnUBszOnlwsfyASqp5YCFo0Lva45PX2A7KD%2B6rFp2GW%2BcasvPD6mPJ1Z1%2BZqQCFjfohpiMmNDDkoCRrjj7kvBORbrb%2BDACLu
fikedaquabib.com/ Name: GL_UI4
Value: eJw9jd1Og0AUhKH8qoU6CQ%2FgIywNtuHS%2BBBekmXPKcXCbrOsEN%2FejYlezZfJN5kgCHbVAeGa5oi%2B5CteREvUXM4s2oYEScltezqehBLnRvXEEg%2Fj0jnZT%2Bxi5MssrevcGmM%2FsGY7qk4Z4gLP3vprbtpsOkbSW6mpQDJ7YyqQ9dZsC9sqQqzlzEjfr9b4TGb5aSyi%2Big8j9pzKLAzSxWVj8g%2BRk1%2BWO6xq0VZpgGe7pN0F2PnbqQ0RDJYSYzwDbmSjgdjv5ERLzdn7oCZqPv3f3%2BjrRZIiddR%2BXPjrmx%2FAL9jTuc%3D
fikedaquabib.com/ Name: GL_GI10
Value: eJw1irEKwjAYBpN%2FiIg6fNjFLU8QiNiCa1VciqPOafujAU1KUgTf3jq4HMdxQggqliA%2FYLUvzdZaY3eVqUrIO%2Bh4AnUBszOnlwsfyASqp5YCFo0Lva45PX2A7KD%2B6rFp2GW%2BcasvPD6mPJ1Z1%2BZqQCFjfohpiMmNDDkoCRrjj7kvBORbrb%2BDACLu

1 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2wBZeJTdgqP35PzpC0GQ0r-riUYlgAqYZPieWg9yV6MzJA6CtiY8ERjfud4MdSuPLnZrW5cA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1425292003%3A1706351248336775&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

331d7222fd.3e2a26326d.com
7a2d2c66d3.4b6563a120.com
9aba99956a.eb480dde95.com
accounts.google.com
ads.trackingtraffo.com
berlagu.com
cdnjs.cloudflare.com
fikedaquabib.com
fp.metricswpsh.com
imdn.pics
img.doodcdn.co
mcpuwpsh.com
metrolagu.cam
nereserv.com
p.a64x.com
poop.cx
poop.vin
region1.google-analytics.com
storage.multstorage.com
track.trackingtraffo.com
us.histi.co
us.karoon.xyz
wakenssponged.com
www.googletagmanager.com
xml.galaxypush.com
157.90.84.242
167.235.163.216
199.182.164.180
2001:4860:4802:32::36
23.109.170.20
23.109.170.28
2606:4700:20::681a:74a
2606:4700:3030::6815:1352
2606:4700:3032::ac43:ae33
2606:4700::6811:180e
2a00:1450:4001:812::2008
2a00:1450:400c:c09::54
2a00:1d26:c771::12
2a01:4f8:252:561a::2
2a01:4f8:c0:2306::1
2a06:98c1:3120::3
2a06:98c1:3121::3
45.133.44.25
45.133.44.52
45.133.44.53
5.9.105.245
88.214.206.175
06244cc9cd0c998581b1bf93f5222deee7d2d0b09299190e163961afa973ba91
0912333a6d5dbc22367f987d70223f647eb703d78f6b2d94d56bc1887d92ac2d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09eebba468108e323031564615deea9304b6774ea53f6e23c0ed1034cc0673bc
10c142c79bbbfe42ce677eedeee70f918de0e759feabc175f423543aee886a6b
2531c692e317eeb813ce11aa49a7e1b33fce3dcd7d52925da175238476b64280
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee
28c909a34a66e2e0ff9fca3115b71db4e628e50657953aa0a85a6b452bb92f7a
2a98b7f982e5c39ec15d7ea7f554a59a029b9e24a18c635d3bf94f0eea54fefc
3090ebb387a3abc90ca859c6928c8b1537e56d593bcafd7af2a40c975ccc99bb
35db3c3edd0df379987ee9b21e145718729cad3f38119cc37bfa0c37b6c29c3d
400420a907e249563e02e17e24a717c05f45a5c4ec10226e690a6996bdfc42c1
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
5a7c6bde22f938495c099f21d042a4e34c7dfba8d678b7962a44c704f529619d
5c1a14f44c2ce714f0a47fc599cc2526c6f9b494902e094f4bef5043ca5d7429
5f8bc5e478d468fa0b4bb11f5e34edcddfaeed2a55360ae9edabaf3ee1958b97
6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf
64a0a0a5b68d49a20740ffd51c4555337fa780f1d8750444597f56035f982528
67443304cc50dd9bd220220ed95b9ad147b89d2e235e9c4dc1c9b47e163327fa
707f4bca62a098521539aad4688c70e7b244ccc91055e51613f8f8b1f5f7aad3
70bef0b9b90f224dcce56929057d20668fd82f6a6044195d3655b893657ff11b
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
9e772b331d8bf7685c6b985af9da4eb0b7390ab159ae3197c3e41638b1f1a638
a1bc4da3ed57568b0c4e9905845cd8013c9611b92152cec1853ae396516c230c
b5d197171351e1ddaebb1bfe4f70c9103109d98395ff67c3aac7064ac474a22c
b6280b025f54d1e117f8515da139cc3d7c64955a5342fd81498431578336dd08
d85ebf3ab2f5f2d0777d4a0f1068cf5640c74eb24f31ff984c2c530d7db3038c
d96e3c3e43b7ae967e86225375a0aacbdf6c44c5e88a8073aa68ae407e19a8f2
e06d6259001c8a686db75ef2dda491480f6d611bdf0c70dca8bcc97d43174612
e228b909313044a18dec1a674cfd4935071c36eb3eb6a0cd38a45afac6ae3996
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f66764ec186ab49165ce4fa6a0d60df7b888566212b1b060c83618c972008f78
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d