Report - poopstream.co/

Report Overview

Submitted URL
poopstream.co/
IP
104.21.58.50
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-09 19:39:03
Access
public
Website Title
Indonesia Adult Video - POOPSTREAM
Final URL
poopstream.co/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2024-05-08	1.0 kB	813 B	157.90.84.242
p.a64x.com	unknown	2023-07-27	2023-07-27	2024-05-08	2.9 kB	1.4 kB	104.21.19.82
imdn.pics	unknown	2023-09-14	2023-09-14	2024-05-08	1.3 kB	17 kB	45.133.44.25
i.poopcdn.com	unknown	2024-03-14	2024-03-14	2024-03-18	8.2 kB	226 kB	104.21.11.28
img.doodcdn.co	unknown	2022-04-23	2022-05-04	2024-05-03	4.9 kB	504 kB	104.26.6.74
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-05-08	1.5 kB	203 kB	172.67.142.245
mcpuwpsh.com	unknown	2022-08-12	2022-08-12	2024-05-08	479 B	4.9 kB	94.130.197.240
js.capndr.com	316718	2021-08-30	2021-08-30	2024-05-08	402 B	376 B	45.133.44.53
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-09	435 B	31 kB	151.101.130.137
e9b729472c.39268ea911.com	unknown	unknown	No data	No data	2.3 kB	421 kB	45.133.44.52
static.bookmsg.com	47495	2020-09-15	2020-11-24	2024-05-08	1.8 kB	3.0 kB	45.133.44.24
poopstream.co	unknown	unknown	No data	No data	3.7 kB	114 kB	104.21.58.50
o.pki.goog	unknown	2016-06-13	2024-04-24	2024-05-09	650 B	1.4 kB	142.250.74.131
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-05-09	944 B	194 kB	104.18.10.207
accounts.google.com	81	1997-09-15	2016-03-20	2024-05-08	1.8 kB	6.6 kB	74.125.131.84
nereserv.com	40015	2020-12-21	2020-12-21	2024-05-08	2.3 kB	1.3 kB	168.119.25.102
e859321004.6423f6c6c4.com	unknown	unknown	No data	No data	18 kB	14 kB	157.90.84.246
storage.multstorage.com	unknown	2023-09-22	2023-09-22	2024-05-08	525 B	1.6 kB	104.21.30.242
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-09	465 B	7.5 kB	104.17.24.14
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	420 B	102 kB	142.250.74.168
e275260174.05ae41c3fc.com	unknown	unknown	No data	No data	823 B	320 B	45.133.44.52

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	39268ea911.com	Sinkholed
2024-05-09	medium	39268ea911.com	Sinkholed
2024-05-09	medium	39268ea911.com	Sinkholed
2024-05-09	medium	39268ea911.com	Sinkholed
2024-05-09	medium	39268ea911.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-05-20
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-20 12:18:53 Times Seen250039 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	poopstream.co/	6.4 kB	2024-05-09	2024-05-09
Pretty URL poopstream.co/ IP 104.21.58.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-09 21:39:10 Last Seen2024-05-09 21:39:10 Times Seen1 Hash 71a7b6624b8b3152aab82b526e222722 c83468279f7b8ba43408b26c2a7e567fd86a41c5 2a7d49dd615ee7316f84f797ca0a6661f9b15baa07543897aab3d68126970ec0 Loading...

	poopstream.co/assets/jquery.main.js	6.9 kB	2024-05-09	2024-05-09
Pretty URL poopstream.co/assets/jquery.main.js IP 104.21.58.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 21:39:10 Last Seen2024-05-09 21:39:10 Times Seen1 Hash 62efab4be63da587572bc4c1d3259156 eec2c053c31e2551345162e9fe8c9bc394bce547 0dc0dd5f989d55b6c5b68be64258328d40fe54a4169f6e75b95dcbed1f0a5da7 Loading...

	poopstream.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-05-20
Pretty URL poopstream.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.21.58.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-20 12:19:54 Times Seen57796 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	www.googletagmanager.com/gtag/js?id=G-JBYNTZ3LB5	306 kB	2024-05-09	2024-05-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-JBYNTZ3LB5 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 21:39:10 Last Seen2024-05-09 21:39:11 Times Seen2 Hash a0733ac5dba0f307a54b7a593ca7624e 75482de070d9d16beb6d16ab4330fc08ede80ae2 b13efc51c336b898a529e1884f0c6c56e580859fc83ffb1e00a8b4d914b48fe2 Loading...

	e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js	109 kB	2024-05-08	2024-05-14
Pretty URL e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 14:11:42 Last Seen2024-05-14 14:15:38 Times Seen387 Hash 392da8c33f7fec0078e15e7cb7dec615 9a58299ea074848763f9b3e0d0b3ed82ed92614a e4dd634416e83566cd4235d596b6292bdcca640a6fb47da3b9330a3113e35c47 Loading...

	e9b729472c.39268ea911.com/94a773ec0ce10439eaff9dd642e1fefb.js	470 kB	2024-04-16	2024-05-20
Pretty URL e9b729472c.39268ea911.com/94a773ec0ce10439eaff9dd642e1fefb.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 15:37:10 Last Seen2024-05-20 09:32:15 Times Seen1388 Hash 2902e331e5e735ad63e7510dfc434c5b 8f276d26159f74561fb370144b8cafba8bcc8bd3 26106440376cfc59241a9ef152d26483d436f1c155744bda92a41d3906e60ba2 Loading...

	code.jquery.com/jquery-3.1.0.min.js	86 kB	2023-03-07	2024-05-20
Pretty URL code.jquery.com/jquery-3.1.0.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-20 09:31:47 Times Seen7809 Hash 05e51b1db558320f1939f9789ccf5c8f c72c1735b4d903d90dd51225ebefb8c74ebbc51f 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js	20 kB	2023-03-07	2024-05-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:07 Last Seen2024-05-20 02:53:34 Times Seen4660 Hash 83fb8c4d9199dce0224da0206423106f d8503645c17f9856868a7def3dc0505e19a95ec7 f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e Loading...

	poopstream.co/assets/jquery.rotator.js	3.3 kB	2023-03-07	2024-05-17
Pretty URL poopstream.co/assets/jquery.rotator.js IP 104.21.58.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:43:05 Last Seen2024-05-17 23:59:24 Times Seen55 Hash f39648a2e20d505526d8833191a47b14 3f3e4b96d6289e1aca1dd382570594e0cad7f0c3 ac750c411915309e6d642fb5555d2a1fe2a0bc1aa8de6cff5acf3a5c5c485bcf Loading...

	poopstream.co/	201 B	2024-05-09	2024-05-09
Pretty URL poopstream.co/ IP 104.21.58.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-09 21:39:10 Last Seen2024-05-09 21:39:10 Times Seen1 Hash 96ad78709f0975a416f06b0b27c118fc aeba8b8227863f9d9cf9a2d084921be2434ea95e c35dfd049a8a5af92ac04399dddce4a3f8f854e1937492fd3c75581e10e38ad2 Loading...

	js.capndr.com/advertising.js	0 B	2023-03-07	2024-05-20
Pretty URL js.capndr.com/advertising.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 12:20:46 Times Seen37872763 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	storage.multstorage.com/log/count.html	718 B	2023-09-18	2024-05-20
Pretty URL storage.multstorage.com/log/count.html IP 104.21.30.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-18 17:19:52 Last Seen2024-05-20 11:54:46 Times Seen5659 Hash 1f697a0f2411e463adbc1211493fe5a6 93c154152bda427938543b8efbd8d3b594abbac7 08a5735f5232b651af89f552e8d0fb7b21d6605fba48f335318699d80d12703e Loading...

	poopstream.co/	1.0 kB	2024-05-09	2024-05-09
Pretty URL poopstream.co/ IP 104.21.58.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-09 21:39:10 Last Seen2024-05-09 21:39:10 Times Seen1 Hash b579966206a4fd0236000591da8b0bf8 e8ac7d4a8fc9d34f1ee6021137873ded829b7e84 d19d55b056299029f642444474d48e5f8f8ee86b87f0e6b25db859cd1ca854e3 Loading...

	e9b729472c.39268ea911.com/939b87343a3eb6ec5a1c3e8c8c6f7c47.js	169 kB	2024-04-25	2024-05-16
Pretty URL e9b729472c.39268ea911.com/939b87343a3eb6ec5a1c3e8c8c6f7c47.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 17:48:27 Last Seen2024-05-16 08:49:21 Times Seen1042 Hash e164f0fc509991890121aa763019689d 16f901a89a57f87c90d6cea80cff9f8bd32756dc fdd439b2c8d28676c5e03847afc19252a3d6d88a670ba48db4ac020866c6b6ec Loading...

	e9b729472c.39268ea911.com/8d49d19b7765f1a8c2fc9471c8f12409.js	101 kB	2024-05-06	2024-05-16
Pretty URL e9b729472c.39268ea911.com/8d49d19b7765f1a8c2fc9471c8f12409.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-06 11:08:30 Last Seen2024-05-16 07:55:12 Times Seen535 Hash 0cbfae16446f6ff17f3f18758b41e37c fdcba827008b6f52caa67735b295f7fab6f26a04 4f5cece30fb18d801a39950fe09419aa3280c654a323e72733b3204ad11a7a33 Loading...

HTTP Transactions (82)

URL IP Response Size

poopstream.co/assets/stream.png

104.21.58.50

200 OK

7.2 kB

URL GET HTTP/3
poopstream.co/assets/stream.png
IP
104.21.58.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectpoopstream.co
FingerprintAF:C5:66:C3:4D:AD:E0:89:B3:56:EB:78:34:32:18:02:0E:D0:A8:E9
ValiditySat, 16 Mar 2024 14:11:11 GMT - Fri, 14 Jun 2024 14:11:10 GMT

File type
PNG image data, 250 x 60, 8-bit/color RGBA, non-interlaced
Size
7.2 kB (7240 bytes)
Hash
90e45e725d15ea100d588ce7f02926be
5435b1cefcac2c1e7da0b0e424fffc13216863de
e70c193a0416f3933a48c1174df4b32f4ca0624883d0aa398689edeca134c195

HTTP Headers

GET /assets/stream.png HTTP/1.1
Host: poopstream.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:38:34 GMT
content-type: image/png
content-length: 7240
last-modified: Sun, 05 May 2024 10:11:59 GMT
etag: "66375b6f-1c48"
expires: Sat, 08 Jun 2024 06:41:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 46619
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8z%2FQiVEYgFsBfmdbI5FU%2BRRWH1sHODKQwFalqC4PZ2srn8B%2FgUTWGAvsLv7Q7M7Lr8Fqh1YaLpeK5Vg2%2B19W5%2F2ASstOhxViRZpAaTCIpoVLHWe0Jlh8697g6A6OsjJ%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881426901d03568e-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

104.17.24.14

200 OK

6.5 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (20164)
Size
6.5 kB (6451 bytes)
Hash
83fb8c4d9199dce0224da0206423106f
d8503645c17f9856868a7def3dc0505e19a95ec7
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

HTTP Headers

GET /ajax/libs/popper.js/1.14.3/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 6451
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4f71"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 94391
expires: Tue, 29 Apr 2025 19:38:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=07Dgcf70Hz6jfPREd%2BaSkuwNAYitvAQlEa8KNQlsTcIbE0px8YYB35MkIaLHC4QbmZBIkVnfDChC1Jki6SNiTBuNJG0UTJQ7fi5%2FnqFTLi8NRwKKEytnzlQ6qDr%2FB4mNoS1STb7N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881426904e80b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.1.0.min.js

151.101.130.137

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.1.0.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://poopstream.co/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32014)
Size
30 kB (30019 bytes)
Hash
05e51b1db558320f1939f9789ccf5c8f
c72c1735b4d903d90dd51225ebefb8c74ebbc51f
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

HTTP Headers

GET /jquery-3.1.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1514f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 09 May 2024 19:38:34 GMT
age: 20482914
x-served-by: cache-lga21948-LGA, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 99, 28551
x-timer: S1715283515.972361,VS0,VE0
vary: Accept-Encoding
content-length: 30019
X-Firefox-Spdy: h2

i.poopcdn.com/GD0nF.jpg

104.21.11.28

200 OK

7.5 kB

URL GET HTTP/2
i.poopcdn.com/GD0nF.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.134.100", baseline, precision 8, 240x427, components 3
Size
7.5 kB (7482 bytes)
Hash
99bfd4f05e7bd1e808f961f6ff26ae0f
9575a2618bd457cbe0b1614611657ecd5b349dcf
9f290d61c9f4996af8d083c38dcb8805d5972a3461fa9d2aeee8ad3819792840

HTTP Headers

GET /GD0nF.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 7482
etag: "99bfd4f05e7bd1e808f961f6ff26ae0f"
last-modified: Sun, 25 Feb 2024 12:39:24 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1806
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NrXwsBB3eRhbdWYh4n1Zlw4bPu51kTg7H%2FxBi83xEfteIEKSfhpqCgWzz6FTHDeIWUa5MPBBkod00LMOF%2BnC1biiXjO1MPGotKKV7zisp5EQRhSFyizs0fsk8g16EhSG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690bb88b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/nXyGI.jpg

104.21.11.28

200 OK

8.2 kB

URL GET HTTP/2
i.poopcdn.com/nXyGI.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 240x318, components 3
Size
8.2 kB (8218 bytes)
Hash
a9cadfa1f632a7e85ec1931b14e5295a
6bf64836f7fc22f2babfa0ae2756bc19cdfea6ab
7c940d6a0f80f5763ad06c01f48b0a045a4cbb58d4561709e6a52875cb6f0329

