| cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js | 104.17.24.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP104.17.24.14:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 300702
expires: Thu, 24 Apr 2025 07:43:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LF33aIjLXrleDEby8a%2BgZMYifercX0f7rrU1JOgzWHb8pZjj%2BSqdFYa5f8tiw2Gb%2Bt9fMZcwGrhucFcHLKoCbTsKKHiL9bB0hTcAdlF8dw8dCJX2ALDJXwWPz%2BjQ3zemddFPlw8g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e6dc2579f9b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.doodcdn.co/snaps/64i4aapmmps44jyn.jpg | 104.26.6.74 | 200 OK | 25 kB |
URL GET HTTP/2img.doodcdn.co/snaps/64i4aapmmps44jyn.jpg IP104.26.6.74:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerCloudflare, Inc. Subjectdoodcdn.co Fingerprint8C:32:D4:AB:AF:53:AF:34:D3:6F:F9:E0:66:DC:21:B2:03:C6:34:F3 ValidityFri, 12 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x405, components 3 Hash1c0ac456ee61f6cf288d1e3fa4e304ec 78ef54b2955cecfc9b071560585aee36506719a4 aa032c5bcc08457ca51970d1976e372e095d45201aae3816e7b7ea9fcc9e270e
GET /snaps/64i4aapmmps44jyn.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:27 GMT
content-type: image/jpeg
content-length: 24731
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=24950
etag: "662d055c-6176"
expires: Fri, 17 May 2024 16:33:54 GMT
last-modified: Sat, 27 Apr 2024 14:02:04 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=thGK51V%2B71AzMnb9UnzGVXl6FFnd1vUxzWjUdoNEvSyoWud71Cie0fMQ3aOtwVka6Jer3y7OEhOrT%2Fszuh0IFr1jDh1UAk5cIIO44BGqx5zvP5JV33TJah1hhpLLWj8E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6dc25dcbb56bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-RRBBHD087X | 142.250.74.168 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-RRBBHD087X IP142.250.74.168:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101682 bytes) Hash6f7743d5409fac857e51f5cfed4c1bea a494403f34b7736932112c2f90c6c7acb4a859cc 3764592ce912f6a874e8d0a81dd3dc2035440b41ebe93dbf59ddeae59ce03249
GET /gtag/js?id=G-RRBBHD087X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 07:43:27 GMT
expires: Sat, 04 May 2024 07:43:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| poop.com.co/theme_2/css/style.css | 188.114.97.1 | 200 OK | 62 kB |
URL GET HTTP/3poop.com.co/theme_2/css/style.css IP188.114.97.1:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectpoop.com.co FingerprintEA:EE:EE:71:08:93:82:E5:DD:72:09:B4:34:3A:43:B8:CC:B7:6D:7F ValidityWed, 10 Apr 2024 13:32:28 GMT - Tue, 09 Jul 2024 13:32:27 GMT
File typeASCII text, with very long lines (65465) Hash040e80c238371d4172a34a4fb5b24fd3 92ccd50c595590d8b8a4b71275ed15ae25eb8120 b5d197171351e1ddaebb1bfe4f70c9103109d98395ff67c3aac7064ac474a22c
GET /theme_2/css/style.css HTTP/1.1
Host: poop.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/d/ZJfbK6wKidD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:27 GMT
content-type: text/css
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=259373
etag: W/"652211c2-3f52d"
expires: Sat, 04 May 2024 17:31:37 GMT
last-modified: Sun, 08 Oct 2023 02:19:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MiQDjHPnro2xsE0EzEHTr1FeaOFbwRw5jk8si4z57VtrdsZKXFQ1LvQUTUPiBmnykr60VUXbVgzaHBqZtAsAOWgDau9VnfTofD4kkS9ZnktbFouehhvXxa5XeDpObw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6dc256f320b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| poop.com.co/theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2 | 188.114.97.1 | 200 OK | 184 kB |
URL GET HTTP/3poop.com.co/theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2 IP188.114.97.1:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectpoop.com.co FingerprintEA:EE:EE:71:08:93:82:E5:DD:72:09:B4:34:3A:43:B8:CC:B7:6D:7F ValidityWed, 10 Apr 2024 13:32:28 GMT - Tue, 09 Jul 2024 13:32:27 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 184476, version 330.-16253 Size184 kB (184476 bytes) Hash2a6dec1227f9970376f578270a642d06 150a6a7ffdec6e2e2ff4c712d7cee8bd9b930284 e228b909313044a18dec1a674cfd4935071c36eb3eb6a0cd38a45afac6ae3996
GET /theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2 HTTP/1.1
Host: poop.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/theme_2/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: font/woff2
content-length: 184476
last-modified: Sun, 08 Oct 2023 02:12:44 GMT
etag: "6522101c-2d09c"
cache-control: max-age=43200
cf-cache-status: HIT
age: 3194
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1cZ4MtWLMb2h%2BH0suzWPX5hRfUfxY9OiWsW2ivPNCE1Bfa7gRLqR8PD77iWfEDpn1GmABkwrCtGHNX2KneZNjI0qDOw1%2BGXjf6XlDZogqZ5g%2FV5wdL01urBRoxzx4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6dc2838e50b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| poop.com.co/theme_2/fonts/avertastd-bold-webfont.woff2 | 188.114.97.1 | 200 OK | 24 kB |
URL GET HTTP/3poop.com.co/theme_2/fonts/avertastd-bold-webfont.woff2 IP188.114.97.1:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectpoop.com.co FingerprintEA:EE:EE:71:08:93:82:E5:DD:72:09:B4:34:3A:43:B8:CC:B7:6D:7F ValidityWed, 10 Apr 2024 13:32:28 GMT - Tue, 09 Jul 2024 13:32:27 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23604, version 1.0 Hashe9133fd11f14c09a2e4556c395a0ef7d 00fad09605f3342df5c9aeba130156fe19ade8b0 06244cc9cd0c998581b1bf93f5222deee7d2d0b09299190e163961afa973ba91
GET /theme_2/fonts/avertastd-bold-webfont.woff2 HTTP/1.1
Host: poop.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/theme_2/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: font/woff2
content-length: 23604
last-modified: Sun, 08 Oct 2023 02:12:44 GMT
etag: "6522101c-5c34"
cache-control: max-age=43200
cf-cache-status: HIT
age: 3194
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2Fy4zljsrBkRlg9fIyN3Qo6KomKk8AMiA%2Fleps506oU%2B07SRsFHgkq2%2BeKjFRGC8CtG2CB4Pa9aplfS9tGAND2VrNCSDT1t%2FMbA9wZzLhwuS3SIqtj7aZwoZF6yKJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6dc2848ed0b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| poop.com.co/apple-touch-icon.png | 188.114.97.1 | 200 OK | 2.8 kB |
URL GET HTTP/3poop.com.co/apple-touch-icon.png IP188.114.97.1:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectpoop.com.co FingerprintEA:EE:EE:71:08:93:82:E5:DD:72:09:B4:34:3A:43:B8:CC:B7:6D:7F ValidityWed, 10 Apr 2024 13:32:28 GMT - Tue, 09 Jul 2024 13:32:27 GMT
File typePNG image data, 180 x 180, 8-bit colormap, non-interlaced Hashe4acc3f05da8195dfa02a437c8b2dba2 f23df2ed14e5d52417b155ccd11187f3250861dc 8b520e4032a17a3fb0410c6e4c7da29f182ca06861aa2d64db1969927e2db0d4
GET /apple-touch-icon.png HTTP/1.1
Host: poop.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/d/ZJfbK6wKidD
Cookie: _ga_RRBBHD087X=GS1.1.1714808608.1.0.1714808608.0.0.0; _ga=GA1.1.705949080.1714808608
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: image/png
content-length: 2766
last-modified: Mon, 25 Dec 2023 21:07:41 GMT
etag: "6589ef1d-ace"
expires: Sun, 02 Jun 2024 16:26:07 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 55041
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BbNrmpTqbujnnTnd%2B3QQ7gadPXjP9ZL3RFxIQQKCEChBRpZ0B388ULzDJJjx2njhW7zCLbiumBXBkLpv1oHrFS%2FeOGjNdb1C0d3MRmT51sgQ4pUQxZ2zuXW5N4TD2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6dc2adb120b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| poop.com.co/favicon-16x16.png | 188.114.97.1 | 200 OK | 612 B |
URL GET HTTP/3poop.com.co/favicon-16x16.png IP188.114.97.1:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectpoop.com.co FingerprintEA:EE:EE:71:08:93:82:E5:DD:72:09:B4:34:3A:43:B8:CC:B7:6D:7F ValidityWed, 10 Apr 2024 13:32:28 GMT - Tue, 09 Jul 2024 13:32:27 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashac008ea155d4beee1e93247d7434c77d f8ea94e94e0cc310202a517a9c445c3d70af564e 283e092dad794fdd9212249389fb2acb6d6846f332413ab2af7bbcced9a4957e
GET /favicon-16x16.png HTTP/1.1
Host: poop.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/d/ZJfbK6wKidD
Cookie: _ga_RRBBHD087X=GS1.1.1714808608.1.0.1714808608.0.0.0; _ga=GA1.1.705949080.1714808608
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: image/png
content-length: 612
last-modified: Sun, 11 Feb 2024 12:12:37 GMT
etag: "65c8b9b5-264"
expires: Sat, 01 Jun 2024 07:06:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 175009
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZpH4UONZUL0988adWckw6vsXjK%2F6YClhSsNKYNjTch1ovzPz0hfeQImVIAhWi2sVaMbiXX89kHRGe7h0VJQWCsCnpTVBBu0B4uELRaqntY7ZgC%2B1mfqAVXD4c3MfTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6dc2adb150b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fp.metricswpsh.com/fp?tag_id=114039 | 157.90.84.242 | 200 OK | 0 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=114039 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=114039 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://poop.com.co/
Origin: https://poop.com.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 04 May 2024 07:43:28 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://poop.com.co
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| 3fb4026cec.ffbd26c481.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI3MzI1OTcxODU2MDU2MjYzMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjExNDAzOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjE3LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 | 45.133.44.52 | 200 OK | 0 B |
URL GET HTTP/23fb4026cec.ffbd26c481.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI3MzI1OTcxODU2MDU2MjYzMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjExNDAzOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjE3LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subject3fb4026cec.ffbd26c481.com Fingerprint27:04:EE:66:BA:5B:49:EF:14:C8:8F:A8:F2:D9:35:3D:F6:0F:40:6A ValidityWed, 01 May 2024 02:50:26 GMT - Tue, 30 Jul 2024 02:50:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI3MzI1OTcxODU2MDU2MjYzMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjExNDAzOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjE3LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: 3fb4026cec.ffbd26c481.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poop.com.co
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-length: 0
server: nginx/1.20.2
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=114039 | 157.90.84.242 | 200 OK | 58 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=114039 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=114039 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1836
Origin: https://poop.com.co
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 May 2024 07:43:28 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://poop.com.co
Set-Cookie: id=12560307455702202547; Expires=Sun, 04 May 2025 07:43:28 GMT; Secure; SameSite=None
Vary: Origin
|
|
| yu2be.com/video?q=bersamamu+jazz | 188.114.97.1 | 200 OK | 130 kB |
URL HEAD HTTP/3yu2be.com/video?q=bersamamu+jazz IP188.114.97.1:443
Requested byhttps://yu2be.com/video?q=bersamamu+jazz CertificateIssuerLet's Encrypt Subjectyu2be.com Fingerprint3C:30:E2:11:42:30:CD:21:F1:06:87:EC:9F:A9:56:40:57:B2:4C:EF ValiditySun, 14 Apr 2024 02:05:14 GMT - Sat, 13 Jul 2024 02:05:13 GMT
File typeJavaScript source, ASCII text, with very long lines (59459) Size130 kB (129705 bytes) Hash6e783bce3849f17eb9c9c8ec7e4b9ef8 d041313f78c1164e7db1b01228fbfc912b6dd417 87ad57c75a916d268767eb9dd6db7169e3f0ca0102f12cd29911863519e14c2b