HTTP Headers

GET /nXyGI.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 8218
etag: "a9cadfa1f632a7e85ec1931b14e5295a"
last-modified: Thu, 09 May 2024 16:05:54 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6478
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J7UPM1lU5hVUDysy%2BWom%2FXFY7mG9BZUvNmRZIR1dyvUV4nPP2YbM0EDvtl6zB6nMLMqPIDhgiuRRIMixbAR71WEUP9jOhmABI4dEU8TJn2U8rfUKWNnMBhuKmPqjtcOJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690bb86b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/b4RSn.jpg

104.21.11.28

200 OK

6.7 kB

URL GET HTTP/2
i.poopcdn.com/b4RSn.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 180x320, components 3
Size
6.7 kB (6686 bytes)
Hash
b97aca39f3df28ee3f97ee6afb5d6188
0006ad2e6c09d43a000078862da1fcb9ee20e8af
08ed6f51b40ce35193e31664d7df64b24c36e70cc9e81513d1ec18528522c35c

HTTP Headers

GET /b4RSn.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 6686
etag: "b97aca39f3df28ee3f97ee6afb5d6188"
last-modified: Thu, 09 May 2024 09:32:57 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1810
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QNnC4ttImyQ3JJfkQ9ZfJMkgsQeHY6msuDZG2KQgvnx1bAcCRvH0uuzDa3pPNMws%2F4w8EaxgipuPRHXa%2BRiYxTB3%2BqlK7MLSbt9V%2Fm17%2BE4AwTQ5zrNjjcD4eK0%2BOCNq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690bb83b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/kPbvl.jpg

104.21.11.28

200 OK

8.2 kB

URL GET HTTP/2
i.poopcdn.com/kPbvl.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1739x1729, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 202x360, components 3
Size
8.2 kB (8242 bytes)
Hash
ec5a969422d917a1ce19b3c4ff4bd572
0909c998788bcf7ea4bcc28fcce27453ae651166
28e670cbfa43145a06032c0e50992235815e680dcfcf15c9f52324ce592f96ef

HTTP Headers

GET /kPbvl.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 8242
etag: "ec5a969422d917a1ce19b3c4ff4bd572"
last-modified: Thu, 09 May 2024 07:47:33 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6479
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=64dLsjFDjVngu8og0Eo9AZTeHJhj%2FyD48qqpW8hNm%2FeZPGugULf93uvv5yHwYsKBDanUIBQnxnsh6Q1sMB1aBANqfnBSkumJqCOsX%2FPkc5ccXG4Jkknmh%2BcvEj7V%2BIdW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690bb92b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/PDWj3.jpg

104.21.11.28

200 OK

6.0 kB

URL GET HTTP/2
i.poopcdn.com/PDWj3.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 252x240, components 3
Size
6.0 kB (5992 bytes)
Hash
ea2a59dd36057ecb598411214cd09cd5
9241752ac77bd805fca973c0a0c1c2e627be5055
76a876082bdab584a9cb786052a3751a3e574b7166083d34e16a784496e2c858

HTTP Headers

GET /PDWj3.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 5992
etag: "ea2a59dd36057ecb598411214cd09cd5"
last-modified: Thu, 09 May 2024 16:06:08 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6478
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nl8IfH98shYImVf1kRk3zctok2yxn69Hnkm2ECza%2B2dg%2FBOvhmEGf33yxqhu3XKdMHABCScGXYxCpKVNyg0XSdnGYq%2F%2BfHZiIldreGTQAHGP7Z4g4xYmEIAYhCDOhuzO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690bb8db51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/A3C65.jpg

104.21.11.28

200 OK

11 kB

URL GET HTTP/2
i.poopcdn.com/A3C65.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 360x640, components 3
Size
11 kB (10558 bytes)
Hash
64bca46d6dcc40fe89380862888a3e98
41629d8a78e0f31c3c3300820b3b627de097b01c
a22faa2822037954da5b9de562fa1cbee2d104cdd219343f29182697d8cc0ccb

HTTP Headers

GET /A3C65.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 10558
etag: "64bca46d6dcc40fe89380862888a3e98"
last-modified: Thu, 09 May 2024 17:15:08 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6477
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kgae7GqPFrOZ6h5hC22KpETanCE051unBEIRGJKR%2FAB4C022O251rX%2FktHCzvCFpmu5FX6oFjb9OMScfeWrQEMMdS29uHCYF2O3%2BH2sCI4D2IC6F8CYYW6xuxZyK6wxS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690dbd4b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.doodcdn.co/snaps/i9i4kovzzdw0etq9.jpg

104.26.6.74

200 OK

26 kB

URL GET HTTP/2
img.doodcdn.co/snaps/i9i4kovzzdw0etq9.jpg
IP
104.26.6.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectdoodcdn.co
Fingerprint8C:32:D4:AB:AF:53:AF:34:D3:6F:F9:E0:66:DC:21:B2:03:C6:34:F3
ValidityFri, 12 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x848, components 3
Size
26 kB (25648 bytes)
Hash
c85cd9e73ceb3f5a8d3f8fbdeaf95f1d
7974bf79594268fe253aaaa053756062b4cad57b
f1b3031cd91edfe969c9e9b96174a4ad934b3e20b4e3e3d6d36e02296c56db7d

HTTP Headers

GET /snaps/i9i4kovzzdw0etq9.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 25648
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=25733
etag: "65fe78e0-6485"
expires: Thu, 23 May 2024 17:01:10 GMT
last-modified: Sat, 23 Mar 2024 06:38:24 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2Fq3IshFiGtVgZDZLF7rYmaKjbvkA6zsu0NmJdbo3W71k2Z%2BAu5bFCifMuajI103MxVqlLp3Vg0sQ14TsL%2Fkh99ipfef3pGsaoPXv7AIfA0hheojhGB3H7AnGr9KI44w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881426909932b527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.doodcdn.co/snaps/f9b7kwh793sb7ltv.jpg

104.26.6.74

200 OK

28 kB

URL GET HTTP/2
img.doodcdn.co/snaps/f9b7kwh793sb7ltv.jpg
IP
104.26.6.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectdoodcdn.co
Fingerprint8C:32:D4:AB:AF:53:AF:34:D3:6F:F9:E0:66:DC:21:B2:03:C6:34:F3
ValidityFri, 12 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x1280, components 3
Size
28 kB (27615 bytes)
Hash
e9eed907384d18bb22cc7a043bb1e499
934ae4e9d167e6f035efc3124332693f61147ed0
bf3f3bf4985b6664df6d255af3b7de13fab26403319c82720968c093adad360c

HTTP Headers

GET /snaps/f9b7kwh793sb7ltv.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 27615
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=29255
etag: "65b09074-7247"
expires: Thu, 23 May 2024 17:17:44 GMT
last-modified: Wed, 24 Jan 2024 04:22:12 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aa59b1oXOcUnsXjIEEWYR39%2F47RTuG3IIC8AxJoHdzpTK4cgeWb3ALAbbtslPX8y%2F5R5%2BvRzr5ZX5LxWF9zbt7TU9sxIMycOQX%2F%2BXD8i9eF7gsp3J8w5ZnZaTHGwFxWN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881426909933b527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.doodcdn.co/snaps/bvtjajfaxghk085k.jpg

104.26.6.74

200 OK

20 kB

URL GET HTTP/2
img.doodcdn.co/snaps/bvtjajfaxghk085k.jpg
IP
104.26.6.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectdoodcdn.co
Fingerprint8C:32:D4:AB:AF:53:AF:34:D3:6F:F9:E0:66:DC:21:B2:03:C6:34:F3
ValidityFri, 12 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x854, components 3
Size
20 kB (20373 bytes)
Hash
c462e7acc1e253ab137439720cdfaf15
22795729ff3d174f797927a6b8c01ae398b7b3c4
8f1d9fbc9e2704b805e3678a9aecfb51374522a47d93facb8575e2136f5c07aa

HTTP Headers

GET /snaps/bvtjajfaxghk085k.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 20373
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=20603
etag: "65fe763f-507b"
expires: Thu, 23 May 2024 03:34:50 GMT
last-modified: Sat, 23 Mar 2024 06:27:11 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NfMTUAXr6dpnr1i0ggSY1%2FA2KyRDD%2BVqlWpLTVkq0zn%2Fp2rzA4r3YS1iAACX2gAntjWCY5r6TkEEbTt%2B94IYNXsVfORqnYT8%2Bcj3Il92eb9mySZtNUCPXXsML6GWLYqj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881426909934b527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.doodcdn.co/snaps/dxcpus0ktxlcoyp5.jpg

104.26.6.74

200 OK

82 kB

URL GET HTTP/2
img.doodcdn.co/snaps/dxcpus0ktxlcoyp5.jpg
IP
104.26.6.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectdoodcdn.co
Fingerprint8C:32:D4:AB:AF:53:AF:34:D3:6F:F9:E0:66:DC:21:B2:03:C6:34:F3
ValidityFri, 12 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x1280, components 3
Size
82 kB (82334 bytes)
Hash
a55188b29da71f0dde728fc953796495
755045de6841e7870863c1382e7df62325e3b8a9
7140c098e19248dd4374065ec0f395863e55b598a5d906c9f174eed58a7301f8

HTTP Headers

GET /snaps/dxcpus0ktxlcoyp5.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 82334
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=85203
etag: "656dd14a-14cd3"
expires: Thu, 23 May 2024 17:18:22 GMT
last-modified: Mon, 04 Dec 2023 13:16:58 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nwGWGNYJWOeIAfBMRwc%2BSIgMmfDErunafwAPyYsqAWAlwoTWHtsLtdOAle2VDycwe7dTTcFhmoimyI3jfUUsE%2B9QSn%2FSHbfM4eKDI6rY3VdrbmGgyVAUspVwyyXwfVgn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88142690992ab527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.doodcdn.co/snaps/2p5ln8gxp8pcwats.jpg

104.26.6.74

200 OK

18 kB

URL GET HTTP/2
img.doodcdn.co/snaps/2p5ln8gxp8pcwats.jpg
IP
104.26.6.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectdoodcdn.co
Fingerprint8C:32:D4:AB:AF:53:AF:34:D3:6F:F9:E0:66:DC:21:B2:03:C6:34:F3
ValidityFri, 12 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 5767x5760, segment length 16, comment: "Lavc58.134.100", baseline, precision 8, 720x395, components 3
Size
18 kB (18444 bytes)
Hash
cc26e4c8c6ce4a8e23039a688681b898
a3bb5a292c1b17c11f9fc94737cadc22cd379105
c7a9f3d7541fa57dc81e6a8edd027eec73cedca061de50a64397ff0840a2f82a

HTTP Headers

GET /snaps/2p5ln8gxp8pcwats.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 18444
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "660a6426-480c"
expires: Thu, 23 May 2024 14:39:55 GMT
last-modified: Mon, 01 Apr 2024 07:37:10 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bKnNcANvcj6W74xNp6nPrEiA5n1WGJpfGRfafpQjgNBp4CDHpCWPaAnRlCdK4rGxclOnHk37p24fo2vXANva5I769CQb5jgoIrhvf9u644z%2FYqHZDz6J%2BtUz8um6xxlF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881426909935b527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.doodcdn.co/snaps/c80d7875xcja2sce.jpg

104.26.6.74

200 OK

27 kB

URL GET HTTP/2
img.doodcdn.co/snaps/c80d7875xcja2sce.jpg
IP
104.26.6.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectdoodcdn.co
Fingerprint8C:32:D4:AB:AF:53:AF:34:D3:6F:F9:E0:66:DC:21:B2:03:C6:34:F3
ValidityFri, 12 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x1322, components 3
Size
27 kB (27222 bytes)
Hash
101a3b524b756e507b688b728e90af1e
bd2df5c425068b2224f384f45294fef7ce5231be
0ea39416ebb31b53c49a32405898ac08eb47887c51796780fc57bed049bd48cf

HTTP Headers

GET /snaps/c80d7875xcja2sce.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 27222
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=28621
etag: "66087b7d-6fcd"
expires: Thu, 23 May 2024 06:37:59 GMT
last-modified: Sat, 30 Mar 2024 20:52:13 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2FvUbtQtK2C7fU69A0xuNFyQ1U8RjhOT9dOBvS3aZUEdBOW5Gide0TKQWtnZsadxI43BNs8ntG3Oi%2F7kSvQ2PLUYJqjm8SO9eaemlpEEmwENeaqb%2B7JE%2BggffnfPaoRw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88142690992cb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.doodcdn.co/snaps/1x210ra6crg6s9jj.jpg

104.26.6.74

200 OK

87 kB

URL GET HTTP/2
img.doodcdn.co/snaps/1x210ra6crg6s9jj.jpg
IP
104.26.6.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectdoodcdn.co
Fingerprint8C:32:D4:AB:AF:53:AF:34:D3:6F:F9:E0:66:DC:21:B2:03:C6:34:F3
ValidityFri, 12 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x1280, components 3
Size
87 kB (87146 bytes)
Hash
0501fea8e4fadce7c300e5c385324139
aeb322654e03f88d5de5e2de22f55390fa516b3d
6f7d621cb01e3b016b1abe2985fccdf97d8cf3062fca42d64e60e7496c0ae74b

HTTP Headers

GET /snaps/1x210ra6crg6s9jj.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 87146
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=90633
etag: "66051dcf-16209"
expires: Thu, 23 May 2024 17:18:04 GMT
last-modified: Thu, 28 Mar 2024 07:35:43 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=86%2BDcyQ9boRICf42YaTi8yXqN5daZwEeaxoqh8ThPENHgAP6q20keRQEDeu3o8LgDG8Km%2FirnNFmiHKzWViS6QIE6cgwSnu3QrI%2FiMe8Iogj6%2BubuiPIpNnjl4jEGijV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881426909939b527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.doodcdn.co/snaps/5m99t25na3cqt72m.jpg

104.26.6.74

200 OK

32 kB

URL GET HTTP/2
img.doodcdn.co/snaps/5m99t25na3cqt72m.jpg
IP
104.26.6.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectdoodcdn.co
Fingerprint8C:32:D4:AB:AF:53:AF:34:D3:6F:F9:E0:66:DC:21:B2:03:C6:34:F3
ValidityFri, 12 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x848, components 3
Size
32 kB (32288 bytes)
Hash
8d6b02157a321f01faf495ed198fe0cf
a90d6a55f8939219d00101cb23972e468c54b5d0
b35d585549b8bd138a6f2b0b216f3e68dc5e4bcfb1283b2c1ba1f314129c6fc6

HTTP Headers

GET /snaps/5m99t25na3cqt72m.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 32288
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=32625
etag: "6606c8a7-7f71"
expires: Thu, 23 May 2024 17:01:12 GMT
last-modified: Fri, 29 Mar 2024 13:56:55 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mLLaI8JeFIhwUqfEauTE3bN1g0NuRxqNABEnZSOtpHNKrgtYoEdaIJpLdU8Ja829Zy%2Fe0NUHgqGK7c2yAqvR6oq32KbOPu8wUoRdQr3Di1kjaU2lPKgNHDTVu8k%2FGc21"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88142690992fb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.doodcdn.co/snaps/dw0az4oxp145lhkn.jpg

104.26.6.74

200 OK

40 kB

URL GET HTTP/2
img.doodcdn.co/snaps/dw0az4oxp145lhkn.jpg
IP
104.26.6.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectdoodcdn.co
Fingerprint8C:32:D4:AB:AF:53:AF:34:D3:6F:F9:E0:66:DC:21:B2:03:C6:34:F3
ValidityFri, 12 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x1280, components 3
Size
40 kB (40479 bytes)
Hash
d13ee3c90b48c5b278b4e4ff0f23c409
e9264818d9db69813323c92ee21fc353a64f1faa
617e976524741dfa5c16e7ebc9b5b56a99fa4251c54a7bbc21b718233e5e8e40

HTTP Headers

GET /snaps/dw0az4oxp145lhkn.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 40479
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=41839
etag: "658286bd-a36f"
expires: Thu, 23 May 2024 17:18:24 GMT
last-modified: Wed, 20 Dec 2023 06:16:29 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zs1CefCCbgGIfzv3hhJ5CpIIRerlG43RawHnfsF6T0%2Fin6BV4r83rfloumSaHdTMVVvQHXXWTb7bRAJcX9fXtoxmcNPdEWdMId7KOctGKO3aamdvfMSFKiiKGcQ1iVLB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88142690b966b527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.doodcdn.co/snaps/ov8miwb1dj00p7ct.jpg

104.26.6.74

200 OK

64 kB

URL GET HTTP/2
img.doodcdn.co/snaps/ov8miwb1dj00p7ct.jpg
IP
104.26.6.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectdoodcdn.co
Fingerprint8C:32:D4:AB:AF:53:AF:34:D3:6F:F9:E0:66:DC:21:B2:03:C6:34:F3
ValidityFri, 12 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x1280, components 3
Size
64 kB (64109 bytes)
Hash
5e46d3672942e0730e7c2406da2e0835
3d4458a3cffc948dcb29e177981323ad558d1ddc
dc84c84d89aecbc6d1bf4bbb7ad1682113f2331d2508629a42e14eaf20b3f4de

HTTP Headers

GET /snaps/ov8miwb1dj00p7ct.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 64109
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=65359
etag: "656dd162-ff4f"
expires: Thu, 23 May 2024 17:17:55 GMT
last-modified: Mon, 04 Dec 2023 13:17:22 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qqNB0fJCTvePA0Rg%2B%2B%2B3HgkdBABl5Vo07G%2Fv6godTd0oxKJgVTweU9K7m6jqY3kjKnDMnI%2F6DE82MIRloJHPPeEKqsKjhnhZwJGwaT%2Fxcja8nxK4nH1hBqYF%2BxY2K6ez"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88142690a942b527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.doodcdn.co/snaps/towbb4a15k4tnjtd.jpg

104.26.6.74

200 OK

70 kB

URL GET HTTP/2
img.doodcdn.co/snaps/towbb4a15k4tnjtd.jpg
IP
104.26.6.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectdoodcdn.co
Fingerprint8C:32:D4:AB:AF:53:AF:34:D3:6F:F9:E0:66:DC:21:B2:03:C6:34:F3
ValidityFri, 12 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x1280, components 3
Size
70 kB (69844 bytes)
Hash
47b2a816cfea1c20fbd353b437641252
b0d09c50f2288952a18c504292a5b5ac9803983f
8ef897950518696347c33f94771c3988509245bf076593db13e7169e977ad852

HTTP Headers

GET /snaps/towbb4a15k4tnjtd.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 69844
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=71468
etag: "65b04e95-1172c"
expires: Thu, 23 May 2024 17:17:44 GMT
last-modified: Tue, 23 Jan 2024 23:41:09 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FTKbvvuQxBMnX4ZRCGwE%2B0o96d3Hiv0QYuzFWJiBi8G9vsh%2Fm3QH42K1YBxLraodI8cSA1l8eGTMGDHhpiTLyPriq6ZBMAMg14vejkr8Yk0emytY%2FGdtGNiosbMkGgV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88142690b964b527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/ygLYZ.jpg

104.21.11.28

200 OK

4.0 kB

URL GET HTTP/2
i.poopcdn.com/ygLYZ.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 135x240, components 3
Size
4.0 kB (3955 bytes)
Hash
377c6cbfd33a14227f5dbd7fc0593174
944efe22bc27f00833dcc7b84d81ecd62eb06760
4e5219e848a0f040664d820234f55618394e96a804baa436ecccbb4cba69d5ea

HTTP Headers

GET /ygLYZ.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 3955
etag: "377c6cbfd33a14227f5dbd7fc0593174"
last-modified: Thu, 09 May 2024 07:26:06 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYoYb%2FskEDZXmp29v4hHqjBuveaJgsMTd2Mmi9UUqoKOak7%2FkwcAo1lKT28VVTrDKFzTXF%2FeGwySDPQAKPKBJmAiSRl1Gi9uluhv2c%2Bg3Gzejc%2F0RRCRyZua%2BYSXFhex"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690bb7fb51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-JBYNTZ3LB5

142.250.74.168

200 OK

102 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-JBYNTZ3LB5
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://poopstream.co/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (101553 bytes)
Hash
a0733ac5dba0f307a54b7a593ca7624e
75482de070d9d16beb6d16ab4330fc08ede80ae2
b13efc51c336b898a529e1884f0c6c56e580859fc83ffb1e00a8b4d914b48fe2

HTTP Headers

GET /gtag/js?id=G-JBYNTZ3LB5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 19:38:35 GMT
expires: Thu, 09 May 2024 19:38:35 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101553
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.poopcdn.com/cfTZG.jpg

104.21.11.28

200 OK

14 kB

URL GET HTTP/2
i.poopcdn.com/cfTZG.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 360x640, components 3
Size
14 kB (13927 bytes)
Hash
94732e71d890ce03a9e193f8c803b69e
94656d01ef6efd529885345f33c18e7bc89a2e42
34203ede722d90f20d6df752c7a2675956285502caab43b6c2dde416594892bd

HTTP Headers

GET /cfTZG.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 13927
etag: "94732e71d890ce03a9e193f8c803b69e"
last-modified: Thu, 09 May 2024 17:15:26 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9yfpQlAcPH7N9IP2PmrSYCTUhm4eZuEt569nkbDKHtHdYsj7CQqyIT5431VhiXVsBCvATAAih0gta29M8tRYvs54U4QEJYXaDKR19nY8AvZVPMEsh6bMyn0IE7HSeWbp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690bb93b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/igv11.jpg

104.21.11.28

200 OK

8.2 kB

URL GET HTTP/2
i.poopcdn.com/igv11.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 240x251, components 3
Size
8.2 kB (8157 bytes)
Hash
d66b4d37e8de3c9df54585111a4358fc
8ca55efb0b8ae0bb67187e102874fb4f2a75becd
30004170c03e1d31ce12abede305c3798822776385210f0611a95542f4b1df86

HTTP Headers

GET /igv11.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 8157
etag: "d66b4d37e8de3c9df54585111a4358fc"
last-modified: Thu, 09 May 2024 16:06:03 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TE12CklaJuzivQnL7H6REsgK3kGlmzDza9%2FGgsxATTh0jRbceh1mK99wCtpgfB3C%2FCPWCpuv6KbPWKcwaBQEFhdCqEfja8kQXkz7WNq0KGsVP8wiEQAO6vNYhy5A0n57"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690bb85b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/19hH0.jpg

104.21.11.28

200 OK

7.5 kB

URL GET HTTP/2
i.poopcdn.com/19hH0.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 180x320, components 3
Size
7.5 kB (7486 bytes)
Hash
4c7fb6fedfd8b43fc9a859648fc0c50f
d8e82a10b0450d403d3bd9e58bb4009f8eb9623d
56364a53192b5f5a2ff65e896dcdfaa48ad60d781967f6c53d138c1e8a9edea4

HTTP Headers

GET /19hH0.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 7486
etag: "4c7fb6fedfd8b43fc9a859648fc0c50f"
last-modified: Thu, 09 May 2024 07:38:51 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xq5nGJ48cBQ3MjvfouAMjftzLunQ080nTe%2BTtzntIuRQfsCVaYiGD1MCOTmZQnEz7UseumF6AAtJtrnVUi2RnT%2Fi0Q%2Fbewqgzx12gbD3D2AO7QexuzQIpaodVkOr6qu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690bb8bb51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/g9ecw.jpg

104.21.11.28

200 OK

16 kB

URL GET HTTP/2
i.poopcdn.com/g9ecw.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 360x640, components 3
Size
16 kB (16508 bytes)
Hash
89c9016fa0f04338529d063d67e30f81
9d765d359ed105c9261615eecba5282e0ac82bf1
f66dfef47934717996dd7e016e0f7ae713374f9f64e2e34028f972f0bee85aa4

HTTP Headers

GET /g9ecw.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 16508
etag: "89c9016fa0f04338529d063d67e30f81"
last-modified: Thu, 09 May 2024 17:15:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RLPRnIlPaX0qBYOxxn%2FuoFyE%2BtpLpqPBReVZYU3dWGDe%2BYXtB8OLdVxBv28czlsSvmhb7Bk33G2%2FwiuVVZTBvwv8JKdKBjiKEKEyAYbFTevXF%2F67Wh7zO2GS7vQkmilG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690dbc7b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/UEqnO.jpg

104.21.11.28

200 OK

14 kB

URL GET HTTP/2
i.poopcdn.com/UEqnO.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 360x640, components 3
Size
14 kB (13504 bytes)
Hash
36571191727610351b1a92f4b7f85809
199b3870145c31d11362a6e993891f3f25f45437
da9219c9ca370b5d35e559078e1d95f7f49a20a61dfc58c079a238bbfcd728c5

HTTP Headers

GET /UEqnO.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 13504
etag: "36571191727610351b1a92f4b7f85809"
last-modified: Thu, 09 May 2024 17:15:18 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=685oe2S1ycYM6%2FrTcVYEg2gYYPrqy%2B8hm7JKQtyho7XE6UYZmzd9tBwCxPtJWR0YdX%2BHfuoeFhNp6i%2Be9YUXN7MTUd%2FWmq%2BEy09Qu7nzKbpYQOpgB1fbYPMo5q0gxL%2Fy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690bb99b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/KlytE.jpg

104.21.11.28

200 OK

13 kB

URL GET HTTP/2
i.poopcdn.com/KlytE.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 360x613, components 3
Size
13 kB (13404 bytes)
Hash
75612ee3c775312c1c87a8d2e7cfaebb
346d6769811a325d31708759e5b029c76aee1fef
3f912efe18ec54240b11fca553145e5237a46efdeb441c98dde1b4b33808698d

HTTP Headers

GET /KlytE.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 13404
etag: "75612ee3c775312c1c87a8d2e7cfaebb"
last-modified: Thu, 09 May 2024 16:05:58 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NMObs6FH%2BaONT6leEY2SgLFIJDV1yG%2FQlpfmthbxp5CVAs85hc3Gk0nlHxkZ2pcoZQ6L7zhstJvOxJvWuvEdWnjilb8tNieWON%2BipVLph78zM5BUihk4PMfQTpQRifyB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690cba5b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2

172.67.142.245

200 OK

74 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 74348, version 329.31064
Size
74 kB (74348 bytes)
Hash
462806316fea535a6a57651bc2b000b0
80644191098f863f25be27841c0d92c452cf2327
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

HTTP Headers

GET /releases/v5.7.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: font/woff2
content-length: 74348
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "462806316fea535a6a57651bc2b000b0"
last-modified: Fri, 22 Sep 2023 01:45:52 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 126231
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4zQ8LBVngzhLoBgAehXcPOWwvduqp6hN7lcLM8GHA%2BDT14kqytU%2FTd3I%2BrCA8G78IDbrvA%2BFTHXrb%2BtqrRLFu4DEZLZOm43NYiimOBrd0uaNkYt%2FhmGc3c2oC1JPQxnFDKeVG2s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881426945ca4b524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.2/webfonts/fa-brands-400.woff2

172.67.142.245

200 OK

72 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.7.2/webfonts/fa-brands-400.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 72112, version 329.31064
Size
72 kB (72112 bytes)
Hash
4b115e1153a9ea339d6a0bb284cc8ed3
f988b2efe9434b0af28943708d33dd3afad9a5ba
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e

HTTP Headers

GET /releases/v5.7.2/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: font/woff2
content-length: 72112
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "4b115e1153a9ea339d6a0bb284cc8ed3"
last-modified: Fri, 22 Sep 2023 01:45:52 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 46619
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iY0r0cLQwFvJ%2BuZ5O0eyPunhtvpvgKVRdGvuNmabPB4zKrBJBy1T%2FTcv5p7tRTIdVPiyJbcE0HFeEvG73a%2FiJ02L%2FJkOCOMrOHWvEEMHm45ltnRTijVCrXVxweNYBySKoKkuPTE7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881426946cc5b524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/bEMd3.jpg