POST /video?q=bersamamu+jazz HTTP/1.1
Host: yu2be.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 27
Origin: https://yu2be.com
DNT: 1
Connection: keep-alive
Referer: https://yu2be.com/embud/4464694b77364b62664a5a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=REapNH0p4D33cn7CFkQcK2A5a7PdqqVTBOAeIXSuICsOoWF6IAhaXPNHWHT2l9km8Aq6GeGhO5N5uBFUbKG8BQg67kzWFOLpfF6JYjv522UD1jDF1qyrYiENWkg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6dc2b5f3fb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP74.125.131.84:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67 ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:Dy1XY_CD9rr1mKC05H-CNxqEFNmMNQ:hf2bTzZB7W0vRADZ; Expires=Mon, 04-May-2026 07:43:29 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 07:43:29 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQz0S8BvCb1HYkTRUccXvKLtxDHj5XrMzZ8WoAaKlAAV37ZeIMJLn10Y0PYVZlVF3WLc09el
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-OCWIgYtVTsMM4QYKVq2iPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=2f14320a-3588-4379-9386-da8cf422c03a&subid=357529620&sid=4200819325&spot_id=418774&created_at=2024-05-04&timezone=0&ver=7.282.0-b&is_native=1 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?site=native-push&wl=1&event_id=2f14320a-3588-4379-9386-da8cf422c03a&subid=357529620&sid=4200819325&spot_id=418774&created_at=2024-05-04&timezone=0&ver=7.282.0-b&is_native=1 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=2f14320a-3588-4379-9386-da8cf422c03a&subid=357529620&sid=4200819325&spot_id=418774&created_at=2024-05-04&timezone=0&ver=7.282.0-b&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poop.com.co
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 07:43:29 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=2c8d3b13-3698-4664-937a-7e936c4dfd8a&subid=388464194&sid=2234682930&spot_id=418776&created_at=2024-05-04&timezone=0&ver=7.282.0-b&is_native=1 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?site=native-push&wl=1&event_id=2c8d3b13-3698-4664-937a-7e936c4dfd8a&subid=388464194&sid=2234682930&spot_id=418776&created_at=2024-05-04&timezone=0&ver=7.282.0-b&is_native=1 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=2c8d3b13-3698-4664-937a-7e936c4dfd8a&subid=388464194&sid=2234682930&spot_id=418776&created_at=2024-05-04&timezone=0&ver=7.282.0-b&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poop.com.co
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 07:43:29 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| da7b22a400.13199960a1.com/19d44b098ab6aa7dfec36de417c310f1.js | 45.133.44.53 | 200 OK | 47 kB |
URL GET HTTP/2da7b22a400.13199960a1.com/19d44b098ab6aa7dfec36de417c310f1.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectda7b22a400.13199960a1.com Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT
File typegzip compressed data, from Unix Hashce8e6252f5a5775c60c1068705d5680e 795da542430b565197488d2cb56530a99d88b805 39aef21ca1ced997daa7af111fab8f90d7e0d57e3388152ccf7ad1b18321cd04
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /19d44b098ab6aa7dfec36de417c310f1.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 24 Apr 2024 09:09:17 GMT
etag: W/"6628cc3d-29192"
content-encoding: gzip
expires: Sat, 04 May 2024 07:48:28 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| storage.multstorage.com/log/count.html | 104.21.30.242 | 200 OK | 390 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP104.21.30.242:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (700) Hashb728ca9cd183d1b7c3f72116b19b22a3 c1fd73f6b02cf00b8bc60b09cc99495e8494b739 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 0e46ba60025b22dc6377404e69fd9bc6
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljKvAuKTQJCe9NK1urREOrCs39A1vx4E6%2BFdr4rlUrUuc0WnpTbqBIre0yar%2B3%2BXGaHCqRJNuBy3Ik1RmFAvDWAQomabvN0I%2FNTrywXYLYMxloV%2F4KB0%2BCSeZP3VuSDp3L4s2WqlCuTKQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6dc2b9e95b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js | 45.133.44.53 | 200 OK | 28 kB |
URL GET HTTP/2da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectda7b22a400.13199960a1.com Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash78b4de711a43c2a7b7e06da3d25cc4ab a5fdc5739214b95d24fffd2600ee204eb75db415 97a18ee59823abe90c1e22b83e292d5ac33da2cdb3555372abd7a7f9989c1ea2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /69e850fd67f4bef7c987ce894adc6a8e.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Sat, 04 May 2024 07:48:28 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| da7b22a400.13199960a1.com/9ce5c366c56b3eb801b7fc5bb76cb452.js | 45.133.44.53 | 200 OK | 110 kB |
URL GET HTTP/2da7b22a400.13199960a1.com/9ce5c366c56b3eb801b7fc5bb76cb452.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectda7b22a400.13199960a1.com Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT
File typegzip compressed data, from Unix Size110 kB (110457 bytes) Hash68d811989ace891411e65efafaad0295 7d57625638a6048a47a639c28f5e432b39b39ef7 45873fc1a03a63fc875d62c6675d82d960fd03692f6e96dec92347dbe43f52c8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /9ce5c366c56b3eb801b7fc5bb76cb452.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 15 Apr 2024 13:02:16 GMT
etag: W/"661d2558-72d72"
content-encoding: gzip
expires: Sat, 04 May 2024 07:48:28 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| yu2be.com/video?q=bersamamu+jazz | 188.114.97.1 | 200 OK | 0 B |
URL HEAD HTTP/3yu2be.com/video?q=bersamamu+jazz IP188.114.97.1:443
Requested byhttps://yu2be.com/video?q=bersamamu+jazz CertificateIssuerLet's Encrypt Subjectyu2be.com Fingerprint3C:30:E2:11:42:30:CD:21:F1:06:87:EC:9F:A9:56:40:57:B2:4C:EF ValiditySun, 14 Apr 2024 02:05:14 GMT - Sat, 13 Jul 2024 02:05:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /video?q=bersamamu+jazz HTTP/1.1
Host: yu2be.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yu2be.com/video?q=bersamamu+jazz
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 03 May 2024 16:07:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQioad0VvfLS8hcKHa367jYAcjGXCc2hOMblIpRzT4G%2BBS0V0C0tkwtIqSSjt%2FlA1Rd1RBcGzsn6vWaddOMSfMWJGVPERDjRGccau5%2BYNs6XSi3GYLiRkAdCBpw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6dc2e2a0db4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| yu2be.com/embed.css | 188.114.97.1 | 200 OK | 29 kB |
IP188.114.97.1:443
Requested byhttps://yu2be.com/video?q=bersamamu+jazz CertificateIssuerLet's Encrypt Subjectyu2be.com Fingerprint3C:30:E2:11:42:30:CD:21:F1:06:87:EC:9F:A9:56:40:57:B2:4C:EF ValiditySun, 14 Apr 2024 02:05:14 GMT - Sat, 13 Jul 2024 02:05:13 GMT
Hash1ac57b2fc858076467716fbad9268b05 94b3c1ff894b4cb316dfe90962b64db541bb3c46 6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf
GET /embed.css HTTP/1.1
Host: yu2be.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yu2be.com/video?q=bersamamu+jazz
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: text/css
last-modified: Thu, 23 Nov 2023 00:03:15 GMT
vary: Accept-Encoding
etag: W/"655e96c3-446"
expires: Sat, 04 May 2024 17:31:38 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 7910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKny0zzzpI2KyTpV5N02ru0mFOLIYUVNrert2DI7MPb7rC%2BkbggzSnYYCwTHsxt0glYOjxyv0Gwv30A8mCA8gy7V%2FVUhmsy%2FeaQ42EYNluk6Hc6Wt9LGy9sM13s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6dc2d8967b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQz0S8BvCb1HYkTRUccXvKLtxDHj5XrMzZ8WoAaKlAAV37ZeIMJLn10Y0PYVZlVF3WLc09el | 74.125.131.84 | 302 Found | 428 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQz0S8BvCb1HYkTRUccXvKLtxDHj5XrMzZ8WoAaKlAAV37ZeIMJLn10Y0PYVZlVF3WLc09el IP74.125.131.84:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeHTML document, ASCII text, with very long lines (406) Hash8724da6ab638e5a0e92850301992c983 3d9e956e401fb69d3a6fa3907f32deb6e0a259b5 15514f3fc6c616c3848d3b0bd5a4bf6ccdb085ce444663f4cb7c96f29f9c2cc1
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQz0S8BvCb1HYkTRUccXvKLtxDHj5XrMzZ8WoAaKlAAV37ZeIMJLn10Y0PYVZlVF3WLc09el HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:AaD3EKIRtC6Y04faWkgkMS4WrGvfIg:TxB5Y5JGwaOyIxwe;Path=/;Expires=Mon, 04-May-2026 07:43:29 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 07:43:29 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzz1oshTrquhCGxKjpFIuvSkXpUR6xAYJ3fNpQurBoxfoAvQmwAmBs5ZGESyQWzcYbsVvXgxw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1492337409%3A1714808609301150&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-i280V-j9q09qSJGWkkFsoA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 428
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 5d39fe7c75.2ac4fce9b8.com/in/multy | 157.90.84.246 | 204 No Content | 6.5 kB |
URL OPTIONS HTTP/25d39fe7c75.2ac4fce9b8.com/in/multy IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subject2ac4fce9b8.com Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1 ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT
Hash0515252a5155680c789144bdc362ca3e ba71184e3396eaf40fb56325b3ecdf3863a26856 780a2503186cab8058751892a2ed016c857dbafa934c6a7d2bbea393a244ebb2
POST /in/multy HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1717
Origin: https://poop.com.co
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 07:43:29 GMT
content-type: application/json
content-length: 6534
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=0080522c273a495dfa317d524ed77ec3 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=0080522c273a495dfa317d524ed77ec3 IP139.45.195.8:443
Requested byhttps://yu2be.com/video?q=bersamamu+jazz CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashd20608dd5a65ca7f40fa9f4da493639b e89ab44fea35e5777719dfa8e9cd06eb61450708 8312773f576e7e03611c1b48a17f9a99c9eb77442e73ffb9db26a34ceee45adc
GET /gid.js?userId=0080522c273a495dfa317d524ed77ec3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yu2be.com
DNT: 1
Connection: keep-alive
Referer: https://yu2be.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 07:43:29 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://yu2be.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080522c273a495dfa317d524ed77ec3; expires=Sun, 04 May 2025 07:43:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| 5d39fe7c75.2ac4fce9b8.com/in/multy | 157.90.84.246 | 204 No Content | 6.3 kB |
URL OPTIONS HTTP/25d39fe7c75.2ac4fce9b8.com/in/multy IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subject2ac4fce9b8.com Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1 ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT
Hash5d7ff042c73830569b3bd3ba156e6808 0b4abd9a1c278c8af17ff93949d2b4e11787b691 10b7bdd20a4d8282e31600c09e53dd1f73c295e0e3d6dbce9b7f6087c5d30e2c
POST /in/multy HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1717
Origin: https://poop.com.co
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 07:43:29 GMT
content-type: application/json
content-length: 6304