104.21.11.28

200 OK

11 kB

URL GET HTTP/2
i.poopcdn.com/bEMd3.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 240x334, components 3
Size
11 kB (11202 bytes)
Hash
7fe9b25f2d16ff345043a7232093954e
c5e25f2ed27bac6296d0dd5ff2caa621a80c5b1b
28d4f6f6e75adfeb7d5e843d739a3ab35a04775eb524ef926496ea39248c0481

HTTP Headers

GET /bEMd3.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 11202
etag: "7fe9b25f2d16ff345043a7232093954e"
last-modified: Thu, 09 May 2024 16:05:50 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qq1jiaxDMpMm5n6uZ1FONXGSGOlpOav3mYVdJLO2zDIRJsFTZCOxvRN8CInSqXlX9AKEtzqSITC2hVubg35BTUO%2Bt1RJnHm0nIR%2BF7TW%2B%2BURYw5qP2wZvfffwqdYsLVl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690dbc8b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/Qs5zM.jpg

104.21.11.28

200 OK

14 kB

URL GET HTTP/2
i.poopcdn.com/Qs5zM.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 360x640, components 3
Size
14 kB (14534 bytes)
Hash
8c3739996dfe39339a3e9e9bb757a264
1ff26f92ee3f5907a9fac348da72fdcb06733dc7
c3ebc8c9da36baae91f4ad77eedd829d3702ae6e9709d4512360543296831752

HTTP Headers

GET /Qs5zM.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 14534
etag: "8c3739996dfe39339a3e9e9bb757a264"
last-modified: Thu, 09 May 2024 17:15:13 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cxkESOuUC7avHBoIUkd1jNtgnSaYKqqDeq7lxwGc0qz0YSlx2efcRG4wkRjx6BE4ZqGs9aRz8SaJZbJfzQQ7kiJhEJLuIBWDDu4LjzgFL6OtBxY02KAxtnNuxQywtvJN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690dbd6b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/z0IM1.jpg

104.21.11.28

200 OK

17 kB

URL GET HTTP/2
i.poopcdn.com/z0IM1.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 360x640, components 3
Size
17 kB (16943 bytes)
Hash
a5bb7c44b1ae6a55f025b85aca49ef18
eaf2f73bf69f0f66acf6db144e47c5daa14d401d
59f2379dee2dd8d9e76d60eb5cdbb0dc539678acb7f24e2c58d83ae1e80670f0

HTTP Headers

GET /z0IM1.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 16943
etag: "a5bb7c44b1ae6a55f025b85aca49ef18"
last-modified: Thu, 09 May 2024 17:15:54 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F1NnT5i9K0N0lUmH%2BH7t%2F%2BD6l1kd5QgrD%2BTdb%2BlRKIsereqgR%2F204k5RHALjK0jGf%2Fqu0niA06tm76RFvPMSKhfoO0NwK52GzBtuf92Spv8neRgtm13JKWf%2BHsJS%2B6%2Fk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690cba9b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/RcoiI.jpg

104.21.11.28

200 OK

16 kB

URL GET HTTP/2
i.poopcdn.com/RcoiI.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 360x640, components 3
Size
16 kB (16258 bytes)
Hash
cfc2a051b274ca7af5790355e2bc5f58
23c7579bccd7a9aae23675ea5651e67b62ac31e1
2c91a520ab24d751663e48e7817e4f8e0caab2d04090b3b8a083a015aac3e198

HTTP Headers

GET /RcoiI.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: image/jpeg
content-length: 16258
etag: "cfc2a051b274ca7af5790355e2bc5f58"
last-modified: Thu, 09 May 2024 17:15:50 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dlP8Jo3%2Frt7jNjwEk9CKDwNhEw4DO66TW6Z7yJlLJOfnVONhjoXVoive%2BtA%2Fvve7s5lw3sNrYnP53CigROoczjtvDr3jpYdZDAwMLSYuKJ9Uru3%2BMGworSlz16FoJJ57"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690bb91b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js

45.133.44.52

200 OK

36 kB

URL GET HTTP/2
e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecte9b729472c.39268ea911.com
FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8
ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
36 kB (35668 bytes)
Hash
392da8c33f7fec0078e15e7cb7dec615
9a58299ea074848763f9b3e0d0b3ed82ed92614a
e4dd634416e83566cd4235d596b6292bdcca640a6fb47da3b9330a3113e35c47

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /34d6dd2e1c7f31ddf3a9042ff9eeb58b.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 08 May 2024 10:50:20 GMT
etag: W/"663b58ec-1ab25"
content-encoding: gzip
expires: Thu, 09 May 2024 19:43:35 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

i.poopcdn.com/2LpEp.jpg

104.21.11.28

200 OK

13 kB

URL GET HTTP/2
i.poopcdn.com/2LpEp.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 360x640, components 3
Size
13 kB (13364 bytes)
Hash
7d2c331c9eefaa5d3de48c32001a9648
258d09179f0767543d41117f450ff68e94f2e2d4
25ef267e132fb22de0d8e9abf2ce20a10bc8e750b2575c26415a282d7ccb9978

HTTP Headers

GET /2LpEp.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:36 GMT
content-type: image/jpeg
content-length: 13364
etag: "7d2c331c9eefaa5d3de48c32001a9648"
last-modified: Thu, 09 May 2024 17:15:31 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3m8K8dwz%2BZR6CiRdkh0NmyMnqAvfps%2FTLrsiP24EDO7yqtuaS6xDM8aqNCsGt9RgHxWnFgrBtxFzwrSPF611xIp3lGdDSVwgOQr2zfmaU6iVHLb5ipvBQ%2BjUiAOChggb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690dbcfb51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.poopcdn.com/l7WIU.jpg

104.21.11.28

200 OK

16 kB

URL GET HTTP/2
i.poopcdn.com/l7WIU.jpg
IP
104.21.11.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecti.poopcdn.com
Fingerprint94:CF:0E:89:D9:78:6D:10:14:DF:D3:8A:C2:3E:AE:81:F9:AC:73:03
ValidityThu, 14 Mar 2024 07:45:46 GMT - Wed, 12 Jun 2024 07:45:45 GMT

File type
JPEG image data, baseline, precision 8, 360x640, components 3
Size
16 kB (15995 bytes)
Hash
e02a9c8d19008792591a5ea4662bf57a
c0320bb94a8badc9923b3a93c1c607070fac86c8
9f9d380133043abd0f5e4f0388fdf26bca03a23568f4af23f9bb2865ef3f4a71

HTTP Headers

GET /l7WIU.jpg HTTP/1.1
Host: i.poopcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:36 GMT
content-type: image/jpeg
content-length: 15995
etag: "e02a9c8d19008792591a5ea4662bf57a"
last-modified: Thu, 09 May 2024 17:15:43 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TFGoBDxzID490%2FNIMg9qsN2%2FJfwfknsn6fYvceiSQsoUOm7mtx5V%2FjlSC8OuRGpkcEcE45bUMZt9UqgkSE5YplfdQdQNQ8UTFUVyGD5fvj2nffI0JdeJq9CS4JzFdYGM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142690bb96b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

e275260174.05ae41c3fc.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2OTA5OTMyMzYyNzUwNzQzMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIyLjAiLCJ0YWdfaWQiOjEyMzYzNSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjMyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9

45.133.44.52

200 OK

0 B

URL GET HTTP/2
e275260174.05ae41c3fc.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2OTA5OTMyMzYyNzUwNzQzMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIyLjAiLCJ0YWdfaWQiOjEyMzYzNSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjMyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecte275260174.05ae41c3fc.com
Fingerprint91:7A:C9:0C:9C:3B:D5:9C:7E:DC:91:F5:95:96:9C:15:4F:61:37:FE
ValidityMon, 06 May 2024 02:50:55 GMT - Sun, 04 Aug 2024 02:50:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2OTA5OTMyMzYyNzUwNzQzMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIyLjAiLCJ0YWdfaWQiOjEyMzYzNSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjMyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: e275260174.05ae41c3fc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:36 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=123635

157.90.84.242

200 OK

0 B

URL POST HTTP/1.1
fp.metricswpsh.com/fp?tag_id=123635
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=123635 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://poopstream.co/
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Thu, 09 May 2024 19:38:36 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://poopstream.co
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

fp.metricswpsh.com/fp?tag_id=123635

157.90.84.242

200 OK

58 B

URL POST HTTP/1.1
fp.metricswpsh.com/fp?tag_id=123635
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type
JSON text data
Size
58 B (58 bytes)
Hash
87385fcd2a67fc74d2fa67366ba68ea2
a604cdbb1d31ce257e8643eee9219c9c724c200c
9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995

HTTP Headers

POST /fp?tag_id=123635 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1836
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 09 May 2024 19:38:36 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://poopstream.co
Set-Cookie: id=11676155317916449792; Expires=Fri, 09 May 2025 19:38:36 GMT; Secure; SameSite=None
Vary: Origin

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f276d15245c6ec1add5b5814bb8444eb
975c127eec9cc6514f4092ed034df575bcdeacd7
a77526d25e2226cff93318a2e87ab8d03eac1796e44fd997c5428693ddb61bd0

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 May 2024 19:38:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

74.125.131.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://poopstream.co/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:0B-nVtc5fWfQUoj91fai1NLGfwdPgA:GB4yNVybOB9xeCJ2; Expires=Sat, 09-May-2026 19:38:36 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 May 2024 19:38:36 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQy-uw8lq1KB5TgBnK_Zx4n6BKoYNqxl9dcVDx343BQIYJ9UCXvAFh6Dqr3mFkmmUINEjMo2Tg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-ahl5G3V-4BO7uvvANnd_EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nereserv.com/in/dip?site=native-push&wl=1&event_id=1cbd337d-75bd-4c68-a9b1-0c68a5567232&subid=658489781&sid=2205669740&spot_id=435958&created_at=2024-05-09&timezone=0&ver=8.159.0&is_native=1

168.119.25.102

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?site=native-push&wl=1&event_id=1cbd337d-75bd-4c68-a9b1-0c68a5567232&subid=658489781&sid=2205669740&spot_id=435958&created_at=2024-05-09&timezone=0&ver=8.159.0&is_native=1
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=1cbd337d-75bd-4c68-a9b1-0c68a5567232&subid=658489781&sid=2205669740&spot_id=435958&created_at=2024-05-09&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 09 May 2024 19:38:36 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

nereserv.com/in/dip?site=native-push&wl=1&event_id=dab89256-32e3-4df3-a7ab-d0eea6e13f84&subid=1111770629&sid=4293389366&spot_id=435962&created_at=2024-05-09&timezone=0&ver=8.159.0&is_native=1

168.119.25.102

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?site=native-push&wl=1&event_id=dab89256-32e3-4df3-a7ab-d0eea6e13f84&subid=1111770629&sid=4293389366&spot_id=435962&created_at=2024-05-09&timezone=0&ver=8.159.0&is_native=1
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=dab89256-32e3-4df3-a7ab-d0eea6e13f84&subid=1111770629&sid=4293389366&spot_id=435962&created_at=2024-05-09&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 09 May 2024 19:38:36 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

nereserv.com/in/dip?event_id=d5dd6f07-2e54-4b9e-81fa-0a073fc1d0cd&subid=1998643480&spot_id=435964&created_at=2024-05-09&timezone=0&ver=1.141.0

168.119.25.102

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?event_id=d5dd6f07-2e54-4b9e-81fa-0a073fc1d0cd&subid=1998643480&spot_id=435964&created_at=2024-05-09&timezone=0&ver=1.141.0
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?event_id=d5dd6f07-2e54-4b9e-81fa-0a073fc1d0cd&subid=1998643480&spot_id=435964&created_at=2024-05-09&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 09 May 2024 19:38:36 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

e859321004.6423f6c6c4.com/in/multy

157.90.84.246

204 No Content

0 B

URL OPTIONS HTTP/2
e859321004.6423f6c6c4.com/in/multy
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subject6423f6c6c4.com
Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31
ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://poopstream.co/
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 09 May 2024 19:38:36 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

e859321004.6423f6c6c4.com/in/multy

157.90.84.246

204 No Content

0 B

URL OPTIONS HTTP/2
e859321004.6423f6c6c4.com/in/multy
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subject6423f6c6c4.com
Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31
ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://poopstream.co/
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 09 May 2024 19:38:36 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
295c1ab534489dc31c4940823ae306a6
f64846d666665600e9b3191323707b0312ea2103
f71d58c2003e0da135fb8f57ef576b17eebe7916ced184c7bf99f603049eaddb

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 May 2024 19:38:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

poopstream.co/assets/android-icon-192x192.png

104.21.58.50

200 OK

8.8 kB

URL GET HTTP/3
poopstream.co/assets/android-icon-192x192.png
IP
104.21.58.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectpoopstream.co
FingerprintAF:C5:66:C3:4D:AD:E0:89:B3:56:EB:78:34:32:18:02:0E:D0:A8:E9
ValiditySat, 16 Mar 2024 14:11:11 GMT - Fri, 14 Jun 2024 14:11:10 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
8.8 kB (8773 bytes)
Hash
691c2ec0a302c101ed29b8227ecabc32
067a6233c6562c9d4c2ff9b70dca0c630b75c54a
b5f5bf0938cc167d5165ffce1fe22450323195440856af5370b4327daf0b9419

HTTP Headers

GET /assets/android-icon-192x192.png HTTP/1.1
Host: poopstream.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Cookie: _ga_JBYNTZ3LB5=GS1.1.1715283515.1.0.1715283515.0.0.0; _ga=GA1.1.1510458977.1715283516
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:38:36 GMT
content-type: image/png
content-length: 8773
last-modified: Mon, 06 May 2024 17:30:04 GMT
etag: "6639139c-2245"
expires: Sat, 08 Jun 2024 06:42:04 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 46592
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znmkNKnWsNpwBeuDzRbaw4rON0xG9dGoNVrP3YjRpNUdJsKhzGY0wI5lzaezxPx4OKWChIxfQJKzDVBsuYDuCq92sSRuzhYvawB2uJqNQsLbDk7Vz8ge4lyA%2B1WfMmLT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8814269c8aae568e-OSL
alt-svc: h3=":443"; ma=86400

accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQy-uw8lq1KB5TgBnK_Zx4n6BKoYNqxl9dcVDx343BQIYJ9UCXvAFh6Dqr3mFkmmUINEjMo2Tg

74.125.131.84

302 Found

425 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQy-uw8lq1KB5TgBnK_Zx4n6BKoYNqxl9dcVDx343BQIYJ9UCXvAFh6Dqr3mFkmmUINEjMo2Tg
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://poopstream.co/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A
ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT

File type
HTML document, ASCII text, with very long lines (404)
Size
425 B (425 bytes)
Hash
4c7c44bd81a0e0e85c6f3a57b75ab4e8
b2cff8eaa8730c0710ad9db81248f6f6faccf0f3
7137e53a8ce7df21b2ab2367e0c50bc9762e68adfe6e01809be91a9141df7757

HTTP Headers

GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQy-uw8lq1KB5TgBnK_Zx4n6BKoYNqxl9dcVDx343BQIYJ9UCXvAFh6Dqr3mFkmmUINEjMo2Tg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:TR-pQbtKPteEhdJKgQ4uLuAxpqOe8A:nSRpLje4FWElqFXQ;Path=/;Expires=Sat, 09-May-2026 19:38:36 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 May 2024 19:38:36 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzuw1hF_JHceVGPksJfpfcDOYN0kbINlMtp32x_lsqO_hXcE4VS8MEJd0UnYky72dRhwUkhEw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S470001698%3A1715283516933537&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-jbprU6mx9f9DEs4Z8qIKqA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

e9b729472c.39268ea911.com/94a773ec0ce10439eaff9dd642e1fefb.js

45.133.44.52

200 OK

111 kB

URL GET HTTP/2
e9b729472c.39268ea911.com/94a773ec0ce10439eaff9dd642e1fefb.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecte9b729472c.39268ea911.com
FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8
ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT

File type
gzip compressed data, from Unix
Size
111 kB (111161 bytes)
Hash
7e8fca8eb9cbe1d37169131453338354
7bcab636ef743390b59f1757a7a12bf726229cb7
9820fec5c837ecfe28a885f9b3c1167f1d7cf22a8cca9b8fdeb0358d5368e02b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /94a773ec0ce10439eaff9dd642e1fefb.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:36 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Thu, 09 May 2024 19:43:36 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

e859321004.6423f6c6c4.com/in/multy

157.90.84.246

204 No Content

5.9 kB

URL OPTIONS HTTP/2
e859321004.6423f6c6c4.com/in/multy
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subject6423f6c6c4.com
Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31
ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT

File type
JSON text data
Size
5.9 kB (5886 bytes)
Hash
eaaee83567aca712af26577cc85ca574
30e94889568867b0a420a86507eea9a265796d4f
82eea3ccef901dc9afc38da40f001f5d61052239b167af438a3032f2275df4cf

HTTP Headers

POST /in/multy HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1828
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 May 2024 19:38:37 GMT
content-type: application/json
content-length: 5886
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

e859321004.6423f6c6c4.com/in/multy

157.90.84.246

204 No Content

5.7 kB

URL OPTIONS HTTP/2
e859321004.6423f6c6c4.com/in/multy
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subject6423f6c6c4.com
Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31
ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT

File type
JSON text data
Size
5.7 kB (5729 bytes)
Hash
95654d3a57a248eac0d456f6c491c5fa
59856a809a60532c27ea79de55501d7ffdac3f9e
9096a238d4cf293b835b1d1b1872ccf14af1ab1cc974f428c42f34a7e615c67d

HTTP Headers

POST /in/multy HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1829
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 May 2024 19:38:37 GMT
content-type: application/json
content-length: 5729
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

nereserv.com/in/dip?event_id=d5dd6f07-2e54-4b9e-81fa-0a073fc1d0cd&subid=1998643480&spot_id=435964&created_at=2024-05-09&timezone=0&ver=1.141.0

168.119.25.102

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?event_id=d5dd6f07-2e54-4b9e-81fa-0a073fc1d0cd&subid=1998643480&spot_id=435964&created_at=2024-05-09&timezone=0&ver=1.141.0
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?event_id=d5dd6f07-2e54-4b9e-81fa-0a073fc1d0cd&subid=1998643480&spot_id=435964&created_at=2024-05-09&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 09 May 2024 19:38:37 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

157.90.84.246

200 OK

0 B

URL GET HTTP/2
e859321004.6423f6c6c4.com/in/show/?tag_ab=b&site_id=31435958&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoopstream.co%2F&refdom=poopstream.co&auction_time=1715283516&subid=658489781&sid=2205669740&tcid=0&ver=8.159.0&ver_c=&spot_id=435958&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=adult&user_fp=10525439425521361963&score=70.0072827168665&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D658489781%26spot_id%3D435958%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D658489781%26spot_id%3D435958%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&icons=NJGvDQ03E9Upr1RzjUuBc9NC0ZW6KU8o9DgcQl8FXpgNrSdwMyqoJV9ZC4kVr_zXhjk34dFhJhqjvaLRViExrYkt72VPGfHtp9EfP-E4ETTJkDzIPWSTpz0JBHC7375MSy67o_dyz35u5b8Re2EEnh7UvzwN55YnKfrKPU6jGdDUAIYzaQ&ext_cid=0&px_id=435958&min_cpm=0.04207495697707217&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=7761141653383497227&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.014679952082023733&cpm=0&verify_hash=97891af5acdb01a9dc6046a3c451a808&is_native=4&real_bid=0.00040675633121505883&original_bid_usd=0.0011658249999999999&original_bid=0.0011658249999999999&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0011658249999999999&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000001165825&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=97fdbf60-5fbf-45be-8dbb-e1e6e8a3e5ce&prev_step_diff=761
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subject6423f6c6c4.com
Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31
ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=b&site_id=31435958&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoopstream.co%2F&refdom=poopstream.co&auction_time=1715283516&subid=658489781&sid=2205669740&tcid=0&ver=8.159.0&ver_c=&spot_id=435958&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=adult&user_fp=10525439425521361963&score=70.0072827168665&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D658489781%26spot_id%3D435958%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D658489781%26spot_id%3D435958%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&icons=NJGvDQ03E9Upr1RzjUuBc9NC0ZW6KU8o9DgcQl8FXpgNrSdwMyqoJV9ZC4kVr_zXhjk34dFhJhqjvaLRViExrYkt72VPGfHtp9EfP-E4ETTJkDzIPWSTpz0JBHC7375MSy67o_dyz35u5b8Re2EEnh7UvzwN55YnKfrKPU6jGdDUAIYzaQ&ext_cid=0&px_id=435958&min_cpm=0.04207495697707217&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=7761141653383497227&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.014679952082023733&cpm=0&verify_hash=97891af5acdb01a9dc6046a3c451a808&is_native=4&real_bid=0.00040675633121505883&original_bid_usd=0.0011658249999999999&original_bid=0.0011658249999999999&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0011658249999999999&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000001165825&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=97fdbf60-5fbf-45be-8dbb-e1e6e8a3e5ce&prev_step_diff=761 HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 May 2024 19:38:37 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

e859321004.6423f6c6c4.com/in/show/?tag_ab=b&site_id=31435958&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoopstream.co%2F&refdom=poopstream.co&auction_time=1715283516&subid=658489781&sid=2205669740&tcid=0&ver=8.159.0&ver_c=&spot_id=435958&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=adult&user_fp=10525439425521361963&score=70.0072827168665&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D658489781%26spot_id%3D435958%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DCqZatlAcIlr4ZrDZ0q_CFpV_Jbpe1CkMF1teq30Es0xsHFaATwjU7jWSGzHcH97YMGGUZtFYSt_KH8mOKEaLgy40xSll9rNoaOKSy5hiSntJO2ImjyC359UOvYajyIcCK-M2h-YB8hB_nTIkJJy4PG2FcvC8gydj2rHaAI-tuD5WHHgthc8-5rX2WCfM3MXwZzo_-xb005-6ukkJNmOzfD96_jYM545rvWe5B6dBONVL_VXhQdxRHoUUXw2vnqlHzRuFjdX_mUE12Bum8f5oDL-CieDZSg2qM5JhVEKyEW6Dpl1oLGQw4RZKu7Li2G5RR_85jYawZbv9Z9F41sU--fT2OPFuNbVy28BBZWQVnZZQbhuLYF-akCooIGrEB2Hiyc9j7BWsSkisurrqTSv7j0A8E6-3cUo__M90-jLRXx-ebeR7Qf94V5Sht8M8qBQg2BeRMdm40z0w7UFuMRae7SZbw-6cuBrk1UEaUttgqNpIe_A64MvukoFsY0B2gNOMTC-9IGmxthNQ4PWF8G2qdrvEzVAGx-4i7hPeDIOkA8XCbuA8QNNUS8tg2vQzEuUmLTzSzeSe8ARfmc4IvIehfLn7x-ykFRJN1IVUmmSA8ixaybJgLS5_x-qagMTW-0djc-zi5KGwiX4uU9vjZ_SNbe0k0Fdp5fEvZ0jaWEhA3ww5napx5s3akZ1GeAbGiSovEaRKKPmn0yMuveXMXYSsNHNLbPYxMb8Qx9RplTUnrAytzZdGkWKA8XDWz5nI2KFYfSYRfsDbkIE5_Utr-VI99aeBgCMqDOxzY-p2zE1JFnNTILaSrZqDNYxtqGKCh6fqqXfnRJ0W4jg531AzH2pfd5JIrDNsu6A_MgOgSYtsmS7_IFm2JosBDei9e4oJJFEM-Kk5U0us7hi8tLtS4TZKT-rrpCIi5kEa2H3NrOvt0o4nSSs3XfUQ8HoAT6mIeY1lL2QKXzIiSCxZ6ZVkCNylJWTDttNABk-eJazIYkoHvzZ7-xp8HNuGuAWsImfm2-mSu3agTLMlRdg9p-rE4qLtysgJ-iKkzmqYZE7AWO68v5jZVxx_Q8ceLwBIzp9oMHCcFQUEXwAk0tC3r6ahGRX1mpRcUqqubaBiFpbiEVHFIcvPLCfPnt0huMY-Dfb0X86Z0D8mCouUf94mcZkvA4-QtWW4uMQX7vBLIjP2s_ajIT7OQN0yQoy7A6htC1jP3tV7OkBat63G-Re_r7b68cf5MKFClzrxlFBNE0H6hjNS_0J5anCNo8tHpyZkhYCPRSrlVTSS7Ez-wGhpify9rX15QkWagxSb87wKJa8AxiRJ4SfRnW9slw%26bid%3D0.024934347133183776&icons=LCqHQhtOL0d4A6vV6B2WxVEdn-S6mSPuqxHeBD19evwh1QUVmS35TL_q4Tv6S0PypCWGu8EiNpkf1sOyU5LbtNJVULCgYD0OokO1Ya8otymxIKdQ54oSyr8M4H7eflnaBg72R4QFQq_xWuM3vXubAo0zu36eDEX2qIIuzhK-Yd4sSHx7BrpTiryypJSoHpvxSbWeEphqAQt1gVkJjIcPE3xJZuMs7vLPD71nWJm9_9MbEGGjPFo_TQOM1aqqTWWKh_gcCE-SrCm2KpWfMyKG6m805jdwxzLgyX6HtYK0cNMJipr30IckOgotM5tDwjzSk9J6VO6xRF2oooQXcBqj5SOTfzxgVBr0NXPRm-N7aHjT1PTyE_lbxTqu5wkTIpGQS27Yx12bF1bfQCoZdqPh54oSIFo9TUfbGstWIV3NEox5gsTsfkMmuX23vMbp3oL7hRYXfXR05IBP7LWpOJ6jyf19-dUAEAnz_6iRlaNjai8gZJAufVbm4CLvgOljDqA73PMboHze3Ep7zsKCZWDYTjMOjSK_ZeiAnWn4vsXVgZnTikLOudSqaJvOUSCD9lvL8FA7o5JNnrNyw8U-F9_cJocClzzMSjyi40aNVEMKXVqRCUIddRne8Jm2ieIu7f2S-30yMCgH8qlimjyusWnKch5CgLahopC0J_mNe3OxwT4x8ryWghrZhzuLJokILu_izARfN1PPXITY3R1AR1Ipo38cuQz4vcOc9S3dWlbFPrdH0YDUiK4GEdVe3aMENEDdC9ScEdXzuu1c9ZF25IuqqihKhW16QF4kYX4MAzub7nV4sz2GU0OoqwVfcfDRqpiB_Nq0km2A5Ah2dOGcXrBjQviZYyuXAWW9t3FUPDrTKaddaksK3nWjhk8WstjnUfiYETOjI8EAorplPDImq4en7gsvVfBNweWhf8uNWLb7yN7qZc3Zg9gxOvE125QNh21iAZQby5OE0saKndKoPheCtn7ivhPCAB8T6jWyfqA_HyzCDWmsUGCh9gQL3znfpZ2EgrXufu__CrgjP44hRwhVsIDOjNDJCwZsZzZfxjaWvpGlX2O0tTurrAVLd5cg0nK3xI__HfjB9BW3XLy8v0nYcSJQoTe3RZqxVoJgxrGutKUAlVP1HnEX_Ww3O8HC7evZDdHs94MWzPRSFpiKvKPz-AS_ATtWmvP2VQ82QILgLK7Quxpwpsv3LZMhQmtKx6xJ1VpaJsxNFpnPGDtO88Uadv7BHJtkVh0Dd0zY8iD7c_rqDhtVL2dZUrxK-YgZmOLc0EAbftuogavvHL016K7ciC2pLL28MprNBqcQNFyVhnkcs1PRKWNtB4A&ext_cid=224906&px_id=73435958&min_cpm=0.0013840884963975627&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=7761141653383497227&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03144383035898218&cpm=0.024934347133183776&verify_hash=1b6b5261a1f03b4bd2bfd8ef09afcfda&is_native=1&real_bid=0.024577786249774435&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=5,33,98,130,4,90&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1715456316&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.02&cpa=e25911e0-c56f-4ac3-bf40-46cecc1f5fc3&prev_step_diff=761