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fd%2FZJfbK6wKidD&refdom=poop.com.co&auction_time=1714808609&subid=357529620&sid=4200819325&tcid=0&ver=7.282.0-b&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=56.19720389836084&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fd%252FZJfbK6wKidD%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=54175&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3DHJ2VVNmTnMat94-7cUTdpCaPi-KAw3OOV2wLWmOiHDJu5gJtTguQL8vHviL1_7hYv5weazv2gw1pjK7fufhfYwcxAB50kZHSOwHPipOpc3ntjPjmwReqELD5Z2LDlU5EWg2iSmYy3K74ipNzE3nqdTdaSHHRRqNEH5mAfXRSEMwuX2siNLoJ3k5oj5zf2aWFTs0GqmDZ3cyMy-t65dTFeJHaFbtlmyWXVYFhM6kxT7fIHON-d3gtItGVMEQbGpqJLB-EpwOd_NkreTQYyHK-AIdpIPtTYK0l6SIskzSY3jiKLBQEOm2sKpaWPg6fI-nBLRy8Y9iwQeVw16Zx5ue2fqAY2ozHz9VT5l5-inhUyAtDXCq4SkAzyqMXXFGisTmJPRHcKwB0F3Ix7EPV7a5VPSBkX00SnuKRK9caOrWY3Z7jFhIBtRZvbzAwll2tMzj_yJcAnB7ZVjyvEkfgko9mjT2XtQE-6QQ_bD-iquJ08kxnHbayZCGMxaY9skP2dNBU0m9yC-BeVEm8Mwu-2JtQLyaS6lOdVHyz5F9-iBqyPmUN0ZGe1u6pUoConvRVwa6OW_2ltK-QolfhqhwqkH0AXIFtXaxiQSqNBHaO86cc2cLSFofjqTExT0FJxZAoeRZwQg99wcHkd35-7IjAkFcCcGJcTi3_HLjKqzzUZw&icons=Uscg8NyOoIL-OoNM3ivjBz1C6RRqKE7B1_TOkOJ0T7L-FmS0ZmRheuyilXDEh4vAOV-kLWmF757WoSlIiTlR1Fp4GzhKxvpQgvl_xxKYhuDSdfVvNkBt8KqnjmTuOkw6JsEq-JfbFgVNPbZytLryHmHmLB9CArpz6yFSnmzRb4ee6Ivr1A&ext_cid=175&px_id=53418774&min_cpm=0.030490179583950568&out_id=1&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=6237223322679967612&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.036375319220341464&cpm=0&verify_hash=984200227b37c2dba35b5e9aa9c35f6c&is_native=2&real_bid=0.0031140000820160003&original_bid_usd=0.004&original_bid=0.004&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=0,83,89,4,27,20,108&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.004&hostname=auc-inpage-hz-8-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000004000000000000001&ext_campaign_id_str=175&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=0a8f5495-234f-485a-bd44-21b510dea752&prev_step_diff=776 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/25d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fd%2FZJfbK6wKidD&refdom=poop.com.co&auction_time=1714808609&subid=357529620&sid=4200819325&tcid=0&ver=7.282.0-b&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=56.19720389836084&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fd%252FZJfbK6wKidD%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=54175&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3DHJ2VVNmTnMat94-7cUTdpCaPi-KAw3OOV2wLWmOiHDJu5gJtTguQL8vHviL1_7hYv5weazv2gw1pjK7fufhfYwcxAB50kZHSOwHPipOpc3ntjPjmwReqELD5Z2LDlU5EWg2iSmYy3K74ipNzE3nqdTdaSHHRRqNEH5mAfXRSEMwuX2siNLoJ3k5oj5zf2aWFTs0GqmDZ3cyMy-t65dTFeJHaFbtlmyWXVYFhM6kxT7fIHON-d3gtItGVMEQbGpqJLB-EpwOd_NkreTQYyHK-AIdpIPtTYK0l6SIskzSY3jiKLBQEOm2sKpaWPg6fI-nBLRy8Y9iwQeVw16Zx5ue2fqAY2ozHz9VT5l5-inhUyAtDXCq4SkAzyqMXXFGisTmJPRHcKwB0F3Ix7EPV7a5VPSBkX00SnuKRK9caOrWY3Z7jFhIBtRZvbzAwll2tMzj_yJcAnB7ZVjyvEkfgko9mjT2XtQE-6QQ_bD-iquJ08kxnHbayZCGMxaY9skP2dNBU0m9yC-BeVEm8Mwu-2JtQLyaS6lOdVHyz5F9-iBqyPmUN0ZGe1u6pUoConvRVwa6OW_2ltK-QolfhqhwqkH0AXIFtXaxiQSqNBHaO86cc2cLSFofjqTExT0FJxZAoeRZwQg99wcHkd35-7IjAkFcCcGJcTi3_HLjKqzzUZw&icons=Uscg8NyOoIL-OoNM3ivjBz1C6RRqKE7B1_TOkOJ0T7L-FmS0ZmRheuyilXDEh4vAOV-kLWmF757WoSlIiTlR1Fp4GzhKxvpQgvl_xxKYhuDSdfVvNkBt8KqnjmTuOkw6JsEq-JfbFgVNPbZytLryHmHmLB9CArpz6yFSnmzRb4ee6Ivr1A&ext_cid=175&px_id=53418774&min_cpm=0.030490179583950568&out_id=1&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=6237223322679967612&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.036375319220341464&cpm=0&verify_hash=984200227b37c2dba35b5e9aa9c35f6c&is_native=2&real_bid=0.0031140000820160003&original_bid_usd=0.004&original_bid=0.004&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=0,83,89,4,27,20,108&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.004&hostname=auc-inpage-hz-8-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000004000000000000001&ext_campaign_id_str=175&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=0a8f5495-234f-485a-bd44-21b510dea752&prev_step_diff=776 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subject2ac4fce9b8.com Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1 ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fd%2FZJfbK6wKidD&refdom=poop.com.co&auction_time=1714808609&subid=357529620&sid=4200819325&tcid=0&ver=7.282.0-b&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=56.19720389836084&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fd%252FZJfbK6wKidD%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=54175&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3DHJ2VVNmTnMat94-7cUTdpCaPi-KAw3OOV2wLWmOiHDJu5gJtTguQL8vHviL1_7hYv5weazv2gw1pjK7fufhfYwcxAB50kZHSOwHPipOpc3ntjPjmwReqELD5Z2LDlU5EWg2iSmYy3K74ipNzE3nqdTdaSHHRRqNEH5mAfXRSEMwuX2siNLoJ3k5oj5zf2aWFTs0GqmDZ3cyMy-t65dTFeJHaFbtlmyWXVYFhM6kxT7fIHON-d3gtItGVMEQbGpqJLB-EpwOd_NkreTQYyHK-AIdpIPtTYK0l6SIskzSY3jiKLBQEOm2sKpaWPg6fI-nBLRy8Y9iwQeVw16Zx5ue2fqAY2ozHz9VT5l5-inhUyAtDXCq4SkAzyqMXXFGisTmJPRHcKwB0F3Ix7EPV7a5VPSBkX00SnuKRK9caOrWY3Z7jFhIBtRZvbzAwll2tMzj_yJcAnB7ZVjyvEkfgko9mjT2XtQE-6QQ_bD-iquJ08kxnHbayZCGMxaY9skP2dNBU0m9yC-BeVEm8Mwu-2JtQLyaS6lOdVHyz5F9-iBqyPmUN0ZGe1u6pUoConvRVwa6OW_2ltK-QolfhqhwqkH0AXIFtXaxiQSqNBHaO86cc2cLSFofjqTExT0FJxZAoeRZwQg99wcHkd35-7IjAkFcCcGJcTi3_HLjKqzzUZw&icons=Uscg8NyOoIL-OoNM3ivjBz1C6RRqKE7B1_TOkOJ0T7L-FmS0ZmRheuyilXDEh4vAOV-kLWmF757WoSlIiTlR1Fp4GzhKxvpQgvl_xxKYhuDSdfVvNkBt8KqnjmTuOkw6JsEq-JfbFgVNPbZytLryHmHmLB9CArpz6yFSnmzRb4ee6Ivr1A&ext_cid=175&px_id=53418774&min_cpm=0.030490179583950568&out_id=1&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=6237223322679967612&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.036375319220341464&cpm=0&verify_hash=984200227b37c2dba35b5e9aa9c35f6c&is_native=2&real_bid=0.0031140000820160003&original_bid_usd=0.004&original_bid=0.004&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=0,83,89,4,27,20,108&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.004&hostname=auc-inpage-hz-8-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000004000000000000001&ext_campaign_id_str=175&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=0a8f5495-234f-485a-bd44-21b510dea752&prev_step_diff=776 HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 07:43:29 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| img.doodcdn.co/snaps/64i4aapmmps44jyn.jpg | 104.26.6.74 | 200 OK | 25 kB |
URL GET HTTP/2img.doodcdn.co/snaps/64i4aapmmps44jyn.jpg IP104.26.6.74:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerCloudflare, Inc. Subjectdoodcdn.co Fingerprint8C:32:D4:AB:AF:53:AF:34:D3:6F:F9:E0:66:DC:21:B2:03:C6:34:F3 ValidityFri, 12 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x405, components 3 Hash1c0ac456ee61f6cf288d1e3fa4e304ec 78ef54b2955cecfc9b071560585aee36506719a4 aa032c5bcc08457ca51970d1976e372e095d45201aae3816e7b7ea9fcc9e270e
GET /snaps/64i4aapmmps44jyn.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metrolagu.cam/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:29 GMT
content-type: image/jpeg
content-length: 24731
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=24950
etag: "662d055c-6176"
expires: Fri, 17 May 2024 16:33:54 GMT
last-modified: Sat, 27 Apr 2024 14:02:04 GMT
cf-cache-status: HIT
age: 2
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SVlm8nfw3%2FPXnhtx264vNXU6gw2pXPIQX3dl216XdvN2SiFrcavxqM7TXFe28MpzLk%2Flu8CLNdHCG1LxkwaFrLFnMTk06EKvzEH%2BMn%2BPB7EzB95F91%2B6IWNsTYrqMOIp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6dc32ec03b503-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fd%2FZJfbK6wKidD&refdom=poop.com.co&auction_time=1714808609&subid=357529620&sid=4200819325&tcid=0&ver=7.282.0-b&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=56.19720389836084&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fd%252FZJfbK6wKidD%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=7791&crtid=5079ec67c474671661b3341f26ddc1ba&url=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fc%3Fauth%3Dnmxuw8%26c%3DjbpgwrvoLjPfd7CTy49GGQ_aB9XQzfxy_ptxGrN7aFrFFgzC4IshfSxEMK4LMZfTlF6SHs8tuAUC2Rv1xaERG2chuFXgBK9FX4UJImSHI8fYTpBD2lGcCalg2ZRsH7p5BrpbKLXeTsW0mcWsxZpvJjhX594ipBgzRR7ba-aeW5q7RAtwfkl-n1JIVGO15Tq7CJEv39C0Ok0kiqW8hE8UTUgqbHGY0g-dJYLvOly7h8BQarVCvJY49kIwrnU2w9IiUKvvnTB3Y8m0IcPjAiqQ4gu8LXzhhBkGjua6prRKk1X-iIlwLGZfN6USlD-rARIff8FYGMPcnbr5aDGqbNNr6nwXvxVxocwMMiL3GJukEaex4QUP9PPp-RuZOt1mmaMkFDBCm-NvREDz_4piVygsxR-l0eF-mN1R313E0G7Tfna_m2tHv7hRjmqsTpxbKEzWJkpNrZ0pVtCNN4STqGMX7IEZ6uJK_zOjmrc4NCqMRW-QrmTi3K55cInIlyT6iL9HTjnxSrf2jI2g3urQyn76CCVawWVguSWtJOCmlD-oOEHrIMh0qgOCcrk_O3Lw6zCH71VW2jtNaLii3dg3gWXUSeURmvXjL6H09ahwWXGXngSvx9bOEMrpMcc7tJ47f09_V-Qo9B-4pjH39jBaxZkGfIJqJj7FooJTvttK6ke_thFls14-nVv3p804pGlyWnSLfkQUUlr5J5Hb7xC7b1fqgGrr5vz-BFXpiA3J5rPrYhM&icons=5EVQFMR4jaWVaxeecuBodMt4cT_ypfoy2u8dB38XHvLrUwsHKB9utRigEeLJV4p7I9Jy4VkfBonjrjBcKbW8U7WTuL5lMjsTMJg81GvXtadk8MjIkaAJ_8ixL3EiCahlHmu7v4QZRH2lvP1W7Qlv048op-PQvRXTyzjtWRn4IaEOBSf2tbxb49-EB9IDaks1mewIqlPAgIUCZZeNp7gmvVJ_9wRm9kQ_5TC795MZWQqn5-itIk7RlUtMMa1yYlCBRHOeg2DaAy2-iovtHMog9CX7n6QqN_HpGyJR3WvUctcwJ-oRG5WElb29IZSMiI1yQvS4_GduL2OyFcU21zt5zQF6sNP3J1EMEsCqrwyIER07RhH9qhS862JujaIcqXnfePBXwTNgAANdKZRN9f3hCCaL8aRAwrzvGe7sGQBepwaHMES7U7_DObyxIBm4Ip8KyLZbqmsMRhWyK5E7R4mPXgu-ZjaoUnzSHfdsNnfPjBWtja8x5W35prNboX8T565FYj04e4Hh28ekC9F9JtusQWeX8w7Yy4Etl0zXggQ6pUQGLZu5ZAI3vP39dbnNgKYrZLe7QCWjvmnq8s1hYz9fu7Z8KZ4Y-WjNUqVLf3xwEp8m5e8rIaV_qhHad36yxOJfzFK-HYsk8I8No5Q1zQ687iwYVwmdxDuOz8jaaEcpNN8peuTdchj5khMINM4FA8D__M2OeTqPuFBHLY-4G35a6Myf8vbu5FO-VcSXFsupU1CPTJkl0taUokg7GNGvrIkNaEACe50LLNOQw__NY0s2-GkaSIDSawUpKUtVYFdJX8yeBom7pJciNw8YH5S0X1sKPArgN_loyVGU0waog8Nd&ext_cid=5463&px_id=31418774&min_cpm=0.13937841101095794&out_id=0&campaign_type=mq&aid=3755&cid=16401&uniq=&mid=6237223322679967612&skin_id=71&vertical_id=14&skin_test=0&from_cache=0&ecpm=1.5807898225148935&cpm=0&verify_hash=ccc7b8ab81fd73d828cfb6a056686476&is_native=1&real_bid=0.029604001045227202&original_bid_usd=0.04&original_bid=0.04&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,14,98,93,101&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dnmxuw8%26c%3DojwUDAak9_Ki2pEIFIQJKdIZCzkoDArbYUh6lr5a9YV9Xl2cnUqBRnZqQDxPOJ7gsf6gP-qWXJrlStBchZILmyul5NVIVQPtPyAfLD1VtpXuA5oI_zJHmmw-odk-g91zf2kyuHiZGwICgmqjEC_c86rioHNXQ8xxiez6oyBARpXA70yAlD6rnzDXByci6QFY5u1ZzS8rd_ana5QrEhtCh7PfUrDwSqkLuvxUyNMwt0uFbJL_5rkeHqbZoWIf0YwDusdvFMnNVMPvnvIHypIXm4HcO3xwkR0WntXZwRb2UcPG7IWJtA5JBYSisH_bSoBo-pqgaNu7X0y3K4W0XttrcGKPksWHMlK9JFuXcSRPTIjDxqCjRi8n5o2Mmv1Nfi0DmXFfVSi5xpDK-ubeyIyEekZ23cQf5CKkErmpoNTCUE55U-RnkzE3gX-f74Iq994pGNTRrcBEs6yCdBXre4Na32mD2e3IHbtNUmITr-dpwuzVyayRYOXHLbZZaX-43BgalwW6NZPvaiDhyWv_-_jnucmngJ6ERNgS&site=native-push-adult&price=0.04&hostname=auc-inpage-hz-8-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000039999999999999996&ext_campaign_id_str=5463&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.02&cpa=33b912b7-103b-4681-babb-cfd1f1836b31&prev_step_diff=776 