157.90.84.246

200 OK

0 B

URL GET HTTP/2
e859321004.6423f6c6c4.com/in/show/?tag_ab=b&site_id=31435958&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoopstream.co%2F&refdom=poopstream.co&auction_time=1715283516&subid=658489781&sid=2205669740&tcid=0&ver=8.159.0&ver_c=&spot_id=435958&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=adult&user_fp=10525439425521361963&score=70.0072827168665&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D658489781%26spot_id%3D435958%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DCqZatlAcIlr4ZrDZ0q_CFpV_Jbpe1CkMF1teq30Es0xsHFaATwjU7jWSGzHcH97YMGGUZtFYSt_KH8mOKEaLgy40xSll9rNoaOKSy5hiSntJO2ImjyC359UOvYajyIcCK-M2h-YB8hB_nTIkJJy4PG2FcvC8gydj2rHaAI-tuD5WHHgthc8-5rX2WCfM3MXwZzo_-xb005-6ukkJNmOzfD96_jYM545rvWe5B6dBONVL_VXhQdxRHoUUXw2vnqlHzRuFjdX_mUE12Bum8f5oDL-CieDZSg2qM5JhVEKyEW6Dpl1oLGQw4RZKu7Li2G5RR_85jYawZbv9Z9F41sU--fT2OPFuNbVy28BBZWQVnZZQbhuLYF-akCooIGrEB2Hiyc9j7BWsSkisurrqTSv7j0A8E6-3cUo__M90-jLRXx-ebeR7Qf94V5Sht8M8qBQg2BeRMdm40z0w7UFuMRae7SZbw-6cuBrk1UEaUttgqNpIe_A64MvukoFsY0B2gNOMTC-9IGmxthNQ4PWF8G2qdrvEzVAGx-4i7hPeDIOkA8XCbuA8QNNUS8tg2vQzEuUmLTzSzeSe8ARfmc4IvIehfLn7x-ykFRJN1IVUmmSA8ixaybJgLS5_x-qagMTW-0djc-zi5KGwiX4uU9vjZ_SNbe0k0Fdp5fEvZ0jaWEhA3ww5napx5s3akZ1GeAbGiSovEaRKKPmn0yMuveXMXYSsNHNLbPYxMb8Qx9RplTUnrAytzZdGkWKA8XDWz5nI2KFYfSYRfsDbkIE5_Utr-VI99aeBgCMqDOxzY-p2zE1JFnNTILaSrZqDNYxtqGKCh6fqqXfnRJ0W4jg531AzH2pfd5JIrDNsu6A_MgOgSYtsmS7_IFm2JosBDei9e4oJJFEM-Kk5U0us7hi8tLtS4TZKT-rrpCIi5kEa2H3NrOvt0o4nSSs3XfUQ8HoAT6mIeY1lL2QKXzIiSCxZ6ZVkCNylJWTDttNABk-eJazIYkoHvzZ7-xp8HNuGuAWsImfm2-mSu3agTLMlRdg9p-rE4qLtysgJ-iKkzmqYZE7AWO68v5jZVxx_Q8ceLwBIzp9oMHCcFQUEXwAk0tC3r6ahGRX1mpRcUqqubaBiFpbiEVHFIcvPLCfPnt0huMY-Dfb0X86Z0D8mCouUf94mcZkvA4-QtWW4uMQX7vBLIjP2s_ajIT7OQN0yQoy7A6htC1jP3tV7OkBat63G-Re_r7b68cf5MKFClzrxlFBNE0H6hjNS_0J5anCNo8tHpyZkhYCPRSrlVTSS7Ez-wGhpify9rX15QkWagxSb87wKJa8AxiRJ4SfRnW9slw%26bid%3D0.024934347133183776&icons=LCqHQhtOL0d4A6vV6B2WxVEdn-S6mSPuqxHeBD19evwh1QUVmS35TL_q4Tv6S0PypCWGu8EiNpkf1sOyU5LbtNJVULCgYD0OokO1Ya8otymxIKdQ54oSyr8M4H7eflnaBg72R4QFQq_xWuM3vXubAo0zu36eDEX2qIIuzhK-Yd4sSHx7BrpTiryypJSoHpvxSbWeEphqAQt1gVkJjIcPE3xJZuMs7vLPD71nWJm9_9MbEGGjPFo_TQOM1aqqTWWKh_gcCE-SrCm2KpWfMyKG6m805jdwxzLgyX6HtYK0cNMJipr30IckOgotM5tDwjzSk9J6VO6xRF2oooQXcBqj5SOTfzxgVBr0NXPRm-N7aHjT1PTyE_lbxTqu5wkTIpGQS27Yx12bF1bfQCoZdqPh54oSIFo9TUfbGstWIV3NEox5gsTsfkMmuX23vMbp3oL7hRYXfXR05IBP7LWpOJ6jyf19-dUAEAnz_6iRlaNjai8gZJAufVbm4CLvgOljDqA73PMboHze3Ep7zsKCZWDYTjMOjSK_ZeiAnWn4vsXVgZnTikLOudSqaJvOUSCD9lvL8FA7o5JNnrNyw8U-F9_cJocClzzMSjyi40aNVEMKXVqRCUIddRne8Jm2ieIu7f2S-30yMCgH8qlimjyusWnKch5CgLahopC0J_mNe3OxwT4x8ryWghrZhzuLJokILu_izARfN1PPXITY3R1AR1Ipo38cuQz4vcOc9S3dWlbFPrdH0YDUiK4GEdVe3aMENEDdC9ScEdXzuu1c9ZF25IuqqihKhW16QF4kYX4MAzub7nV4sz2GU0OoqwVfcfDRqpiB_Nq0km2A5Ah2dOGcXrBjQviZYyuXAWW9t3FUPDrTKaddaksK3nWjhk8WstjnUfiYETOjI8EAorplPDImq4en7gsvVfBNweWhf8uNWLb7yN7qZc3Zg9gxOvE125QNh21iAZQby5OE0saKndKoPheCtn7ivhPCAB8T6jWyfqA_HyzCDWmsUGCh9gQL3znfpZ2EgrXufu__CrgjP44hRwhVsIDOjNDJCwZsZzZfxjaWvpGlX2O0tTurrAVLd5cg0nK3xI__HfjB9BW3XLy8v0nYcSJQoTe3RZqxVoJgxrGutKUAlVP1HnEX_Ww3O8HC7evZDdHs94MWzPRSFpiKvKPz-AS_ATtWmvP2VQ82QILgLK7Quxpwpsv3LZMhQmtKx6xJ1VpaJsxNFpnPGDtO88Uadv7BHJtkVh0Dd0zY8iD7c_rqDhtVL2dZUrxK-YgZmOLc0EAbftuogavvHL016K7ciC2pLL28MprNBqcQNFyVhnkcs1PRKWNtB4A&ext_cid=224906&px_id=73435958&min_cpm=0.0013840884963975627&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=7761141653383497227&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03144383035898218&cpm=0.024934347133183776&verify_hash=1b6b5261a1f03b4bd2bfd8ef09afcfda&is_native=1&real_bid=0.024577786249774435&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=5,33,98,130,4,90&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1715456316&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.02&cpa=e25911e0-c56f-4ac3-bf40-46cecc1f5fc3&prev_step_diff=761
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subject6423f6c6c4.com
Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31
ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=b&site_id=31435958&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoopstream.co%2F&refdom=poopstream.co&auction_time=1715283516&subid=658489781&sid=2205669740&tcid=0&ver=8.159.0&ver_c=&spot_id=435958&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=adult&user_fp=10525439425521361963&score=70.0072827168665&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D658489781%26spot_id%3D435958%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DCqZatlAcIlr4ZrDZ0q_CFpV_Jbpe1CkMF1teq30Es0xsHFaATwjU7jWSGzHcH97YMGGUZtFYSt_KH8mOKEaLgy40xSll9rNoaOKSy5hiSntJO2ImjyC359UOvYajyIcCK-M2h-YB8hB_nTIkJJy4PG2FcvC8gydj2rHaAI-tuD5WHHgthc8-5rX2WCfM3MXwZzo_-xb005-6ukkJNmOzfD96_jYM545rvWe5B6dBONVL_VXhQdxRHoUUXw2vnqlHzRuFjdX_mUE12Bum8f5oDL-CieDZSg2qM5JhVEKyEW6Dpl1oLGQw4RZKu7Li2G5RR_85jYawZbv9Z9F41sU--fT2OPFuNbVy28BBZWQVnZZQbhuLYF-akCooIGrEB2Hiyc9j7BWsSkisurrqTSv7j0A8E6-3cUo__M90-jLRXx-ebeR7Qf94V5Sht8M8qBQg2BeRMdm40z0w7UFuMRae7SZbw-6cuBrk1UEaUttgqNpIe_A64MvukoFsY0B2gNOMTC-9IGmxthNQ4PWF8G2qdrvEzVAGx-4i7hPeDIOkA8XCbuA8QNNUS8tg2vQzEuUmLTzSzeSe8ARfmc4IvIehfLn7x-ykFRJN1IVUmmSA8ixaybJgLS5_x-qagMTW-0djc-zi5KGwiX4uU9vjZ_SNbe0k0Fdp5fEvZ0jaWEhA3ww5napx5s3akZ1GeAbGiSovEaRKKPmn0yMuveXMXYSsNHNLbPYxMb8Qx9RplTUnrAytzZdGkWKA8XDWz5nI2KFYfSYRfsDbkIE5_Utr-VI99aeBgCMqDOxzY-p2zE1JFnNTILaSrZqDNYxtqGKCh6fqqXfnRJ0W4jg531AzH2pfd5JIrDNsu6A_MgOgSYtsmS7_IFm2JosBDei9e4oJJFEM-Kk5U0us7hi8tLtS4TZKT-rrpCIi5kEa2H3NrOvt0o4nSSs3XfUQ8HoAT6mIeY1lL2QKXzIiSCxZ6ZVkCNylJWTDttNABk-eJazIYkoHvzZ7-xp8HNuGuAWsImfm2-mSu3agTLMlRdg9p-rE4qLtysgJ-iKkzmqYZE7AWO68v5jZVxx_Q8ceLwBIzp9oMHCcFQUEXwAk0tC3r6ahGRX1mpRcUqqubaBiFpbiEVHFIcvPLCfPnt0huMY-Dfb0X86Z0D8mCouUf94mcZkvA4-QtWW4uMQX7vBLIjP2s_ajIT7OQN0yQoy7A6htC1jP3tV7OkBat63G-Re_r7b68cf5MKFClzrxlFBNE0H6hjNS_0J5anCNo8tHpyZkhYCPRSrlVTSS7Ez-wGhpify9rX15QkWagxSb87wKJa8AxiRJ4SfRnW9slw%26bid%3D0.024934347133183776&icons=LCqHQhtOL0d4A6vV6B2WxVEdn-S6mSPuqxHeBD19evwh1QUVmS35TL_q4Tv6S0PypCWGu8EiNpkf1sOyU5LbtNJVULCgYD0OokO1Ya8otymxIKdQ54oSyr8M4H7eflnaBg72R4QFQq_xWuM3vXubAo0zu36eDEX2qIIuzhK-Yd4sSHx7BrpTiryypJSoHpvxSbWeEphqAQt1gVkJjIcPE3xJZuMs7vLPD71nWJm9_9MbEGGjPFo_TQOM1aqqTWWKh_gcCE-SrCm2KpWfMyKG6m805jdwxzLgyX6HtYK0cNMJipr30IckOgotM5tDwjzSk9J6VO6xRF2oooQXcBqj5SOTfzxgVBr0NXPRm-N7aHjT1PTyE_lbxTqu5wkTIpGQS27Yx12bF1bfQCoZdqPh54oSIFo9TUfbGstWIV3NEox5gsTsfkMmuX23vMbp3oL7hRYXfXR05IBP7LWpOJ6jyf19-dUAEAnz_6iRlaNjai8gZJAufVbm4CLvgOljDqA73PMboHze3Ep7zsKCZWDYTjMOjSK_ZeiAnWn4vsXVgZnTikLOudSqaJvOUSCD9lvL8FA7o5JNnrNyw8U-F9_cJocClzzMSjyi40aNVEMKXVqRCUIddRne8Jm2ieIu7f2S-30yMCgH8qlimjyusWnKch5CgLahopC0J_mNe3OxwT4x8ryWghrZhzuLJokILu_izARfN1PPXITY3R1AR1Ipo38cuQz4vcOc9S3dWlbFPrdH0YDUiK4GEdVe3aMENEDdC9ScEdXzuu1c9ZF25IuqqihKhW16QF4kYX4MAzub7nV4sz2GU0OoqwVfcfDRqpiB_Nq0km2A5Ah2dOGcXrBjQviZYyuXAWW9t3FUPDrTKaddaksK3nWjhk8WstjnUfiYETOjI8EAorplPDImq4en7gsvVfBNweWhf8uNWLb7yN7qZc3Zg9gxOvE125QNh21iAZQby5OE0saKndKoPheCtn7ivhPCAB8T6jWyfqA_HyzCDWmsUGCh9gQL3znfpZ2EgrXufu__CrgjP44hRwhVsIDOjNDJCwZsZzZfxjaWvpGlX2O0tTurrAVLd5cg0nK3xI__HfjB9BW3XLy8v0nYcSJQoTe3RZqxVoJgxrGutKUAlVP1HnEX_Ww3O8HC7evZDdHs94MWzPRSFpiKvKPz-AS_ATtWmvP2VQ82QILgLK7Quxpwpsv3LZMhQmtKx6xJ1VpaJsxNFpnPGDtO88Uadv7BHJtkVh0Dd0zY8iD7c_rqDhtVL2dZUrxK-YgZmOLc0EAbftuogavvHL016K7ciC2pLL28MprNBqcQNFyVhnkcs1PRKWNtB4A&ext_cid=224906&px_id=73435958&min_cpm=0.0013840884963975627&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=7761141653383497227&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03144383035898218&cpm=0.024934347133183776&verify_hash=1b6b5261a1f03b4bd2bfd8ef09afcfda&is_native=1&real_bid=0.024577786249774435&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=5,33,98,130,4,90&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1715456316&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.02&cpa=e25911e0-c56f-4ac3-bf40-46cecc1f5fc3&prev_step_diff=761 HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 May 2024 19:38:37 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

157.90.84.246

200 OK

0 B

URL GET HTTP/2
e859321004.6423f6c6c4.com/in/show/?tag_ab=b&site_id=31435962&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoopstream.co%2F&refdom=poopstream.co&auction_time=1715283516&subid=1111770629&sid=4293389366&tcid=0&ver=8.159.0&ver_c=&spot_id=435962&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=adult&user_fp=10525439425521361963&score=77.65308836622397&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1111770629%26spot_id%3D435962%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1111770629%26spot_id%3D435962%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&icons=v-YL9HUNqBKlxkYLK4b0kNaawRgeqdWnd6EXJG3Qn5kpBK95GJwyQKwDmxWjFWl2pg9r_axK02pW1eipMaNrxruaOPxPzSVdvXrl-4sX0HdIuMwjZIBV6QGPXLTvuGu4xJ8G19IGXExTHYxJdOzjrpK89H3w20cK1hRlwPjA9c4NK5Xsdw&ext_cid=0&px_id=435962&min_cpm=0.04207495697707217&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8459451746102997082&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0028770380175983067&cpm=0&verify_hash=773177ef9946a968cf3dc4015344170a&is_native=4&real_bid=7.971779623433249e-05&original_bid_usd=0.0011658249999999999&original_bid=0.0011658249999999999&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,20,108,0,114&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0011658249999999999&hostname=auc-inpage-hz-1-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000011658249999999998&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=ccb7172a-3ca0-46e0-b613-9cff56b569b0&prev_step_diff=905
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subject6423f6c6c4.com
Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31
ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=b&site_id=31435962&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoopstream.co%2F&refdom=poopstream.co&auction_time=1715283516&subid=1111770629&sid=4293389366&tcid=0&ver=8.159.0&ver_c=&spot_id=435962&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=adult&user_fp=10525439425521361963&score=77.65308836622397&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1111770629%26spot_id%3D435962%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1111770629%26spot_id%3D435962%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&icons=v-YL9HUNqBKlxkYLK4b0kNaawRgeqdWnd6EXJG3Qn5kpBK95GJwyQKwDmxWjFWl2pg9r_axK02pW1eipMaNrxruaOPxPzSVdvXrl-4sX0HdIuMwjZIBV6QGPXLTvuGu4xJ8G19IGXExTHYxJdOzjrpK89H3w20cK1hRlwPjA9c4NK5Xsdw&ext_cid=0&px_id=435962&min_cpm=0.04207495697707217&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=8459451746102997082&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0028770380175983067&cpm=0&verify_hash=773177ef9946a968cf3dc4015344170a&is_native=4&real_bid=7.971779623433249e-05&original_bid_usd=0.0011658249999999999&original_bid=0.0011658249999999999&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,20,108,0,114&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0011658249999999999&hostname=auc-inpage-hz-1-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000011658249999999998&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=ccb7172a-3ca0-46e0-b613-9cff56b569b0&prev_step_diff=905 HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 May 2024 19:38:37 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

e859321004.6423f6c6c4.com/in/show/?tag_ab=b&site_id=31435962&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoopstream.co%2F&refdom=poopstream.co&auction_time=1715283516&subid=1111770629&sid=4293389366&tcid=0&ver=8.159.0&ver_c=&spot_id=435962&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=adult&user_fp=10525439425521361963&score=77.65308836622397&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1111770629%26spot_id%3D435962%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DFDIrLaphUBX5yAIdzFQpjfU57lsZIrQYsqZ_8hSUWibcf-s_-7iC5utVhPxtKo_GOgmBWC9EffEcGQP-cWSZ_9NsUHddRnPVrVGcEbST772NUllPUS9tf_KzhVqK00yD0Mz6UpxMQE2l9CItJQIyVi6F56TQvyHRlevfnWNgoDuQgcsapCYUN6n-NaABlcqChK0p5Fijwlf6g-0hHg3cIkASyX0c_Xh97rl14P_Siq28hGOKsqDFwVhXsrwt86cYxRf9p39en7HSNXt0dg90Fd3v9J9tjCedCZpy-0y4voAXuQusPUmUPxbgfLIOA7NXWtX27nX1dlSauE-cHHDRpV-X5aFnYcAdgoyZMDSQ9ZZR-yxd4n_UCCRmkZ-It_l-oMMEMuv_X8RWO5NW0hTXsKan0gBX_vnosz9GedMZcF63Il1gYz8qmvZ1oLj_OrOc4h54j9Ir2njLLhOGeTsJQ2lWHEk5xxpsjHPIikRab01qbM8oa2TcBodnrv75G3EUQ6SUI-JCQk7TFIifjGubpVS0mnT6RjKG1o3DiY0l4WUHCMN4zTWS7kA_I3OJmcjy7C7L3G1CiYHonyIyaEDUp3T6nw1qwhTZi4lY7VDhrxlfBlBbRXanETPmwSUhpUQenR2qgvmAU2Z5zjqHKe3ccsiTH-FgNpZi7kAfmoxENlC_ijtoA0so4GiGVhgUpVnQJOYZvG3GYVISD7K6xgYs0SVgEXT1CObIi37s619w6mRK4c1cLkp4VuxEsjfAzDv3GZ_HIJq8AWl-89UoP_hGgSq1asykctxSRaD8oew60q9lIRNrMakMTXyzJNPyG_xcnnRThnsmERoSt50oEOGAOL-DfSnJcZXUHn5d1PxImPfBcO9Ls6YDi3lZ0PEPIgdNxKR-gLqtstR8jOPldF9B_uRMJfvFab1uNf54R9CpAJ3qsmNYsHMh-uDdpY9zInwLzuu_4MpcFKZWUvheCtmcXYKh6lhXa1pNHqrR97oSRth2nl_e8qAWqPJf84guSmvTbIyYlJqAAcqmDg6ZFw2v6dNA1V-N5VSLoRV4e06YvH6e2rTbHmjv0TzcljFumRpfqN_mROrVCxSHrQrIT73U9OPDNVomDur58ajAIA6GgDEbvLJf_-gCFeR9nhEbTVLLZp2DZvW527YJauzxcaqYSdUrZShgBDEG6-nyjb2vDDF6vt7eDkIqFOfIbJqSsDD_4Ao%26bid%3D0.0319&icons=wpXiOLw0_AANr5FOaq418N4E6Mxxm9tkluxB14fMCB3m4yjlZ3TyrVZnI7SjFK7q_ij03hAhOzSG5q0PjeOoFNiITcqk9dNmO4uDT75dTzxNvy2YysPH23eAyceRJ55u5BN4lFnnZTfd1ErUmmCyvly5n8bOYisdWsQkYSBPSfuV7z2hY_00glBO6fym24_h7faDuYMpbUOcqmb4KMVHM39JSeWDTU6FEG4Pv9IXB9h2auM2vtuLLahdKla7AvrCrktzGtyXiDX6Qmex1DS6ONnmQgtYd-t_F9fVchY1LX9myqcmpDK3EEXpHlUL14yew9w4ZWRlvwcBAvLrKunIG_vdMG077NDCiXUqQDvU35vGefbAbkOWEx4DeCZ3XGzC32h_ZNF3jObiUyzXSOr2Pw6V3thYooGQyG7DXvFaf5Ir04TEC5BtOlJezukm63XJ0K2HYAdkl38TbrjeJVmvoeuZrQauPMavoelMm6qR1GpTyGoBGtf6il3lmvG6fIhBv2Khd47-9wkowy-XraIUGLPhj84FkCoLHYtakckY8jBEW3Cg91GOPzpiSd5pPZKbDKQ2Zeo6o0iiZyWFzq_Y7gpNvaD2xwbfkY73fOLRr2P0MoeVjBpi-THIpemXIKA2OwFuamK-qlq7waHGpMhe41vEdKjtLRVpzd6D1GTx-Qn27S8jmL3N-_184LUMbpBDSMLJtERYtg2eqitLweXmB7QlATuAZA6UNoPKCiU21EEyJjvQHqWfCj1e48xE3eVLJ2WEDM_LbL1WYy56TPJWwPAL93VCQOCHJQTAciuSm75KQJkvi2cXrDPy-hMDPoXsEkk3HSyK93mUgfL6Ppyz0R9uwwQTYL8HMA_kXZXLNQ_A-TnhevEKtSpKB7ZITfOEHfUkOh5AgL7wKWU7TLrBzAh6SinagWAW0r1qjqY7qorsXlm1YMq-WoKHSymTHz3RtnR5RuyKWRkrOkE1LO2lwF_r-cxFpK7Lm-V5K0XAkpUkTj6T6LyEwgX7oLYjtSsjaocxkxL9mAeEWf3x0x0vEhxbwaEHEKCMjxoy4y8KYF7h386MDdBHnGGpGdFg5WmFHJ_NxYgTBEg8FADKIkOSJBOjLYCAqgTC1noXgu4Xem94zghL0Cjk9YQQtEqejswgK7aL-0aJH6qpiKgCSKtWnDwa_luS1BUiB9zc8mtteKMZBxvMpG_g9ZnETwEp6cf_7TR-S-kFPz_93ko7KnfXEv9orTxj-8rTL4W0gIe1OoP69FDWjTY3IBkTQjM8KSwBb_QLeP2yuz2e182zOeI-u5wTX-sgztuHjg&ext_cid=224906&px_id=73435962&min_cpm=0.0013840884963975627&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=8459451746102997082&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03144383035898218&cpm=0.0319&verify_hash=599c49804f0222770f7b16d965de0dc6&is_native=1&real_bid=0.03144383035898218&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=90,5,33,98,130,4&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1715456316&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-1-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&st=0.02&cpa=c663f956-1ed6-4645-8c60-d3caea5852bf&prev_step_diff=905