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/25d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fd%2FZJfbK6wKidD&refdom=poop.com.co&auction_time=1714808609&subid=357529620&sid=4200819325&tcid=0&ver=7.282.0-b&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=56.19720389836084&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fd%252FZJfbK6wKidD%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=7791&crtid=5079ec67c474671661b3341f26ddc1ba&url=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fc%3Fauth%3Dnmxuw8%26c%3DjbpgwrvoLjPfd7CTy49GGQ_aB9XQzfxy_ptxGrN7aFrFFgzC4IshfSxEMK4LMZfTlF6SHs8tuAUC2Rv1xaERG2chuFXgBK9FX4UJImSHI8fYTpBD2lGcCalg2ZRsH7p5BrpbKLXeTsW0mcWsxZpvJjhX594ipBgzRR7ba-aeW5q7RAtwfkl-n1JIVGO15Tq7CJEv39C0Ok0kiqW8hE8UTUgqbHGY0g-dJYLvOly7h8BQarVCvJY49kIwrnU2w9IiUKvvnTB3Y8m0IcPjAiqQ4gu8LXzhhBkGjua6prRKk1X-iIlwLGZfN6USlD-rARIff8FYGMPcnbr5aDGqbNNr6nwXvxVxocwMMiL3GJukEaex4QUP9PPp-RuZOt1mmaMkFDBCm-NvREDz_4piVygsxR-l0eF-mN1R313E0G7Tfna_m2tHv7hRjmqsTpxbKEzWJkpNrZ0pVtCNN4STqGMX7IEZ6uJK_zOjmrc4NCqMRW-QrmTi3K55cInIlyT6iL9HTjnxSrf2jI2g3urQyn76CCVawWVguSWtJOCmlD-oOEHrIMh0qgOCcrk_O3Lw6zCH71VW2jtNaLii3dg3gWXUSeURmvXjL6H09ahwWXGXngSvx9bOEMrpMcc7tJ47f09_V-Qo9B-4pjH39jBaxZkGfIJqJj7FooJTvttK6ke_thFls14-nVv3p804pGlyWnSLfkQUUlr5J5Hb7xC7b1fqgGrr5vz-BFXpiA3J5rPrYhM&icons=5EVQFMR4jaWVaxeecuBodMt4cT_ypfoy2u8dB38XHvLrUwsHKB9utRigEeLJV4p7I9Jy4VkfBonjrjBcKbW8U7WTuL5lMjsTMJg81GvXtadk8MjIkaAJ_8ixL3EiCahlHmu7v4QZRH2lvP1W7Qlv048op-PQvRXTyzjtWRn4IaEOBSf2tbxb49-EB9IDaks1mewIqlPAgIUCZZeNp7gmvVJ_9wRm9kQ_5TC795MZWQqn5-itIk7RlUtMMa1yYlCBRHOeg2DaAy2-iovtHMog9CX7n6QqN_HpGyJR3WvUctcwJ-oRG5WElb29IZSMiI1yQvS4_GduL2OyFcU21zt5zQF6sNP3J1EMEsCqrwyIER07RhH9qhS862JujaIcqXnfePBXwTNgAANdKZRN9f3hCCaL8aRAwrzvGe7sGQBepwaHMES7U7_DObyxIBm4Ip8KyLZbqmsMRhWyK5E7R4mPXgu-ZjaoUnzSHfdsNnfPjBWtja8x5W35prNboX8T565FYj04e4Hh28ekC9F9JtusQWeX8w7Yy4Etl0zXggQ6pUQGLZu5ZAI3vP39dbnNgKYrZLe7QCWjvmnq8s1hYz9fu7Z8KZ4Y-WjNUqVLf3xwEp8m5e8rIaV_qhHad36yxOJfzFK-HYsk8I8No5Q1zQ687iwYVwmdxDuOz8jaaEcpNN8peuTdchj5khMINM4FA8D__M2OeTqPuFBHLY-4G35a6Myf8vbu5FO-VcSXFsupU1CPTJkl0taUokg7GNGvrIkNaEACe50LLNOQw__NY0s2-GkaSIDSawUpKUtVYFdJX8yeBom7pJciNw8YH5S0X1sKPArgN_loyVGU0waog8Nd&ext_cid=5463&px_id=31418774&min_cpm=0.13937841101095794&out_id=0&campaign_type=mq&aid=3755&cid=16401&uniq=&mid=6237223322679967612&skin_id=71&vertical_id=14&skin_test=0&from_cache=0&ecpm=1.5807898225148935&cpm=0&verify_hash=ccc7b8ab81fd73d828cfb6a056686476&is_native=1&real_bid=0.029604001045227202&original_bid_usd=0.04&original_bid=0.04&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,14,98,93,101&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dnmxuw8%26c%3DojwUDAak9_Ki2pEIFIQJKdIZCzkoDArbYUh6lr5a9YV9Xl2cnUqBRnZqQDxPOJ7gsf6gP-qWXJrlStBchZILmyul5NVIVQPtPyAfLD1VtpXuA5oI_zJHmmw-odk-g91zf2kyuHiZGwICgmqjEC_c86rioHNXQ8xxiez6oyBARpXA70yAlD6rnzDXByci6QFY5u1ZzS8rd_ana5QrEhtCh7PfUrDwSqkLuvxUyNMwt0uFbJL_5rkeHqbZoWIf0YwDusdvFMnNVMPvnvIHypIXm4HcO3xwkR0WntXZwRb2UcPG7IWJtA5JBYSisH_bSoBo-pqgaNu7X0y3K4W0XttrcGKPksWHMlK9JFuXcSRPTIjDxqCjRi8n5o2Mmv1Nfi0DmXFfVSi5xpDK-ubeyIyEekZ23cQf5CKkErmpoNTCUE55U-RnkzE3gX-f74Iq994pGNTRrcBEs6yCdBXre4Na32mD2e3IHbtNUmITr-dpwuzVyayRYOXHLbZZaX-43BgalwW6NZPvaiDhyWv_-_jnucmngJ6ERNgS&site=native-push-adult&price=0.04&hostname=auc-inpage-hz-8-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000039999999999999996&ext_campaign_id_str=5463&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.02&cpa=33b912b7-103b-4681-babb-cfd1f1836b31&prev_step_diff=776 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subject2ac4fce9b8.com Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1 ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=b&site_id=31418774&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fd%2FZJfbK6wKidD&refdom=poop.com.co&auction_time=1714808609&subid=357529620&sid=4200819325&tcid=0&ver=7.282.0-b&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=56.19720389836084&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fd%252FZJfbK6wKidD%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=7791&crtid=5079ec67c474671661b3341f26ddc1ba&url=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fc%3Fauth%3Dnmxuw8%26c%3DjbpgwrvoLjPfd7CTy49GGQ_aB9XQzfxy_ptxGrN7aFrFFgzC4IshfSxEMK4LMZfTlF6SHs8tuAUC2Rv1xaERG2chuFXgBK9FX4UJImSHI8fYTpBD2lGcCalg2ZRsH7p5BrpbKLXeTsW0mcWsxZpvJjhX594ipBgzRR7ba-aeW5q7RAtwfkl-n1JIVGO15Tq7CJEv39C0Ok0kiqW8hE8UTUgqbHGY0g-dJYLvOly7h8BQarVCvJY49kIwrnU2w9IiUKvvnTB3Y8m0IcPjAiqQ4gu8LXzhhBkGjua6prRKk1X-iIlwLGZfN6USlD-rARIff8FYGMPcnbr5aDGqbNNr6nwXvxVxocwMMiL3GJukEaex4QUP9PPp-RuZOt1mmaMkFDBCm-NvREDz_4piVygsxR-l0eF-mN1R313E0G7Tfna_m2tHv7hRjmqsTpxbKEzWJkpNrZ0pVtCNN4STqGMX7IEZ6uJK_zOjmrc4NCqMRW-QrmTi3K55cInIlyT6iL9HTjnxSrf2jI2g3urQyn76CCVawWVguSWtJOCmlD-oOEHrIMh0qgOCcrk_O3Lw6zCH71VW2jtNaLii3dg3gWXUSeURmvXjL6H09ahwWXGXngSvx9bOEMrpMcc7tJ47f09_V-Qo9B-4pjH39jBaxZkGfIJqJj7FooJTvttK6ke_thFls14-nVv3p804pGlyWnSLfkQUUlr5J5Hb7xC7b1fqgGrr5vz-BFXpiA3J5rPrYhM&icons=5EVQFMR4jaWVaxeecuBodMt4cT_ypfoy2u8dB38XHvLrUwsHKB9utRigEeLJV4p7I9Jy4VkfBonjrjBcKbW8U7WTuL5lMjsTMJg81GvXtadk8MjIkaAJ_8ixL3EiCahlHmu7v4QZRH2lvP1W7Qlv048op-PQvRXTyzjtWRn4IaEOBSf2tbxb49-EB9IDaks1mewIqlPAgIUCZZeNp7gmvVJ_9wRm9kQ_5TC795MZWQqn5-itIk7RlUtMMa1yYlCBRHOeg2DaAy2-iovtHMog9CX7n6QqN_HpGyJR3WvUctcwJ-oRG5WElb29IZSMiI1yQvS4_GduL2OyFcU21zt5zQF6sNP3J1EMEsCqrwyIER07RhH9qhS862JujaIcqXnfePBXwTNgAANdKZRN9f3hCCaL8aRAwrzvGe7sGQBepwaHMES7U7_DObyxIBm4Ip8KyLZbqmsMRhWyK5E7R4mPXgu-ZjaoUnzSHfdsNnfPjBWtja8x5W35prNboX8T565FYj04e4Hh28ekC9F9JtusQWeX8w7Yy4Etl0zXggQ6pUQGLZu5ZAI3vP39dbnNgKYrZLe7QCWjvmnq8s1hYz9fu7Z8KZ4Y-WjNUqVLf3xwEp8m5e8rIaV_qhHad36yxOJfzFK-HYsk8I8No5Q1zQ687iwYVwmdxDuOz8jaaEcpNN8peuTdchj5khMINM4FA8D__M2OeTqPuFBHLY-4G35a6Myf8vbu5FO-VcSXFsupU1CPTJkl0taUokg7GNGvrIkNaEACe50LLNOQw__NY0s2-GkaSIDSawUpKUtVYFdJX8yeBom7pJciNw8YH5S0X1sKPArgN_loyVGU0waog8Nd&ext_cid=5463&px_id=31418774&min_cpm=0.13937841101095794&out_id=0&campaign_type=mq&aid=3755&cid=16401&uniq=&mid=6237223322679967612&skin_id=71&vertical_id=14&skin_test=0&from_cache=0&ecpm=1.5807898225148935&cpm=0&verify_hash=ccc7b8ab81fd73d828cfb6a056686476&is_native=1&real_bid=0.029604001045227202&original_bid_usd=0.04&original_bid=0.04&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,14,98,93,101&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dnmxuw8%26c%3DojwUDAak9_Ki2pEIFIQJKdIZCzkoDArbYUh6lr5a9YV9Xl2cnUqBRnZqQDxPOJ7gsf6gP-qWXJrlStBchZILmyul5NVIVQPtPyAfLD1VtpXuA5oI_zJHmmw-odk-g91zf2kyuHiZGwICgmqjEC_c86rioHNXQ8xxiez6oyBARpXA70yAlD6rnzDXByci6QFY5u1ZzS8rd_ana5QrEhtCh7PfUrDwSqkLuvxUyNMwt0uFbJL_5rkeHqbZoWIf0YwDusdvFMnNVMPvnvIHypIXm4HcO3xwkR0WntXZwRb2UcPG7IWJtA5JBYSisH_bSoBo-pqgaNu7X0y3K4W0XttrcGKPksWHMlK9JFuXcSRPTIjDxqCjRi8n5o2Mmv1Nfi0DmXFfVSi5xpDK-ubeyIyEekZ23cQf5CKkErmpoNTCUE55U-RnkzE3gX-f74Iq994pGNTRrcBEs6yCdBXre4Na32mD2e3IHbtNUmITr-dpwuzVyayRYOXHLbZZaX-43BgalwW6NZPvaiDhyWv_-_jnucmngJ6ERNgS&site=native-push-adult&price=0.04&hostname=auc-inpage-hz-8-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000039999999999999996&ext_campaign_id_str=5463&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.02&cpa=33b912b7-103b-4681-babb-cfd1f1836b31&prev_step_diff=776 HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 07:43:29 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js | 104.17.24.14 | 200 OK | 28 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP104.17.24.14:443
Requested byhttps://metrolagu.cam/watch?v=5cy3vDjTfFY CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metrolagu.cam
DNT: 1
Connection: keep-alive
Referer: https://metrolagu.cam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 211807
expires: Thu, 24 Apr 2025 07:43:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jy%2Bx40u6gk84rerWVg1bDX3x2LHnXg3Ie5ACWthVVneEpjho20dNsBdb5%2FNrM5CNn2YiX6OvYfmXa0FvN5sYUXYsuGHCm3voQ1hNBEpi84dO22k6lINT2IuBNVOiqvuCLgEXO6ZO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e6dc330c7eb4ed-OSL
alt-svc: h3=":443"; ma=86400
|
|
| metrolagu.cam/embed.css | 188.114.97.1 | 200 OK | 849 B |
IP188.114.97.1:443
Requested byhttps://metrolagu.cam/watch?v=5cy3vDjTfFY CertificateIssuerGoogle Trust Services LLC Subjectmetrolagu.cam Fingerprint2C:DD:F0:B5:15:2E:A1:34:CC:51:79:CB:A4:80:02:39:2A:7B:0F:CD ValiditySun, 14 Apr 2024 04:02:38 GMT - Sat, 13 Jul 2024 04:02:37 GMT
Hash1ac57b2fc858076467716fbad9268b05 94b3c1ff894b4cb316dfe90962b64db541bb3c46 6291ad32f03939ee9eb7cf8d62641115d0962e49b4869358c1ddee6271d9f0bf
GET /embed.css HTTP/1.1
Host: metrolagu.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metrolagu.cam/watch?v=5cy3vDjTfFY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:29 GMT
content-type: text/css
last-modified: Thu, 28 Sep 2023 15:07:59 GMT
vary: Accept-Encoding
etag: W/"651596cf-446"
expires: Sat, 04 May 2024 16:01:18 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 13331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WXc%2FEzIy2HokdhAZrQ8ZE%2B44lHRKo8YhKkhEx7YufrKbifWRHFHJoipRUv6wApl6O2ddX%2ByvlskoiSzYd8GMUiwwwYXUDkt%2FhFtce1bd3tMLZuWBeQFcU0yRM05lV5xw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6dc32ed005695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| metrolagu.cam/watch?v=5cy3vDjTfFY | 188.114.97.1 | 200 OK | 3.3 kB |
URL POST HTTP/3metrolagu.cam/watch?v=5cy3vDjTfFY IP188.114.97.1:443
Requested byhttps://yu2be.com/video?q=bersamamu+jazz CertificateIssuerGoogle Trust Services LLC Subjectmetrolagu.cam Fingerprint2C:DD:F0:B5:15:2E:A1:34:CC:51:79:CB:A4:80:02:39:2A:7B:0F:CD ValiditySun, 14 Apr 2024 04:02:38 GMT - Sat, 13 Jul 2024 04:02:37 GMT
File typeHTML document, ASCII text, with very long lines (2397) Hashd3c49b4f4b426f310e1b2a40dbbeb075 25cf96fe8cc3d0063682de955de4c3293bfc6957 86dd23a9f21570fc8834d31f09aee4b3f2a29a11ee8da20b9e5ac3c2faa8f641
POST /watch?v=5cy3vDjTfFY HTTP/1.1
Host: metrolagu.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 27
Origin: https://metrolagu.cam
DNT: 1
Connection: keep-alive
Referer: https://metrolagu.cam/jembud/4464694b77364b62664a5a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xCwsDxCn%2BSf0yquz3%2Fd4nQkJNZQ%2B%2Bs5AOMwn3BwOkP9LqM0wwz7W%2BMrWwBgcjfBR8uP83YGMg3Zx2zCFvBePLf7KnJdGhr1W8PcxZPnLeD2epwttcO%2F1pFlXG5PEB8EH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6dc309b0c5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=e6a329fe-e00c-4928-894a-fadf6a030cef&prev_step_diff=894 | 45.133.44.24 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=e6a329fe-e00c-4928-894a-fadf6a030cef&prev_step_diff=894 IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=e6a329fe-e00c-4928-894a-fadf6a030cef&prev_step_diff=894 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:29 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sun, 04 May 2025 07:43:29 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.24 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:29 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sun, 04 May 2025 07:43:29 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fd%2FZJfbK6wKidD&refdom=poop.com.co&auction_time=1714808609&subid=388464194&sid=2234682930&tcid=0&ver=7.282.0-b&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=63.961633525804245&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fd%252FZJfbK6wKidD%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=54175&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3DBt5RM8OGy62okqr4xeYymxQg5qO6kF-Om2tacIhQL-J8bnvCofv1CLXO8P74I_4hTMUy1e7Xyn8kf3Tsd0HVZ88czMXEJpmOm5sNMtl2RIicsGbJumgTt_biNk24OSy5fCcM6C4kJDPXymNyGbxEj7iJDilSn59z_AftxTd6qdRbKZEqsbMEzU0_MV_xSP7-E4H_aMPlBkEBtHHPcWFvz3FWQfa_9BnUy5eu76PP5zjPduoYy_yGej9oRVhJ3HdoyVNIMu1TtP18sR5Jh5Jib3J2FwTNCIzvigPaHe6TcCMEOBz9nT4zFHxiWA9qPpvmx5cc4XLBJd51VG06w7FoY7xw8mvtHzmasTReQj6QLjkye5xSbnfhpm99_YIwy5CR-e7iiLSvlSzCrjVMIjiigPr_cwAJQVuP74fmfH7za9S9W9RG6Zjw5q13PJ8P3Gglae1PtnvN3s5hhwsHchyEide8Iw157l4LIYdlDs2_e7Z19cMEMABBVyNk6AFJ5kFBkV6IldTG55GqWoysS9luw4sfhHap1E0PlKGzcHjdCncQ-Um_iSBPJuMhHkGO-_jf1kn2EhQlv2M9hFwDtEZ99vdVWuc2L_Fcpk18E5I6kbwSF4U8XhzldIFen8mxnH8styCm5zpeHCEolyO4AdyLVLN-sExSrTsC_0GPwQ&icons=NRE8dMDFJhwQCHXLQ2S9KVT6Ooh6OMs0r9UyY2NOkckjA0f8LmTRIQ8xn6jXIMXs0xA9FbU-PUtT0Dd9yhU2nHDUj6G2ESXZJRM15_dYYjFbyj8H3NOtr9dOSLm_LWZmR-QwIcX72BsTNgVhFERUQGVlXDAIlGcCyWouMoi7A2A0Hnn5Gg&ext_cid=175&px_id=53418776&min_cpm=0.14469544089693714&out_id=1&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=4306467925999910569&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.17262419979725738&cpm=0&verify_hash=ee398e16d8e4f98719b74eac772c08b7&is_native=2&real_bid=0.0031140000820160003&original_bid_usd=0.004&original_bid=0.004&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,108,0,4,83,89,20&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.004&hostname=auc-inpage-hz-7-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000004000000000000001&ext_campaign_id_str=175&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=a9539a97-3f8c-4d51-91d7-394859992e04&prev_step_diff=894 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/25d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fd%2FZJfbK6wKidD&refdom=poop.com.co&auction_time=1714808609&subid=388464194&sid=2234682930&tcid=0&ver=7.282.0-b&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=63.961633525804245&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fd%252FZJfbK6wKidD%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=54175&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3DBt5RM8OGy62okqr4xeYymxQg5qO6kF-Om2tacIhQL-J8bnvCofv1CLXO8P74I_4hTMUy1e7Xyn8kf3Tsd0HVZ88czMXEJpmOm5sNMtl2RIicsGbJumgTt_biNk24OSy5fCcM6C4kJDPXymNyGbxEj7iJDilSn59z_AftxTd6qdRbKZEqsbMEzU0_MV_xSP7-E4H_aMPlBkEBtHHPcWFvz3FWQfa_9BnUy5eu76PP5zjPduoYy_yGej9oRVhJ3HdoyVNIMu1TtP18sR5Jh5Jib3J2FwTNCIzvigPaHe6TcCMEOBz9nT4zFHxiWA9qPpvmx5cc4XLBJd51VG06w7FoY7xw8mvtHzmasTReQj6QLjkye5xSbnfhpm99_YIwy5CR-e7iiLSvlSzCrjVMIjiigPr_cwAJQVuP74fmfH7za9S9W9RG6Zjw5q13PJ8P3Gglae1PtnvN3s5hhwsHchyEide8Iw157l4LIYdlDs2_e7Z19cMEMABBVyNk6AFJ5kFBkV6IldTG55GqWoysS9luw4sfhHap1E0PlKGzcHjdCncQ-Um_iSBPJuMhHkGO-_jf1kn2EhQlv2M9hFwDtEZ99vdVWuc2L_Fcpk18E5I6kbwSF4U8XhzldIFen8mxnH8styCm5zpeHCEolyO4AdyLVLN-sExSrTsC_0GPwQ&icons=NRE8dMDFJhwQCHXLQ2S9KVT6Ooh6OMs0r9UyY2NOkckjA0f8LmTRIQ8xn6jXIMXs0xA9FbU-PUtT0Dd9yhU2nHDUj6G2ESXZJRM15_dYYjFbyj8H3NOtr9dOSLm_LWZmR-QwIcX72BsTNgVhFERUQGVlXDAIlGcCyWouMoi7A2A0Hnn5Gg&ext_cid=175&px_id=53418776&min_cpm=0.14469544089693714&out_id=1&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=4306467925999910569&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.17262419979725738&cpm=0&verify_hash=ee398e16d8e4f98719b74eac772c08b7&is_native=2&real_bid=0.0031140000820160003&original_bid_usd=0.004&original_bid=0.004&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,108,0,4,83,89,20&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.004&hostname=auc-inpage-hz-7-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000004000000000000001&ext_campaign_id_str=175&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=a9539a97-3f8c-4d51-91d7-394859992e04&prev_step_diff=894 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subject2ac4fce9b8.com Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1 ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fd%2FZJfbK6wKidD&refdom=poop.com.co&auction_time=1714808609&subid=388464194&sid=2234682930&tcid=0&ver=7.282.0-b&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=63.961633525804245&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fd%252FZJfbK6wKidD%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=54175&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3DBt5RM8OGy62okqr4xeYymxQg5qO6kF-Om2tacIhQL-J8bnvCofv1CLXO8P74I_4hTMUy1e7Xyn8kf3Tsd0HVZ88czMXEJpmOm5sNMtl2RIicsGbJumgTt_biNk24OSy5fCcM6C4kJDPXymNyGbxEj7iJDilSn59z_AftxTd6qdRbKZEqsbMEzU0_MV_xSP7-E4H_aMPlBkEBtHHPcWFvz3FWQfa_9BnUy5eu76PP5zjPduoYy_yGej9oRVhJ3HdoyVNIMu1TtP18sR5Jh5Jib3J2FwTNCIzvigPaHe6TcCMEOBz9nT4zFHxiWA9qPpvmx5cc4XLBJd51VG06w7FoY7xw8mvtHzmasTReQj6QLjkye5xSbnfhpm99_YIwy5CR-e7iiLSvlSzCrjVMIjiigPr_cwAJQVuP74fmfH7za9S9W9RG6Zjw5q13PJ8P3Gglae1PtnvN3s5hhwsHchyEide8Iw157l4LIYdlDs2_e7Z19cMEMABBVyNk6AFJ5kFBkV6IldTG55GqWoysS9luw4sfhHap1E0PlKGzcHjdCncQ-Um_iSBPJuMhHkGO-_jf1kn2EhQlv2M9hFwDtEZ99vdVWuc2L_Fcpk18E5I6kbwSF4U8XhzldIFen8mxnH8styCm5zpeHCEolyO4AdyLVLN-sExSrTsC_0GPwQ&icons=NRE8dMDFJhwQCHXLQ2S9KVT6Ooh6OMs0r9UyY2NOkckjA0f8LmTRIQ8xn6jXIMXs0xA9FbU-PUtT0Dd9yhU2nHDUj6G2ESXZJRM15_dYYjFbyj8H3NOtr9dOSLm_LWZmR-QwIcX72BsTNgVhFERUQGVlXDAIlGcCyWouMoi7A2A0Hnn5Gg&ext_cid=175&px_id=53418776&min_cpm=0.14469544089693714&out_id=1&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=4306467925999910569&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.17262419979725738&cpm=0&verify_hash=ee398e16d8e4f98719b74eac772c08b7&is_native=2&real_bid=0.0031140000820160003&original_bid_usd=0.004&original_bid=0.004&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,108,0,4,83,89,20&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.004&hostname=auc-inpage-hz-7-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000004000000000000001&ext_campaign_id_str=175&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=a9539a97-3f8c-4d51-91d7-394859992e04&prev_step_diff=894 HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 07:43:29 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fd%2FZJfbK6wKidD&refdom=poop.com.co&auction_time=1714808609&subid=388464194&sid=2234682930&tcid=0&ver=7.282.0-b&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=63.961633525804245&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fd%252FZJfbK6wKidD%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=14810&crtid=a572bc31f2fd1dfeb5c4c900296aff64&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpush%2Fc%3Fauth%3Dkj7ugv%26c%3DlMcWCXAdnGdiQsEE1oDuD4cOYlvNzOj70IlVt1fV5Un0rokKILRvfoqGpttKYeZLKk5IuSvoIprW2hDLeIWLezzne3WVicpdl-AG53F402h_-q1MkEeZ6bQro7i98_9a21bIPHftWyludov6uwg6CRhO5SNBwr1wh8uWbHpglDney-GcAE5jVlvt-e_rbo5OF8buUTGiLTT3X5rxyCIHwG5SAaSb8MJSv8mMxkswTAdVucxAgVyxrUwQ6AmQN-XXpYGtlAZlUJQsn5-CBvIxyzQdi4lv3_bvJJGt5MrYvsAmyucKLJ8u1WT50W8BEBN-zKbeT2dlBG5FepG9gz_vspL3Tt_bABli-SCpaqhrkAZZcbFYXHIOfx47gqwd4EN4FfWQFSk5vHldHj7poFmrgJZo8nZaScsEblWMRXvl_CCOoQ0fkDSmf7-4LjzkJvg9gnjaoqLhpEz4juR7amnuhQSPGmoakQoGTSneJaLXtwyRGJ1iDpUp0btPgq0wDOCsG_ZSqjw3grR8Db9QIAeGwdA_Ya0g9hg0tHnJDJbPYFBFN0QvVUSH1qiQeNPVyk5CMpa1EmJZCYg&icons=HiZHXxhmVqBa8rjVk4brpVfiFD39vzUU0F-BcQsr9N4GN2e5r-YJsPOx_7nP1NOyjj85crck6S1MPv5hQbGHOsJSgIZM0dNpqa4F8mabG-HCZmtK7naK8zEfWny0L8tatNr21sn_BJlKQKv8b6HGLKNmMWKv2kwjxzOelLA1IN8QRDXB0KmgMBAqNefeOOgS9zQ5Z2gzoqgtPudLSAbDvrg7ne9J03CQi_MUKsNypgpFJWwsSrQMOAL7dve4kZLN7o-cCkBdi-UAehEjtwBUQIj60kUOKNZmsgmsZjONHAMGM94ivYapGyWyUS3UXFc_8334jXtr28SlZEfdNQGXk4QBKmhmR6uN3zTImPsJn7g2XSm6mHVulRYeP0XjTu6k-XCzmCwCvCdPhpLYSd8b8ykEjLsqK-GL-XjXocQDYzncfpHkijzHhqvwhXVfJbAAZvqhSWo1xYlnR4TNQp0JO0aBuOYQMTOuO1KP97lnc72vObRjSEDHfCRtvSaX4Anj78Vr4WVW17zPmY7vp1t3cQDGKNjIA3gOFRbTxzus-PXTYaq_ImayguPSu9h6VnhWlf4n4RwsKLswZGVVlmfTaBWZbJT99VK4OUN25lQZDkuGO9RedUGoTh--AD7gmRMPGGAowPZT-DfsTiJz59jU4tvpu3AzFpYLYyBUNTJvsvzAORKqJzuX39Eg-A5bHB0_5UOmwSBxfNiS7z21yaBlunjpxY_HMEZH28LiAd_JKQH1aL9Jd2VHyTHkiobe1d-Jewdsy6A_0JPoqUX-O5EreSSQf2G5dIOi8azrbweriOSs02UEn81fzg&ext_cid=8049&px_id=80418776&min_cpm=0.010103622100969897&out_id=0&campaign_type=hq&aid=3755&cid=17498&uniq=&mid=4306467925999910569&skin_id=2&vertical_id=14&skin_test=0&from_cache=0&ecpm=0.14782740883575116&cpm=0&verify_hash=5e6178d140e87039cecc432fd3affee5&is_native=1&real_bid=0.038190000057220196&original_bid_usd=0.06&original_bid=0.06&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,14,93&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dkj7ugv%26c%3DoOIWT4j2DE3VKUxulxeMML6RB_qNPv-wnIICSKhToBcIbS4Cwm4Ma3t-Lev98QepCKL96e-xOLKi3qlKjupf6r0LIO5BDhAQw6kDMq8UwvSGvpZ4WvX5DP7UR3g-E6J1jCiTfsVdCejnhYef6admSosocZvqnzV3VGxZm582FWumkSxicgeLAkppbyb8j35lzGGsLUS2qm2QAWY6CjI-Ny0zDOHwDvaGjKh_PqGc9lapMvK_ABlYnwwpOPP46yxSpr_CEG_ngKQEE3SKMfloa7yEyFeRDAs8BeZnA3xCXVFLkQcBfcEYb4Nx5JWlD3uIw5R9lzdyo5I9-fUwXrtFhRVfLn-jAu0C3AYgXof1YcUS6JKQjXeQubZS85RWDRXoqoZPxqeVs2HIoABnSxNXuI8LRgZ77bK_znPDm9dxQeF-VfjqlbPzL_EExIjld3s8LBlaQow43HNjZjz-PQNMBYi5hJtlgaB4OiE8KPw2MrLnuYuYyNIzc1dx0NofQGxDldyjKw&site=native-push-adult&price=0.06&hostname=auc-inpage-hz-7-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00006&ext_campaign_id_str=8049&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.02&cpa=f2bbf5dd-5788-4345-9187-9a240d0cb8ac&prev_step_diff=894 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/25d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fd%2FZJfbK6wKidD&refdom=poop.com.co&auction_time=1714808609&subid=388464194&sid=2234682930&tcid=0&ver=7.282.0-b&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=63.961633525804245&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fd%252FZJfbK6wKidD%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=14810&crtid=a572bc31f2fd1dfeb5c4c900296aff64&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpush%2Fc%3Fauth%3Dkj7ugv%26c%3DlMcWCXAdnGdiQsEE1oDuD4cOYlvNzOj70IlVt1fV5Un0rokKILRvfoqGpttKYeZLKk5IuSvoIprW2hDLeIWLezzne3WVicpdl-AG53F402h_-q1MkEeZ6bQro7i98_9a21bIPHftWyludov6uwg6CRhO5SNBwr1wh8uWbHpglDney-GcAE5jVlvt-e_rbo5OF8buUTGiLTT3X5rxyCIHwG5SAaSb8MJSv8mMxkswTAdVucxAgVyxrUwQ6AmQN-XXpYGtlAZlUJQsn5-CBvIxyzQdi4lv3_bvJJGt5MrYvsAmyucKLJ8u1WT50W8BEBN-zKbeT2dlBG5FepG9gz_vspL3Tt_bABli-SCpaqhrkAZZcbFYXHIOfx47gqwd4EN4FfWQFSk5vHldHj7poFmrgJZo8nZaScsEblWMRXvl_CCOoQ0fkDSmf7-4LjzkJvg9gnjaoqLhpEz4juR7amnuhQSPGmoakQoGTSneJaLXtwyRGJ1iDpUp0btPgq0wDOCsG_ZSqjw3grR8Db9QIAeGwdA_Ya0g9hg0tHnJDJbPYFBFN0QvVUSH1qiQeNPVyk5CMpa1EmJZCYg&icons=HiZHXxhmVqBa8rjVk4brpVfiFD39vzUU0F-BcQsr9N4GN2e5r-YJsPOx_7nP1NOyjj85crck6S1MPv5hQbGHOsJSgIZM0dNpqa4F8mabG-HCZmtK7naK8zEfWny0L8tatNr21sn_BJlKQKv8b6HGLKNmMWKv2kwjxzOelLA1IN8QRDXB0KmgMBAqNefeOOgS9zQ5Z2gzoqgtPudLSAbDvrg7ne9J03CQi_MUKsNypgpFJWwsSrQMOAL7dve4kZLN7o-cCkBdi-UAehEjtwBUQIj60kUOKNZmsgmsZjONHAMGM94ivYapGyWyUS3UXFc_8334jXtr28SlZEfdNQGXk4QBKmhmR6uN3zTImPsJn7g2XSm6mHVulRYeP0XjTu6k-XCzmCwCvCdPhpLYSd8b8ykEjLsqK-GL-XjXocQDYzncfpHkijzHhqvwhXVfJbAAZvqhSWo1xYlnR4TNQp0JO0aBuOYQMTOuO1KP97lnc72vObRjSEDHfCRtvSaX4Anj78Vr4WVW17zPmY7vp1t3cQDGKNjIA3gOFRbTxzus-PXTYaq_ImayguPSu9h6VnhWlf4n4RwsKLswZGVVlmfTaBWZbJT99VK4OUN25lQZDkuGO9RedUGoTh--AD7gmRMPGGAowPZT-DfsTiJz59jU4tvpu3AzFpYLYyBUNTJvsvzAORKqJzuX39Eg-A5bHB0_5UOmwSBxfNiS7z21yaBlunjpxY_HMEZH28LiAd_JKQH1aL9Jd2VHyTHkiobe1d-Jewdsy6A_0JPoqUX-O5EreSSQf2G5dIOi8azrbweriOSs02UEn81fzg&ext_cid=8049&px_id=80418776&min_cpm=0.010103622100969897&out_id=0&campaign_type=hq&aid=3755&cid=17498&uniq=&mid=4306467925999910569&skin_id=2&vertical_id=14&skin_test=0&from_cache=0&ecpm=0.14782740883575116&cpm=0&verify_hash=5e6178d140e87039cecc432fd3affee5&is_native=1&real_bid=0.038190000057220196&original_bid_usd=0.06&original_bid=0.06&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,14,93&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dkj7ugv%26c%3DoOIWT4j2DE3VKUxulxeMML6RB_qNPv-wnIICSKhToBcIbS4Cwm4Ma3t-Lev98QepCKL96e-xOLKi3qlKjupf6r0LIO5BDhAQw6kDMq8UwvSGvpZ4WvX5DP7UR3g-E6J1jCiTfsVdCejnhYef6admSosocZvqnzV3VGxZm582FWumkSxicgeLAkppbyb8j35lzGGsLUS2qm2QAWY6CjI-Ny0zDOHwDvaGjKh_PqGc9lapMvK_ABlYnwwpOPP46yxSpr_CEG_ngKQEE3SKMfloa7yEyFeRDAs8BeZnA3xCXVFLkQcBfcEYb4Nx5JWlD3uIw5R9lzdyo5I9-fUwXrtFhRVfLn-jAu0C3AYgXof1YcUS6JKQjXeQubZS85RWDRXoqoZPxqeVs2HIoABnSxNXuI8LRgZ77bK_znPDm9dxQeF-VfjqlbPzL_EExIjld3s8LBlaQow43HNjZjz-PQNMBYi5hJtlgaB4OiE8KPw2MrLnuYuYyNIzc1dx0NofQGxDldyjKw&site=native-push-adult&price=0.06&hostname=auc-inpage-hz-7-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00006&ext_campaign_id_str=8049&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.02&cpa=f2bbf5dd-5788-4345-9187-9a240d0cb8ac&prev_step_diff=894 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subject2ac4fce9b8.com Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1 ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=b&site_id=31418776&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.com.co%2Fd%2FZJfbK6wKidD&refdom=poop.com.co&auction_time=1714808609&subid=388464194&sid=2234682930&tcid=0&ver=7.282.0-b&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=63.961633525804245&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.com.co%252Fd%252FZJfbK6wKidD%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=14810&crtid=a572bc31f2fd1dfeb5c4c900296aff64&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpush%2Fc%3Fauth%3Dkj7ugv%26c%3DlMcWCXAdnGdiQsEE1oDuD4cOYlvNzOj70IlVt1fV5Un0rokKILRvfoqGpttKYeZLKk5IuSvoIprW2hDLeIWLezzne3WVicpdl-AG53F402h_-q1MkEeZ6bQro7i98_9a21bIPHftWyludov6uwg6CRhO5SNBwr1wh8uWbHpglDney-GcAE5jVlvt-e_rbo5OF8buUTGiLTT3X5rxyCIHwG5SAaSb8MJSv8mMxkswTAdVucxAgVyxrUwQ6AmQN-XXpYGtlAZlUJQsn5-CBvIxyzQdi4lv3_bvJJGt5MrYvsAmyucKLJ8u1WT50W8BEBN-zKbeT2dlBG5FepG9gz_vspL3Tt_bABli-SCpaqhrkAZZcbFYXHIOfx47gqwd4EN4FfWQFSk5vHldHj7poFmrgJZo8nZaScsEblWMRXvl_CCOoQ0fkDSmf7-4LjzkJvg9gnjaoqLhpEz4juR7amnuhQSPGmoakQoGTSneJaLXtwyRGJ1iDpUp0btPgq0wDOCsG_ZSqjw3grR8Db9QIAeGwdA_Ya0g9hg0tHnJDJbPYFBFN0QvVUSH1qiQeNPVyk5CMpa1EmJZCYg&icons=HiZHXxhmVqBa8rjVk4brpVfiFD39vzUU0F-BcQsr9N4GN2e5r-YJsPOx_7nP1NOyjj85crck6S1MPv5hQbGHOsJSgIZM0dNpqa4F8mabG-HCZmtK7naK8zEfWny0L8tatNr21sn_BJlKQKv8b6HGLKNmMWKv2kwjxzOelLA1IN8QRDXB0KmgMBAqNefeOOgS9zQ5Z2gzoqgtPudLSAbDvrg7ne9J03CQi_MUKsNypgpFJWwsSrQMOAL7dve4kZLN7o-cCkBdi-UAehEjtwBUQIj60kUOKNZmsgmsZjONHAMGM94ivYapGyWyUS3UXFc_8334jXtr28SlZEfdNQGXk4QBKmhmR6uN3zTImPsJn7g2XSm6mHVulRYeP0XjTu6k-XCzmCwCvCdPhpLYSd8b8ykEjLsqK-GL-XjXocQDYzncfpHkijzHhqvwhXVfJbAAZvqhSWo1xYlnR4TNQp0JO0aBuOYQMTOuO1KP97lnc72vObRjSEDHfCRtvSaX4Anj78Vr4WVW17zPmY7vp1t3cQDGKNjIA3gOFRbTxzus-PXTYaq_ImayguPSu9h6VnhWlf4n4RwsKLswZGVVlmfTaBWZbJT99VK4OUN25lQZDkuGO9RedUGoTh--AD7gmRMPGGAowPZT-DfsTiJz59jU4tvpu3AzFpYLYyBUNTJvsvzAORKqJzuX39Eg-A5bHB0_5UOmwSBxfNiS7z21yaBlunjpxY_HMEZH28LiAd_JKQH1aL9Jd2VHyTHkiobe1d-Jewdsy6A_0JPoqUX-O5EreSSQf2G5dIOi8azrbweriOSs02UEn81fzg&ext_cid=8049&px_id=80418776&min_cpm=0.010103622100969897&out_id=0&campaign_type=hq&aid=3755&cid=17498&uniq=&mid=4306467925999910569&skin_id=2&vertical_id=14&skin_test=0&from_cache=0&ecpm=0.14782740883575116&cpm=0&verify_hash=5e6178d140e87039cecc432fd3affee5&is_native=1&real_bid=0.038190000057220196&original_bid_usd=0.06&original_bid=0.06&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,14,93&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dkj7ugv%26c%3DoOIWT4j2DE3VKUxulxeMML6RB_qNPv-wnIICSKhToBcIbS4Cwm4Ma3t-Lev98QepCKL96e-xOLKi3qlKjupf6r0LIO5BDhAQw6kDMq8UwvSGvpZ4WvX5DP7UR3g-E6J1jCiTfsVdCejnhYef6admSosocZvqnzV3VGxZm582FWumkSxicgeLAkppbyb8j35lzGGsLUS2qm2QAWY6CjI-Ny0zDOHwDvaGjKh_PqGc9lapMvK_ABlYnwwpOPP46yxSpr_CEG_ngKQEE3SKMfloa7yEyFeRDAs8BeZnA3xCXVFLkQcBfcEYb4Nx5JWlD3uIw5R9lzdyo5I9-fUwXrtFhRVfLn-jAu0C3AYgXof1YcUS6JKQjXeQubZS85RWDRXoqoZPxqeVs2HIoABnSxNXuI8LRgZ77bK_znPDm9dxQeF-VfjqlbPzL_EExIjld3s8LBlaQow43HNjZjz-PQNMBYi5hJtlgaB4OiE8KPw2MrLnuYuYyNIzc1dx0NofQGxDldyjKw&site=native-push-adult&price=0.06&hostname=auc-inpage-hz-7-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00006&ext_campaign_id_str=8049&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.02&cpa=f2bbf5dd-5788-4345-9187-9a240d0cb8ac&prev_step_diff=894 HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 07:43:29 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fikedaquabib.com/rotaInGRWQGA24/64343 | 23.109.170.67 | 200 OK | 20 B |
URL GET HTTP/1.1fikedaquabib.com/rotaInGRWQGA24/64343 IP23.109.170.67:443
Requested byhttps://metrolagu.cam/watch?v=5cy3vDjTfFY CertificateIssuerLet's Encrypt Subjectfikedaquabib.com FingerprintB2:55:98:8B:5C:B3:05:1D:91:A5:02:43:2D:0B:18:86:4D:1E:E9:38 ValidityThu, 28 Mar 2024 23:27:44 GMT - Wed, 26 Jun 2024 23:27:43 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotaInGRWQGA24/64343 HTTP/1.1
Host: fikedaquabib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metrolagu.cam/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 07:43:29 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://metrolagu.cam
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sun, 05-May-2024 07:43:29 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 05-May-2024 07:43:29 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| track-eu.trackingtraffo.com/push/ic?auth=kj7ugv&c=6HKFrddo6aeTVKEPsOcfdX4t701hwitjO-Hp8W5itxPax-giU10Yj7NF2ZF2LoSy2_9IQmDRjNoFRtbdaLQVnu6-S8zm0h6gzBVlkl7mzwpuGmEQDxjuE844IlOq-W5kEcPqwfrWgJN03fUUmEbN1uAzpsTdSDs1q5cIAdfBY_S8zU-pH8p2cyqK08PUEEnnGDzDXFiDU57w_VhmrjfovWYxrS0GF0UcWBMmMY9RV0IGGQyD5S1d2G7JHRFZXjzEA9GwdpNeke-HZfby7HALiCSnlapFjDBCeXt2_nIuMQ_N4WcoYKV6iTZNr64HSfLKjhRMO_Kr4gsvAOFI2E5r9YhJOsLUzRpoROndP80E0Ef9kd6xwma3X4NJosei2JoZQ5bgy5q6wc6yFmWVKllmntTx1hBwWT1qIEqE1Cw5eTiQj8rrTqBH5zFXgFhKbma4fX9Xu1IC7hu737wyjZ6Cn_9nYDtpMzwhAUPnRnLjZlew9lUddjuYJySU_MCEQybQBknP2w&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.02&cpa=c2c28176-371b-4ddb-b7b3-38d0e14f94e3&prev_step_diff=894 | 162.55.236.100 | 302 Found | 0 B |
URL GET HTTP/1.1track-eu.trackingtraffo.com/push/ic?auth=kj7ugv&c=6HKFrddo6aeTVKEPsOcfdX4t701hwitjO-Hp8W5itxPax-giU10Yj7NF2ZF2LoSy2_9IQmDRjNoFRtbdaLQVnu6-S8zm0h6gzBVlkl7mzwpuGmEQDxjuE844IlOq-W5kEcPqwfrWgJN03fUUmEbN1uAzpsTdSDs1q5cIAdfBY_S8zU-pH8p2cyqK08PUEEnnGDzDXFiDU57w_VhmrjfovWYxrS0GF0UcWBMmMY9RV0IGGQyD5S1d2G7JHRFZXjzEA9GwdpNeke-HZfby7HALiCSnlapFjDBCeXt2_nIuMQ_N4WcoYKV6iTZNr64HSfLKjhRMO_Kr4gsvAOFI2E5r9YhJOsLUzRpoROndP80E0Ef9kd6xwma3X4NJosei2JoZQ5bgy5q6wc6yFmWVKllmntTx1hBwWT1qIEqE1Cw5eTiQj8rrTqBH5zFXgFhKbma4fX9Xu1IC7hu737wyjZ6Cn_9nYDtpMzwhAUPnRnLjZlew9lUddjuYJySU_MCEQybQBknP2w&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.02&cpa=c2c28176-371b-4ddb-b7b3-38d0e14f94e3&prev_step_diff=894 IP162.55.236.100:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push/ic?auth=kj7ugv&c=6HKFrddo6aeTVKEPsOcfdX4t701hwitjO-Hp8W5itxPax-giU10Yj7NF2ZF2LoSy2_9IQmDRjNoFRtbdaLQVnu6-S8zm0h6gzBVlkl7mzwpuGmEQDxjuE844IlOq-W5kEcPqwfrWgJN03fUUmEbN1uAzpsTdSDs1q5cIAdfBY_S8zU-pH8p2cyqK08PUEEnnGDzDXFiDU57w_VhmrjfovWYxrS0GF0UcWBMmMY9RV0IGGQyD5S1d2G7JHRFZXjzEA9GwdpNeke-HZfby7HALiCSnlapFjDBCeXt2_nIuMQ_N4WcoYKV6iTZNr64HSfLKjhRMO_Kr4gsvAOFI2E5r9YhJOsLUzRpoROndP80E0Ef9kd6xwma3X4NJosei2JoZQ5bgy5q6wc6yFmWVKllmntTx1hBwWT1qIEqE1Cw5eTiQj8rrTqBH5zFXgFhKbma4fX9Xu1IC7hu737wyjZ6Cn_9nYDtpMzwhAUPnRnLjZlew9lUddjuYJySU_MCEQybQBknP2w&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.02&cpa=c2c28176-371b-4ddb-b7b3-38d0e14f94e3&prev_step_diff=894 HTTP/1.1
Host: track-eu.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 07:43:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626216048-WUdpbOag0v2j.jpg
|
|
| track-eu.trackingtraffo.com/push/im?auth=kj7ugv&c=oOIWT4j2DE3VKUxulxeMML6RB_qNPv-wnIICSKhToBcIbS4Cwm4Ma3t-Lev98QepCKL96e-xOLKi3qlKjupf6r0LIO5BDhAQw6kDMq8UwvSGvpZ4WvX5DP7UR3g-E6J1jCiTfsVdCejnhYef6admSosocZvqnzV3VGxZm582FWumkSxicgeLAkppbyb8j35lzGGsLUS2qm2QAWY6CjI-Ny0zDOHwDvaGjKh_PqGc9lapMvK_ABlYnwwpOPP46yxSpr_CEG_ngKQEE3SKMfloa7yEyFeRDAs8BeZnA3xCXVFLkQcBfcEYb4Nx5JWlD3uIw5R9lzdyo5I9-fUwXrtFhRVfLn-jAu0C3AYgXof1YcUS6JKQjXeQubZS85RWDRXoqoZPxqeVs2HIoABnSxNXuI8LRgZ77bK_znPDm9dxQeF-VfjqlbPzL_EExIjld3s8LBlaQow43HNjZjz-PQNMBYi5hJtlgaB4OiE8KPw2MrLnuYuYyNIzc1dx0NofQGxDldyjKw | 162.55.236.100 | 302 Found | 0 B |
URL GET HTTP/1.1track-eu.trackingtraffo.com/push/im?auth=kj7ugv&c=oOIWT4j2DE3VKUxulxeMML6RB_qNPv-wnIICSKhToBcIbS4Cwm4Ma3t-Lev98QepCKL96e-xOLKi3qlKjupf6r0LIO5BDhAQw6kDMq8UwvSGvpZ4WvX5DP7UR3g-E6J1jCiTfsVdCejnhYef6admSosocZvqnzV3VGxZm582FWumkSxicgeLAkppbyb8j35lzGGsLUS2qm2QAWY6CjI-Ny0zDOHwDvaGjKh_PqGc9lapMvK_ABlYnwwpOPP46yxSpr_CEG_ngKQEE3SKMfloa7yEyFeRDAs8BeZnA3xCXVFLkQcBfcEYb4Nx5JWlD3uIw5R9lzdyo5I9-fUwXrtFhRVfLn-jAu0C3AYgXof1YcUS6JKQjXeQubZS85RWDRXoqoZPxqeVs2HIoABnSxNXuI8LRgZ77bK_znPDm9dxQeF-VfjqlbPzL_EExIjld3s8LBlaQow43HNjZjz-PQNMBYi5hJtlgaB4OiE8KPw2MrLnuYuYyNIzc1dx0NofQGxDldyjKw IP162.55.236.100:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push/im?auth=kj7ugv&c=oOIWT4j2DE3VKUxulxeMML6RB_qNPv-wnIICSKhToBcIbS4Cwm4Ma3t-Lev98QepCKL96e-xOLKi3qlKjupf6r0LIO5BDhAQw6kDMq8UwvSGvpZ4WvX5DP7UR3g-E6J1jCiTfsVdCejnhYef6admSosocZvqnzV3VGxZm582FWumkSxicgeLAkppbyb8j35lzGGsLUS2qm2QAWY6CjI-Ny0zDOHwDvaGjKh_PqGc9lapMvK_ABlYnwwpOPP46yxSpr_CEG_ngKQEE3SKMfloa7yEyFeRDAs8BeZnA3xCXVFLkQcBfcEYb4Nx5JWlD3uIw5R9lzdyo5I9-fUwXrtFhRVfLn-jAu0C3AYgXof1YcUS6JKQjXeQubZS85RWDRXoqoZPxqeVs2HIoABnSxNXuI8LRgZ77bK_znPDm9dxQeF-VfjqlbPzL_EExIjld3s8LBlaQow43HNjZjz-PQNMBYi5hJtlgaB4OiE8KPw2MrLnuYuYyNIzc1dx0NofQGxDldyjKw HTTP/1.1
Host: track-eu.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 07:43:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626216054-ILZ1XSVj99bv.jpg
|
|
| track.trackingtraffo.com/push/im?auth=nmxuw8&c=ojwUDAak9_Ki2pEIFIQJKdIZCzkoDArbYUh6lr5a9YV9Xl2cnUqBRnZqQDxPOJ7gsf6gP-qWXJrlStBchZILmyul5NVIVQPtPyAfLD1VtpXuA5oI_zJHmmw-odk-g91zf2kyuHiZGwICgmqjEC_c86rioHNXQ8xxiez6oyBARpXA70yAlD6rnzDXByci6QFY5u1ZzS8rd_ana5QrEhtCh7PfUrDwSqkLuvxUyNMwt0uFbJL_5rkeHqbZoWIf0YwDusdvFMnNVMPvnvIHypIXm4HcO3xwkR0WntXZwRb2UcPG7IWJtA5JBYSisH_bSoBo-pqgaNu7X0y3K4W0XttrcGKPksWHMlK9JFuXcSRPTIjDxqCjRi8n5o2Mmv1Nfi0DmXFfVSi5xpDK-ubeyIyEekZ23cQf5CKkErmpoNTCUE55U-RnkzE3gX-f74Iq994pGNTRrcBEs6yCdBXre4Na32mD2e3IHbtNUmITr-dpwuzVyayRYOXHLbZZaX-43BgalwW6NZPvaiDhyWv_-_jnucmngJ6ERNgS | 88.214.195.153 | 302 Found | 0 B |
URL GET HTTP/1.1track.trackingtraffo.com/push/im?auth=nmxuw8&c=ojwUDAak9_Ki2pEIFIQJKdIZCzkoDArbYUh6lr5a9YV9Xl2cnUqBRnZqQDxPOJ7gsf6gP-qWXJrlStBchZILmyul5NVIVQPtPyAfLD1VtpXuA5oI_zJHmmw-odk-g91zf2kyuHiZGwICgmqjEC_c86rioHNXQ8xxiez6oyBARpXA70yAlD6rnzDXByci6QFY5u1ZzS8rd_ana5QrEhtCh7PfUrDwSqkLuvxUyNMwt0uFbJL_5rkeHqbZoWIf0YwDusdvFMnNVMPvnvIHypIXm4HcO3xwkR0WntXZwRb2UcPG7IWJtA5JBYSisH_bSoBo-pqgaNu7X0y3K4W0XttrcGKPksWHMlK9JFuXcSRPTIjDxqCjRi8n5o2Mmv1Nfi0DmXFfVSi5xpDK-ubeyIyEekZ23cQf5CKkErmpoNTCUE55U-RnkzE3gX-f74Iq994pGNTRrcBEs6yCdBXre4Na32mD2e3IHbtNUmITr-dpwuzVyayRYOXHLbZZaX-43BgalwW6NZPvaiDhyWv_-_jnucmngJ6ERNgS IP88.214.195.153:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push/im?auth=nmxuw8&c=ojwUDAak9_Ki2pEIFIQJKdIZCzkoDArbYUh6lr5a9YV9Xl2cnUqBRnZqQDxPOJ7gsf6gP-qWXJrlStBchZILmyul5NVIVQPtPyAfLD1VtpXuA5oI_zJHmmw-odk-g91zf2kyuHiZGwICgmqjEC_c86rioHNXQ8xxiez6oyBARpXA70yAlD6rnzDXByci6QFY5u1ZzS8rd_ana5QrEhtCh7PfUrDwSqkLuvxUyNMwt0uFbJL_5rkeHqbZoWIf0YwDusdvFMnNVMPvnvIHypIXm4HcO3xwkR0WntXZwRb2UcPG7IWJtA5JBYSisH_bSoBo-pqgaNu7X0y3K4W0XttrcGKPksWHMlK9JFuXcSRPTIjDxqCjRi8n5o2Mmv1Nfi0DmXFfVSi5xpDK-ubeyIyEekZ23cQf5CKkErmpoNTCUE55U-RnkzE3gX-f74Iq994pGNTRrcBEs6yCdBXre4Na32mD2e3IHbtNUmITr-dpwuzVyayRYOXHLbZZaX-43BgalwW6NZPvaiDhyWv_-_jnucmngJ6ERNgS HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 07:43:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1690290945756-YCg8UX9vIUUt.jpg
|
|
| track.trackingtraffo.com/push/ic?auth=nmxuw8&c=5FecxP7mRJdT4wh0jRRqZoONda61OXW_TE8bwy3CwVi8WeAbn4C_mypOw12kcNHGa7-3eZMUfv7JIswo7-PsbZ4LOKHSMmqg6OiFAajrET2xy_drR0CBxTFILATrovHRu96Rz0Lj4TaUHhVx8Vl9tWip77FUGO_cDlGOapRq3xAVkvB1nxpg0TPHc7bo1na0KzbCUqtACfi-OV8R4zH5zEi8yMp9G1Mj2ppOQKmkv-vLvAPj0Z2RsYRiYYrYPrPJcB654SqlarJOpkZLHRBNGcOFQR8cDFVOKnLoFPma_AFllSPIMRhhRhyyH4oGr3DA5ELV_JJNCJJFyhf13aKasLzV2wqNHBexYSOG-AEsuYxp5BUBK70qDxXgPlH54O5Y3kL27xdc4l0MnNIGoQKLO1qWA80td8MIQo04xvShvT7Zs56guzPLttU-45ASjvHQu8Nwc-rRBMlDg9l66yssiqZLOZXnlWsst4xDwbz4tKVYoFYvFnl_c4CXg4ZmG5yz8p8OfelchGck5H8idr0jvTJBa16t_GIF&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.02&cpa=080a1afb-c8a5-4da0-9bb3-661205e4af0e&prev_step_diff=776 | 88.214.195.153 | 302 Found | 0 B |
URL GET HTTP/1.1track.trackingtraffo.com/push/ic?auth=nmxuw8&c=5FecxP7mRJdT4wh0jRRqZoONda61OXW_TE8bwy3CwVi8WeAbn4C_mypOw12kcNHGa7-3eZMUfv7JIswo7-PsbZ4LOKHSMmqg6OiFAajrET2xy_drR0CBxTFILATrovHRu96Rz0Lj4TaUHhVx8Vl9tWip77FUGO_cDlGOapRq3xAVkvB1nxpg0TPHc7bo1na0KzbCUqtACfi-OV8R4zH5zEi8yMp9G1Mj2ppOQKmkv-vLvAPj0Z2RsYRiYYrYPrPJcB654SqlarJOpkZLHRBNGcOFQR8cDFVOKnLoFPma_AFllSPIMRhhRhyyH4oGr3DA5ELV_JJNCJJFyhf13aKasLzV2wqNHBexYSOG-AEsuYxp5BUBK70qDxXgPlH54O5Y3kL27xdc4l0MnNIGoQKLO1qWA80td8MIQo04xvShvT7Zs56guzPLttU-45ASjvHQu8Nwc-rRBMlDg9l66yssiqZLOZXnlWsst4xDwbz4tKVYoFYvFnl_c4CXg4ZmG5yz8p8OfelchGck5H8idr0jvTJBa16t_GIF&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.02&cpa=080a1afb-c8a5-4da0-9bb3-661205e4af0e&prev_step_diff=776 IP88.214.195.153:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push/ic?auth=nmxuw8&c=5FecxP7mRJdT4wh0jRRqZoONda61OXW_TE8bwy3CwVi8WeAbn4C_mypOw12kcNHGa7-3eZMUfv7JIswo7-PsbZ4LOKHSMmqg6OiFAajrET2xy_drR0CBxTFILATrovHRu96Rz0Lj4TaUHhVx8Vl9tWip77FUGO_cDlGOapRq3xAVkvB1nxpg0TPHc7bo1na0KzbCUqtACfi-OV8R4zH5zEi8yMp9G1Mj2ppOQKmkv-vLvAPj0Z2RsYRiYYrYPrPJcB654SqlarJOpkZLHRBNGcOFQR8cDFVOKnLoFPma_AFllSPIMRhhRhyyH4oGr3DA5ELV_JJNCJJFyhf13aKasLzV2wqNHBexYSOG-AEsuYxp5BUBK70qDxXgPlH54O5Y3kL27xdc4l0MnNIGoQKLO1qWA80td8MIQo04xvShvT7Zs56guzPLttU-45ASjvHQu8Nwc-rRBMlDg9l66yssiqZLOZXnlWsst4xDwbz4tKVYoFYvFnl_c4CXg4ZmG5yz8p8OfelchGck5H8idr0jvTJBa16t_GIF&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.02&cpa=080a1afb-c8a5-4da0-9bb3-661205e4af0e&prev_step_diff=776 HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 07:43:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1690290945748-o6RckgJ5EO4k.jpg
|
|
| ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626216048-WUdpbOag0v2j.jpg | 5.9.105.245 | 200 OK | 52 kB |
URL GET HTTP/1.1ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626216048-WUdpbOag0v2j.jpg IP5.9.105.245:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 192x192, components 3 Hash003174e6967f9984303a725a602c7d42 fdc90582a92057983f4dd1ef67702315c2adfd54 91ea120998252cd1799bc319c60ab14cabe216aeaf78ede0f2f0df0ae00f85a9
GET /creatives/k1qy286gxmd5g3dpr397nw5v/1714626216048-WUdpbOag0v2j.jpg HTTP/1.1
Host: ads.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 07:43:30 GMT
Content-Type: image/jpeg
Content-Length: 51898
Last-Modified: Thu, 02 May 2024 05:03:36 GMT
Connection: keep-alive
ETag: "66331ea8-caba"
Accept-Ranges: bytes
|
|
| ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626216054-ILZ1XSVj99bv.jpg | 5.9.105.245 | 200 OK | 110 kB |
URL GET HTTP/1.1ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626216054-ILZ1XSVj99bv.jpg IP5.9.105.245:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 360x240, components 3 Size110 kB (109703 bytes) Hashc255b146f61b12db36bb9056d4078f02 d116a7f76d818a0c71a2bc697791e0f364f2950d 36dd8f91f680ce0148ecbcaaaa6b4e3114741a50d23eb4ef45fe68b463fce777
GET /creatives/k1qy286gxmd5g3dpr397nw5v/1714626216054-ILZ1XSVj99bv.jpg HTTP/1.1
Host: ads.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 07:43:30 GMT
Content-Type: image/jpeg
Content-Length: 109703
Last-Modified: Thu, 02 May 2024 05:03:36 GMT
Connection: keep-alive
ETag: "66331ea8-1ac87"
Accept-Ranges: bytes
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 4.0 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashf2ab53f5fa7de563f608f0d88b5b1e46 765f3f38f02999402174687403031fdf69ddcc9d 4b725e4e3a3474c94986dafecb663c366ffa2f3f6f88087f71273cdac393d009
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poop.com.co/
Content-Type: text/plain;charset=UTF-8
Content-Length: 953
Origin: https://poop.com.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Sat, 04 May 2024 07:43:30 GMT
content-type: application/json
content-length: 3978
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1690290945748-o6RckgJ5EO4k.jpg | 5.9.105.245 | 200 OK | 75 kB |
URL GET HTTP/1.1ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1690290945748-o6RckgJ5EO4k.jpg IP5.9.105.245:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 192x192, components 3 Hash3e3f185c543128d388a56ba3c9dac0ac 7f44cd873ac730ecdf10dca679a148c9e710b4a3 0851b1995a2a22c2e22c0ad795bc6c019e2aadb857d3be25596e3573090da181
GET /creatives/k1qy286gxmd5g3dpr397nw5v/1690290945748-o6RckgJ5EO4k.jpg HTTP/1.1
Host: ads.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 07:43:30 GMT
Content-Type: image/jpeg
Content-Length: 74584
Last-Modified: Tue, 25 Jul 2023 13:15:45 GMT
Connection: keep-alive
ETag: "64bfcb01-12358"
Accept-Ranges: bytes
|
|
| ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1690290945756-YCg8UX9vIUUt.jpg | 5.9.105.245 | 200 OK | 158 kB |
URL GET HTTP/1.1ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1690290945756-YCg8UX9vIUUt.jpg IP5.9.105.245:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 360x240, components 3 Size158 kB (158107 bytes) Hash78e6deb02bef3fb73ed32446035ec703 73d9576df3acfd61c763804da1fc787a3aeea82c 1d3e84cea42cc4755262ff2d444569a1c71ba02848facaeec64a949fbb6c1097
GET /creatives/k1qy286gxmd5g3dpr397nw5v/1690290945756-YCg8UX9vIUUt.jpg HTTP/1.1
Host: ads.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 07:43:30 GMT
Content-Type: image/jpeg
Content-Length: 158107
Last-Modified: Tue, 25 Jul 2023 13:15:45 GMT
Connection: keep-alive
ETag: "64bfcb01-2699b"
Accept-Ranges: bytes
|
|
| da7b22a400.13199960a1.com/22802538876b351854c895125b33cfd1/114039?version_name=b | 45.133.44.53 | 200 OK | 16 kB |
URL GET HTTP/2da7b22a400.13199960a1.com/22802538876b351854c895125b33cfd1/114039?version_name=b IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectda7b22a400.13199960a1.com Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT
Hash6cc93dad33051daa2d50f84c318332c7 1cc1f905277e64104ed71ac9d60d1f15d429bfc7 753d5e545fcacc93bb117a68c1e128b59c4969727fe59a2f4fdabfdb23aa88c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /22802538876b351854c895125b33cfd1/114039?version_name=b HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poop.com.co
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Sat, 04 May 2024 07:48:28 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap | 142.250.74.170 | 200 OK | 8.5 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap IP142.250.74.170:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashce680d953f8e4b366c3a59a5842f1b7a 1ea9c1b432f2664afbd8c7ac1fe34a04831fb2b0 a8c0d7187c59a86a7b8980355982fdf3c330322ddb171651333bf72290432bd5
GET /css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 07:43:27 GMT
date: Sat, 04 May 2024 07:43:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| poop.com.co/theme_2/css/bootstrap.min.css | 188.114.97.1 | 200 OK | 209 kB |
URL GET HTTP/3poop.com.co/theme_2/css/bootstrap.min.css IP188.114.97.1:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectpoop.com.co FingerprintEA:EE:EE:71:08:93:82:E5:DD:72:09:B4:34:3A:43:B8:CC:B7:6D:7F ValidityWed, 10 Apr 2024 13:32:28 GMT - Tue, 09 Jul 2024 13:32:27 GMT
File typeASCII text, with very long lines (625) Size209 kB (208810 bytes) Hash3ad35d9c124d6c7d13f776dde0df9286 1bfc432b338ca01be6b05ab8e87f4a63caa8d82b 10c142c79bbbfe42ce677eedeee70f918de0e759feabc175f423543aee886a6b
GET /theme_2/css/bootstrap.min.css HTTP/1.1
Host: poop.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/d/ZJfbK6wKidD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:27 GMT
content-type: text/css
last-modified: Sun, 08 Oct 2023 02:12:44 GMT
vary: Accept-Encoding
etag: W/"6522101c-32faa"
expires: Sat, 04 May 2024 14:20:54 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 19353
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B67HRaFx4KAxPKsffSo0QzEVzoZJeQTvdd0AVDkzUqgDKz6tm7AuomGZuYWJaSg3AqJubhzVg3rT%2FxWs%2ByyWxL9o7uJbjaWCva%2Bqo2Fz%2FEcxYK2VKcTXG14OJL169Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6dc256f2f0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| metrolagu.cam/jembud/4464694b77364b62664a5a | 188.114.97.1 | 200 OK | 242 B |
URL GET HTTP/3metrolagu.cam/jembud/4464694b77364b62664a5a IP188.114.97.1:443
Requested byhttps://yu2be.com/video?q=bersamamu+jazz CertificateIssuerGoogle Trust Services LLC Subjectmetrolagu.cam Fingerprint2C:DD:F0:B5:15:2E:A1:34:CC:51:79:CB:A4:80:02:39:2A:7B:0F:CD ValiditySun, 14 Apr 2024 04:02:38 GMT - Sat, 13 Jul 2024 04:02:37 GMT
File typeHTML document, ASCII text, with no line terminators Hash8c41c0aeebe20c89c5e8e65112e06472 f2c9e6bc223bccf918cf78f48effb8287cebab1c 16806e382aff8d786df951e9afbe217df0fc9304665a1c740115c25ee09e8b1f
GET /jembud/4464694b77364b62664a5a HTTP/1.1
Host: metrolagu.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yu2be.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dte7b8h57VOTb24oKpZ%2BwUIzzdy0jYTdkhFqMVzik9ersuD%2BwBLUMuwfKyO9tvDzk%2FPeZ9JP54NmhWs%2FyJwKN9DQ0VZ0%2F9PrGYbeovDutOnZpr3UGtEpv7naLvSBqe4N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6dc2e49155695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| yu2be.com/embud/4464694b77364b62664a5a | 188.114.97.1 | 200 OK | 245 B |
URL GET HTTP/2yu2be.com/embud/4464694b77364b62664a5a IP188.114.97.1:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectyu2be.com Fingerprint3C:30:E2:11:42:30:CD:21:F1:06:87:EC:9F:A9:56:40:57:B2:4C:EF ValiditySun, 14 Apr 2024 02:05:14 GMT - Sat, 13 Jul 2024 02:05:13 GMT
File typeHTML document, ASCII text, with no line terminators Hashcf67e9ac1802f55d086eb897714b13d8 6ba4ecafd372735c300b17e4843a51aef9d46346 d6955334842111d4401df0bd31e92f55d6ecbddab1c0dfa1d1a2bb232b246b06
GET /embud/4464694b77364b62664a5a HTTP/1.1
Host: yu2be.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t0rOZJp5oYJqNGo%2FzHl0%2Bu%2FVm4%2F6waesIV5NMoK4ty8%2F7fCTA3VubIJRQXWdb%2BUkvuTZ1NYHTN%2Bf%2F9nhI0Pq3A2NwUazh7wVgsWAIoLzS4RdWH%2F8SP4bjfzj7P8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6dc297b5d7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzz1oshTrquhCGxKjpFIuvSkXpUR6xAYJ3fNpQurBoxfoAvQmwAmBs5ZGESyQWzcYbsVvXgxw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1492337409%3A1714808609301150&theme=mn&ddm=0 | 74.125.131.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzz1oshTrquhCGxKjpFIuvSkXpUR6xAYJ3fNpQurBoxfoAvQmwAmBs5ZGESyQWzcYbsVvXgxw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1492337409%3A1714808609301150&theme=mn&ddm=0 IP74.125.131.84:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzz1oshTrquhCGxKjpFIuvSkXpUR6xAYJ3fNpQurBoxfoAvQmwAmBs5ZGESyQWzcYbsVvXgxw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1492337409%3A1714808609301150&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 07:43:29 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-9w_pUZN7PkfM3yWb61yBSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| mordoops.com/tag.min.js | 139.45.197.244 | 200 OK | 90 kB |
IP139.45.197.244:443
Requested byhttps://yu2be.com/video?q=bersamamu+jazz CertificateIssuerLet's Encrypt Subjectmordoops.com Fingerprint0B:32:D8:40:AB:56:05:9B:BD:33:D8:55:19:05:B0:A5:45:79:BA:1D ValiditySun, 28 Apr 2024 05:23:29 GMT - Sat, 27 Jul 2024 05:23:28 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash6161cd5b16afc637789c8a29da15ed13 04f9e513c05079726b06b2154995c4c5c7c09b08 562a877675f8c3df7e1be8c3b2999127466ca8784a0a556810ec018ab6c86e34
GET /tag.min.js HTTP/1.1
Host: mordoops.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yu2be.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 07:43:29 GMT
content-type: text/javascript; charset=utf-8
content-length: 28333
content-encoding: br
x-trace-id: a23cb027d972513fd3496802a12a9084
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 03 May 2024 05:45:49 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| poop.com.co/theme_2/fonts/avertastd-regular-webfont.woff2 | 188.114.97.1 | 200 OK | 24 kB |
URL GET HTTP/3poop.com.co/theme_2/fonts/avertastd-regular-webfont.woff2 IP188.114.97.1:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectpoop.com.co FingerprintEA:EE:EE:71:08:93:82:E5:DD:72:09:B4:34:3A:43:B8:CC:B7:6D:7F ValidityWed, 10 Apr 2024 13:32:28 GMT - Tue, 09 Jul 2024 13:32:27 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23812, version 1.524 Hasheb586e5a1b86dbf1c866e3ed80f9d18e 280ee78d19c017ab9335f769595e5157d3c4a343 714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
GET /theme_2/fonts/avertastd-regular-webfont.woff2 HTTP/1.1
Host: poop.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/theme_2/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: font/woff2
content-length: 23812
last-modified: Sun, 08 Oct 2023 02:12:44 GMT
etag: "6522101c-5d04"
cache-control: max-age=43200
cf-cache-status: HIT
age: 3194
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MU%2B9MVonv95cZXOGApCIxokQscc%2FT504LU%2FhE%2F0Z0vXvB%2BrT31vDQ81Hf3Ic4izBVD0DXAmNl0kGN4RJBWHAQq4FdMNQ9wj99cZqFXJRQ1XUOp1LxuklBPKOD6YsUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6dc2838e20b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mordoops.com/5/6651943/?oo=1&aab=1 | 139.45.197.244 | 200 OK | 2.9 kB |
URL GET HTTP/2mordoops.com/5/6651943/?oo=1&aab=1 IP139.45.197.244:443
Requested byhttps://yu2be.com/video?q=bersamamu+jazz CertificateIssuerLet's Encrypt Subjectmordoops.com Fingerprint0B:32:D8:40:AB:56:05:9B:BD:33:D8:55:19:05:B0:A5:45:79:BA:1D ValiditySun, 28 Apr 2024 05:23:29 GMT - Sat, 27 Jul 2024 05:23:28 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3094), with no line terminators Hash551749e8206d2ce94612ea9854499696 284de61b537b2bae1e2900ca8086c5833552387b c21bc3df48af03ab0e74dc21926bc1bfb0c430b5a9c9184495bfd87e0b1a3c92
GET /5/6651943/?oo=1&aab=1 HTTP/1.1
Host: mordoops.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yu2be.com
DNT: 1
Connection: keep-alive
Referer: https://yu2be.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 07:43:29 GMT
content-type: application/json
x-trace-id: ae9f4c81997e5e1bdd1b6c2179adcbf7
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://yu2be.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080522c273a495dfa317d524ed77ec3; expires=Sun, 04 May 2025 07:43:29 GMT; path=/; secure; SameSite=None
oaidts=1714808609; expires=Sun, 04 May 2025 07:43:29 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| poop.com.co/theme_2/css/embed2.css | 188.114.97.1 | 200 OK | 2.2 kB |
URL GET HTTP/3poop.com.co/theme_2/css/embed2.css IP188.114.97.1:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectpoop.com.co FingerprintEA:EE:EE:71:08:93:82:E5:DD:72:09:B4:34:3A:43:B8:CC:B7:6D:7F ValidityWed, 10 Apr 2024 13:32:28 GMT - Tue, 09 Jul 2024 13:32:27 GMT
File typeASCII text, with very long lines (2233), with no line terminators Hashf5fb3ee7c6fb0e1251ea82a1e5aebcb2 206571f7be59d12b06d5dde5b031b1a0ef15cb0a fa12669187e8ec4fbfab56c697b86f838717458b831e3784d60ab93b2f6248f3
GET /theme_2/css/embed2.css HTTP/1.1
Host: poop.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/d/ZJfbK6wKidD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:27 GMT
content-type: text/css
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=2267
etag: W/"653c4c47-8db"
expires: Sat, 04 May 2024 17:31:37 GMT
last-modified: Fri, 27 Oct 2023 23:48:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mm%2FzediBxs7E094K23u%2Fi2SBXhdPrwp%2FN6Oo8tNOzRW9%2FX9N1v6bhfW9GN4c78RtKvxkwOUx7gxxpRbPAoQDTZO6bUmh%2F9jokC0LNj4pa%2FMkLonIjug33xUxCwafpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6dc257f340b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=8eb65665-3933-4a36-9e9b-3905af53b67d&prev_step_diff=776 | 45.133.44.24 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=8eb65665-3933-4a36-9e9b-3905af53b67d&prev_step_diff=776 IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=8eb65665-3933-4a36-9e9b-3905af53b67d&prev_step_diff=776 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:29 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sun, 04 May 2025 07:43:29 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js | 45.133.44.53 | 200 OK | 109 kB |
URL GET HTTP/2da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerLet's Encrypt Subjectda7b22a400.13199960a1.com Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT
Size109 kB (109340 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0ae085698cad0960a86703ca969164ab.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poop.com.co
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab1c"
content-encoding: gzip
expires: Sat, 04 May 2024 07:48:28 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| metrolagu.cam/play.svg | 188.114.97.1 | 200 OK | 633 B |
IP188.114.97.1:443
Requested byhttps://metrolagu.cam/watch?v=5cy3vDjTfFY CertificateIssuerGoogle Trust Services LLC Subjectmetrolagu.cam Fingerprint2C:DD:F0:B5:15:2E:A1:34:CC:51:79:CB:A4:80:02:39:2A:7B:0F:CD ValiditySun, 14 Apr 2024 04:02:38 GMT - Sat, 13 Jul 2024 04:02:37 GMT
File typeSVG Scalable Vector Graphics image Hashfa7e52a78c2db6968656093b3b4f6266 d3c582a7ce14bbe3f2e3a486e8e038d7ccbdfc6a 3ba523164e3d24ae32abd260e3728d4418e4720f145e0571acac76c42e81d3cb
GET /play.svg HTTP/1.1
Host: metrolagu.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metrolagu.cam/embed.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:43:29 GMT
content-type: image/svg+xml
last-modified: Thu, 21 Sep 2023 10:51:20 GMT
etag: W/"650c2028-279"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XMEa%2FdCEmCQgjQl0C7FrusCtcoVJLSZtO1hl6pru1thsaCDMkwyb1bMGpALnaATA7YL4nvHacJrmEJms%2FBPfnfD5WvqtBvCM%2FAqk0IPhqJU1mLgrbzfZLdbnUP8I87y0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6dc33cd8c5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| poop.com.co/d/ZJfbK6wKidD | 188.114.97.1 | 200 OK | 14 kB |
URL User Request GET HTTP/2poop.com.co/d/ZJfbK6wKidD IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectpoop.com.co FingerprintEA:EE:EE:71:08:93:82:E5:DD:72:09:B4:34:3A:43:B8:CC:B7:6D:7F ValidityWed, 10 Apr 2024 13:32:28 GMT - Tue, 09 Jul 2024 13:32:27 GMT
File typeHTML document, ASCII text, with very long lines (6446) Hash29afdd279817eae5c1475b726d5ad859 ed445c725bf12888ab5b24ebd13bc4c094b892fd 6e0ae211d630c93732d6f9ffed9f76d1d0ed4338007d58a17f5a93dd91c6cfd3
GET /d/ZJfbK6wKidD HTTP/1.1
Host: poop.com.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=43200
cf-cache-status: HIT
age: 6900
last-modified: Sat, 04 May 2024 05:48:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V4BmFiOEnTfoSvxpbto25K01otfmVMiGWihxiVVYnGSt59%2BOINO90rRv072a9tBNit1Jzp7sLtu1A5%2Bn71U%2FCsnDWzSFi%2F2iwxekR1IWkEyZJPuvR6RECGvcdGK3hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6dc22fc03b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| metrolagu.cam/play.svg | 188.114.97.1 | 200 OK | 633 B |
IP188.114.97.1:443
Requested byhttps://poop.com.co/d/ZJfbK6wKidD CertificateIssuerGoogle Trust Services LLC Subjectmetrolagu.cam Fingerprint2C:DD:F0:B5:15:2E:A1:34:CC:51:79:CB:A4:80:02:39:2A:7B:0F:CD ValiditySun, 14 Apr 2024 04:02:38 GMT - Sat, 13 Jul 2024 04:02:37 GMT
File typeSVG Scalable Vector Graphics image Hashfa7e52a78c2db6968656093b3b4f6266 d3c582a7ce14bbe3f2e3a486e8e038d7ccbdfc6a 3ba523164e3d24ae32abd260e3728d4418e4720f145e0571acac76c42e81d3cb
GET /play.svg HTTP/1.1
Host: metrolagu.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.com.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 07:43:28 GMT
content-type: image/svg+xml
last-modified: Thu, 21 Sep 2023 10:51:20 GMT
etag: W/"650c2028-279"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EaVWZtaLGmxSoLtE%2FGk3BXBvYhc%2Bt6sIN4CUK5Qb7JZDVMUvg%2BRBwFuJ11aYHdONZjNE7yhR%2FNGruzgBh6XBLfboyjANqeX%2BOkIESAV5QTU7qsi2hKOipkqVGeqCWyCT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6dc293b957128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mordoops.com/?rb=dw_Gvn4ipbWwlyqvuno26JgNRNSs2wXzBC5IlDRnmgu6HvFDqAcIBO7T0gQvgNsrk9beqQvltH59PN3BQu5JV6cz4ead4xn9t7LIg65tG2HS2KXzmRziMQGeKXXnxrcyAgBF1_mEHaW6TfYX1r8fLoPAkaC1s6DSY4fW_R1gfKz9V4_N--ru3bkjNCndxr3bLgXXSN511ydxdZGtMPps3QzXmuFiAUAiZqbrUZKO7qy0aBoCkr9iiGk8QP3oPZIEgbifqQ%3D%3D&request_ab2=0&zoneid=6651943&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=-1&wiw=-1&ww=-1&wh=-1&sah=1024&wx=0&wy=0&cw=0&wfc=2&pl=https%3A%2F%2Fyu2be.com%2Fvideo%3Fq%3Dbersamamu%2Bjazz&drf=https%3A%2F%2Fyu2be.com%2Fembud%2F4464694b77364b62664a5a&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=85b1f8cf-f907-4ba2-9fef-29fba26d68c0&wasm=1&userId=0080522c273a495dfa317d524ed77ec3&m=link | 139.45.197.244 | 200 OK | 2.6 kB |
URL GET HTTP/2mordoops.com/?rb=dw_Gvn4ipbWwlyqvuno26JgNRNSs2wXzBC5IlDRnmgu6HvFDqAcIBO7T0gQvgNsrk9beqQvltH59PN3BQu5JV6cz4ead4xn9t7LIg65tG2HS2KXzmRziMQGeKXXnxrcyAgBF1_mEHaW6TfYX1r8fLoPAkaC1s6DSY4fW_R1gfKz9V4_N--ru3bkjNCndxr3bLgXXSN511ydxdZGtMPps3QzXmuFiAUAiZqbrUZKO7qy0aBoCkr9iiGk8QP3oPZIEgbifqQ%3D%3D&request_ab2=0&zoneid=6651943&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=-1&wiw=-1&ww=-1&wh=-1&sah=1024&wx=0&wy=0&cw=0&wfc=2&pl=https%3A%2F%2Fyu2be.com%2Fvideo%3Fq%3Dbersamamu%2Bjazz&drf=https%3A%2F%2Fyu2be.com%2Fembud%2F4464694b77364b62664a5a&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=85b1f8cf-f907-4ba2-9fef-29fba26d68c0&wasm=1&userId=0080522c273a495dfa317d524ed77ec3&m=link IP139.45.197.244:443
Requested byhttps://yu2be.com/video?q=bersamamu+jazz CertificateIssuerLet's Encrypt Subjectmordoops.com Fingerprint0B:32:D8:40:AB:56:05:9B:BD:33:D8:55:19:05:B0:A5:45:79:BA:1D ValiditySun, 28 Apr 2024 05:23:29 GMT - Sat, 27 Jul 2024 05:23:28 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2614), with no line terminators Hash9e4ae57f38e6baa5f50c2bb8cc129c6c f70d6469d514c8344d3b079dbe086e43b1acf28e b2df7964a17db3fbfd74bf4235857008b6017f29d6c4d281a3ba903f7d120847
GET /?rb=dw_Gvn4ipbWwlyqvuno26JgNRNSs2wXzBC5IlDRnmgu6HvFDqAcIBO7T0gQvgNsrk9beqQvltH59PN3BQu5JV6cz4ead4xn9t7LIg65tG2HS2KXzmRziMQGeKXXnxrcyAgBF1_mEHaW6TfYX1r8fLoPAkaC1s6DSY4fW_R1gfKz9V4_N--ru3bkjNCndxr3bLgXXSN511ydxdZGtMPps3QzXmuFiAUAiZqbrUZKO7qy0aBoCkr9iiGk8QP3oPZIEgbifqQ%3D%3D&request_ab2=0&zoneid=6651943&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=-1&wiw=-1&ww=-1&wh=-1&sah=1024&wx=0&wy=0&cw=0&wfc=2&pl=https%3A%2F%2Fyu2be.com%2Fvideo%3Fq%3Dbersamamu%2Bjazz&drf=https%3A%2F%2Fyu2be.com%2Fembud%2F4464694b77364b62664a5a&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=85b1f8cf-f907-4ba2-9fef-29fba26d68c0&wasm=1&userId=0080522c273a495dfa317d524ed77ec3&m=link HTTP/1.1
Host: mordoops.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yu2be.com/
Origin: https://yu2be.com
DNT: 1
Connection: keep-alive
Cookie: OAID=0080522c273a495dfa317d524ed77ec3; oaidts=1714808609
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 07:43:29 GMT
content-type: application/json
x-trace-id: 025b6656dccaf0911e05889331d5ead7
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://yu2be.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080522c273a495dfa317d524ed77ec3; expires=Sun, 04 May 2025 07:43:29 GMT; path=/; secure; SameSite=None
oaidts=1714808609; expires=Sun, 04 May 2025 07:43:29 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 11 May 2024 07:43:29 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|