157.90.84.246

200 OK

0 B

URL GET HTTP/2
e859321004.6423f6c6c4.com/in/show/?tag_ab=b&site_id=31435962&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoopstream.co%2F&refdom=poopstream.co&auction_time=1715283516&subid=1111770629&sid=4293389366&tcid=0&ver=8.159.0&ver_c=&spot_id=435962&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=adult&user_fp=10525439425521361963&score=77.65308836622397&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1111770629%26spot_id%3D435962%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DFDIrLaphUBX5yAIdzFQpjfU57lsZIrQYsqZ_8hSUWibcf-s_-7iC5utVhPxtKo_GOgmBWC9EffEcGQP-cWSZ_9NsUHddRnPVrVGcEbST772NUllPUS9tf_KzhVqK00yD0Mz6UpxMQE2l9CItJQIyVi6F56TQvyHRlevfnWNgoDuQgcsapCYUN6n-NaABlcqChK0p5Fijwlf6g-0hHg3cIkASyX0c_Xh97rl14P_Siq28hGOKsqDFwVhXsrwt86cYxRf9p39en7HSNXt0dg90Fd3v9J9tjCedCZpy-0y4voAXuQusPUmUPxbgfLIOA7NXWtX27nX1dlSauE-cHHDRpV-X5aFnYcAdgoyZMDSQ9ZZR-yxd4n_UCCRmkZ-It_l-oMMEMuv_X8RWO5NW0hTXsKan0gBX_vnosz9GedMZcF63Il1gYz8qmvZ1oLj_OrOc4h54j9Ir2njLLhOGeTsJQ2lWHEk5xxpsjHPIikRab01qbM8oa2TcBodnrv75G3EUQ6SUI-JCQk7TFIifjGubpVS0mnT6RjKG1o3DiY0l4WUHCMN4zTWS7kA_I3OJmcjy7C7L3G1CiYHonyIyaEDUp3T6nw1qwhTZi4lY7VDhrxlfBlBbRXanETPmwSUhpUQenR2qgvmAU2Z5zjqHKe3ccsiTH-FgNpZi7kAfmoxENlC_ijtoA0so4GiGVhgUpVnQJOYZvG3GYVISD7K6xgYs0SVgEXT1CObIi37s619w6mRK4c1cLkp4VuxEsjfAzDv3GZ_HIJq8AWl-89UoP_hGgSq1asykctxSRaD8oew60q9lIRNrMakMTXyzJNPyG_xcnnRThnsmERoSt50oEOGAOL-DfSnJcZXUHn5d1PxImPfBcO9Ls6YDi3lZ0PEPIgdNxKR-gLqtstR8jOPldF9B_uRMJfvFab1uNf54R9CpAJ3qsmNYsHMh-uDdpY9zInwLzuu_4MpcFKZWUvheCtmcXYKh6lhXa1pNHqrR97oSRth2nl_e8qAWqPJf84guSmvTbIyYlJqAAcqmDg6ZFw2v6dNA1V-N5VSLoRV4e06YvH6e2rTbHmjv0TzcljFumRpfqN_mROrVCxSHrQrIT73U9OPDNVomDur58ajAIA6GgDEbvLJf_-gCFeR9nhEbTVLLZp2DZvW527YJauzxcaqYSdUrZShgBDEG6-nyjb2vDDF6vt7eDkIqFOfIbJqSsDD_4Ao%26bid%3D0.0319&icons=wpXiOLw0_AANr5FOaq418N4E6Mxxm9tkluxB14fMCB3m4yjlZ3TyrVZnI7SjFK7q_ij03hAhOzSG5q0PjeOoFNiITcqk9dNmO4uDT75dTzxNvy2YysPH23eAyceRJ55u5BN4lFnnZTfd1ErUmmCyvly5n8bOYisdWsQkYSBPSfuV7z2hY_00glBO6fym24_h7faDuYMpbUOcqmb4KMVHM39JSeWDTU6FEG4Pv9IXB9h2auM2vtuLLahdKla7AvrCrktzGtyXiDX6Qmex1DS6ONnmQgtYd-t_F9fVchY1LX9myqcmpDK3EEXpHlUL14yew9w4ZWRlvwcBAvLrKunIG_vdMG077NDCiXUqQDvU35vGefbAbkOWEx4DeCZ3XGzC32h_ZNF3jObiUyzXSOr2Pw6V3thYooGQyG7DXvFaf5Ir04TEC5BtOlJezukm63XJ0K2HYAdkl38TbrjeJVmvoeuZrQauPMavoelMm6qR1GpTyGoBGtf6il3lmvG6fIhBv2Khd47-9wkowy-XraIUGLPhj84FkCoLHYtakckY8jBEW3Cg91GOPzpiSd5pPZKbDKQ2Zeo6o0iiZyWFzq_Y7gpNvaD2xwbfkY73fOLRr2P0MoeVjBpi-THIpemXIKA2OwFuamK-qlq7waHGpMhe41vEdKjtLRVpzd6D1GTx-Qn27S8jmL3N-_184LUMbpBDSMLJtERYtg2eqitLweXmB7QlATuAZA6UNoPKCiU21EEyJjvQHqWfCj1e48xE3eVLJ2WEDM_LbL1WYy56TPJWwPAL93VCQOCHJQTAciuSm75KQJkvi2cXrDPy-hMDPoXsEkk3HSyK93mUgfL6Ppyz0R9uwwQTYL8HMA_kXZXLNQ_A-TnhevEKtSpKB7ZITfOEHfUkOh5AgL7wKWU7TLrBzAh6SinagWAW0r1qjqY7qorsXlm1YMq-WoKHSymTHz3RtnR5RuyKWRkrOkE1LO2lwF_r-cxFpK7Lm-V5K0XAkpUkTj6T6LyEwgX7oLYjtSsjaocxkxL9mAeEWf3x0x0vEhxbwaEHEKCMjxoy4y8KYF7h386MDdBHnGGpGdFg5WmFHJ_NxYgTBEg8FADKIkOSJBOjLYCAqgTC1noXgu4Xem94zghL0Cjk9YQQtEqejswgK7aL-0aJH6qpiKgCSKtWnDwa_luS1BUiB9zc8mtteKMZBxvMpG_g9ZnETwEp6cf_7TR-S-kFPz_93ko7KnfXEv9orTxj-8rTL4W0gIe1OoP69FDWjTY3IBkTQjM8KSwBb_QLeP2yuz2e182zOeI-u5wTX-sgztuHjg&ext_cid=224906&px_id=73435962&min_cpm=0.0013840884963975627&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=8459451746102997082&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03144383035898218&cpm=0.0319&verify_hash=599c49804f0222770f7b16d965de0dc6&is_native=1&real_bid=0.03144383035898218&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=90,5,33,98,130,4&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1715456316&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-1-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&st=0.02&cpa=c663f956-1ed6-4645-8c60-d3caea5852bf&prev_step_diff=905
IP
157.90.84.246:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subject6423f6c6c4.com
Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31
ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=b&site_id=31435962&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoopstream.co%2F&refdom=poopstream.co&auction_time=1715283516&subid=1111770629&sid=4293389366&tcid=0&ver=8.159.0&ver_c=&spot_id=435962&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=adult&user_fp=10525439425521361963&score=77.65308836622397&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1111770629%26spot_id%3D435962%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoopstream.co%252F%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=333d38b3bc9943d095fc32394c335cca&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DFDIrLaphUBX5yAIdzFQpjfU57lsZIrQYsqZ_8hSUWibcf-s_-7iC5utVhPxtKo_GOgmBWC9EffEcGQP-cWSZ_9NsUHddRnPVrVGcEbST772NUllPUS9tf_KzhVqK00yD0Mz6UpxMQE2l9CItJQIyVi6F56TQvyHRlevfnWNgoDuQgcsapCYUN6n-NaABlcqChK0p5Fijwlf6g-0hHg3cIkASyX0c_Xh97rl14P_Siq28hGOKsqDFwVhXsrwt86cYxRf9p39en7HSNXt0dg90Fd3v9J9tjCedCZpy-0y4voAXuQusPUmUPxbgfLIOA7NXWtX27nX1dlSauE-cHHDRpV-X5aFnYcAdgoyZMDSQ9ZZR-yxd4n_UCCRmkZ-It_l-oMMEMuv_X8RWO5NW0hTXsKan0gBX_vnosz9GedMZcF63Il1gYz8qmvZ1oLj_OrOc4h54j9Ir2njLLhOGeTsJQ2lWHEk5xxpsjHPIikRab01qbM8oa2TcBodnrv75G3EUQ6SUI-JCQk7TFIifjGubpVS0mnT6RjKG1o3DiY0l4WUHCMN4zTWS7kA_I3OJmcjy7C7L3G1CiYHonyIyaEDUp3T6nw1qwhTZi4lY7VDhrxlfBlBbRXanETPmwSUhpUQenR2qgvmAU2Z5zjqHKe3ccsiTH-FgNpZi7kAfmoxENlC_ijtoA0so4GiGVhgUpVnQJOYZvG3GYVISD7K6xgYs0SVgEXT1CObIi37s619w6mRK4c1cLkp4VuxEsjfAzDv3GZ_HIJq8AWl-89UoP_hGgSq1asykctxSRaD8oew60q9lIRNrMakMTXyzJNPyG_xcnnRThnsmERoSt50oEOGAOL-DfSnJcZXUHn5d1PxImPfBcO9Ls6YDi3lZ0PEPIgdNxKR-gLqtstR8jOPldF9B_uRMJfvFab1uNf54R9CpAJ3qsmNYsHMh-uDdpY9zInwLzuu_4MpcFKZWUvheCtmcXYKh6lhXa1pNHqrR97oSRth2nl_e8qAWqPJf84guSmvTbIyYlJqAAcqmDg6ZFw2v6dNA1V-N5VSLoRV4e06YvH6e2rTbHmjv0TzcljFumRpfqN_mROrVCxSHrQrIT73U9OPDNVomDur58ajAIA6GgDEbvLJf_-gCFeR9nhEbTVLLZp2DZvW527YJauzxcaqYSdUrZShgBDEG6-nyjb2vDDF6vt7eDkIqFOfIbJqSsDD_4Ao%26bid%3D0.0319&icons=wpXiOLw0_AANr5FOaq418N4E6Mxxm9tkluxB14fMCB3m4yjlZ3TyrVZnI7SjFK7q_ij03hAhOzSG5q0PjeOoFNiITcqk9dNmO4uDT75dTzxNvy2YysPH23eAyceRJ55u5BN4lFnnZTfd1ErUmmCyvly5n8bOYisdWsQkYSBPSfuV7z2hY_00glBO6fym24_h7faDuYMpbUOcqmb4KMVHM39JSeWDTU6FEG4Pv9IXB9h2auM2vtuLLahdKla7AvrCrktzGtyXiDX6Qmex1DS6ONnmQgtYd-t_F9fVchY1LX9myqcmpDK3EEXpHlUL14yew9w4ZWRlvwcBAvLrKunIG_vdMG077NDCiXUqQDvU35vGefbAbkOWEx4DeCZ3XGzC32h_ZNF3jObiUyzXSOr2Pw6V3thYooGQyG7DXvFaf5Ir04TEC5BtOlJezukm63XJ0K2HYAdkl38TbrjeJVmvoeuZrQauPMavoelMm6qR1GpTyGoBGtf6il3lmvG6fIhBv2Khd47-9wkowy-XraIUGLPhj84FkCoLHYtakckY8jBEW3Cg91GOPzpiSd5pPZKbDKQ2Zeo6o0iiZyWFzq_Y7gpNvaD2xwbfkY73fOLRr2P0MoeVjBpi-THIpemXIKA2OwFuamK-qlq7waHGpMhe41vEdKjtLRVpzd6D1GTx-Qn27S8jmL3N-_184LUMbpBDSMLJtERYtg2eqitLweXmB7QlATuAZA6UNoPKCiU21EEyJjvQHqWfCj1e48xE3eVLJ2WEDM_LbL1WYy56TPJWwPAL93VCQOCHJQTAciuSm75KQJkvi2cXrDPy-hMDPoXsEkk3HSyK93mUgfL6Ppyz0R9uwwQTYL8HMA_kXZXLNQ_A-TnhevEKtSpKB7ZITfOEHfUkOh5AgL7wKWU7TLrBzAh6SinagWAW0r1qjqY7qorsXlm1YMq-WoKHSymTHz3RtnR5RuyKWRkrOkE1LO2lwF_r-cxFpK7Lm-V5K0XAkpUkTj6T6LyEwgX7oLYjtSsjaocxkxL9mAeEWf3x0x0vEhxbwaEHEKCMjxoy4y8KYF7h386MDdBHnGGpGdFg5WmFHJ_NxYgTBEg8FADKIkOSJBOjLYCAqgTC1noXgu4Xem94zghL0Cjk9YQQtEqejswgK7aL-0aJH6qpiKgCSKtWnDwa_luS1BUiB9zc8mtteKMZBxvMpG_g9ZnETwEp6cf_7TR-S-kFPz_93ko7KnfXEv9orTxj-8rTL4W0gIe1OoP69FDWjTY3IBkTQjM8KSwBb_QLeP2yuz2e182zOeI-u5wTX-sgztuHjg&ext_cid=224906&px_id=73435962&min_cpm=0.0013840884963975627&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=8459451746102997082&skin_id=72&vertical_id=4&skin_test=0&from_cache=0&ecpm=0.03144383035898218&cpm=0.0319&verify_hash=599c49804f0222770f7b16d965de0dc6&is_native=1&real_bid=0.03144383035898218&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=90,5,33,98,130,4&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1715456316&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777156%2Fconversions%2F3b69WTpe-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-1-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&st=0.02&cpa=c663f956-1ed6-4645-8c60-d3caea5852bf&prev_step_diff=905 HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 May 2024 19:38:37 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzuw1hF_JHceVGPksJfpfcDOYN0kbINlMtp32x_lsqO_hXcE4VS8MEJd0UnYky72dRhwUkhEw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S470001698%3A1715283516933537&theme=mn&ddm=0

74.125.131.84

403 Forbidden

1.3 kB

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzuw1hF_JHceVGPksJfpfcDOYN0kbINlMtp32x_lsqO_hXcE4VS8MEJd0UnYky72dRhwUkhEw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S470001698%3A1715283516933537&theme=mn&ddm=0
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://poopstream.co/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A
ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT

File type
gzip compressed data, max compression
Size
1.3 kB (1295 bytes)
Hash
78271a48aa2d4e1514335db0b95d0620
26662532f4c26eed5347f1e901343d268faff194
551bb8918d046e4ae4c93bf14804609eb480709d2862eaf850691a064941f954

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzuw1hF_JHceVGPksJfpfcDOYN0kbINlMtp32x_lsqO_hXcE4VS8MEJd0UnYky72dRhwUkhEw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S470001698%3A1715283516933537&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 May 2024 19:38:37 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-yYci0h2Tm7zbx-DyIHehbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=1b676f29-ab77-43a9-9260-8553aabd31ef&prev_step_diff=905

45.133.44.24

200 OK

486 B

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=1b676f29-ab77-43a9-9260-8553aabd31ef&prev_step_diff=905
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=1b676f29-ab77-43a9-9260-8553aabd31ef&prev_step_diff=905 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:37 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Fri, 09 May 2025 19:38:37 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.24

200 OK

1.1 kB

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:37 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Fri, 09 May 2025 19:38:37 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

p.a64x.com/in/tip_shows/?katds_ep=QnSgYe8uXSqHKNHPaBlxUNRqwdDIAYSqmWHh8GzZXKWxymu7kcKLoYi4pW9L93pJyJ8Z4yTHCqwATMG9utjNeRAlNLk3mLSps9_xThbfqM1HvabDWay-PArHtT9Pu0CLm8WAf1p9cFEhf4Syz8L2cUsV9MM1w2oZwIbLRwDntrqxmWjrPU3_gswdu71AlCQp13zqUU9JPEStaEwuJOJ2t0UDQMW_iYh_v2T79g3F1QjVoOE2OdkAAiAa5AXc9e2ZYwGVkQrrlKznD5AEVu7CgBkvuQ4HimiCAohSujpdtRCbgfZKGwWRITWYjwJJwHOC4VvahzpJo9_NdGqTCpKwZ_GgfwAFUnKiiOJ-3OJjuetsFfWPgQpgYluv18y9p3RjPuzoJBBnR1E0zVVeecXMtF2jvhT8hSvyczNNQ7YOQu2yrckSezefzd577szxPdxOnMgnu4SVEHQUBNlvc_BguO5Yn1U9leLW3VYcR61siBAiEPNLcP4b92WXmWrBft_VsdNXk9-DKSrmOO4T4aupkAfUu0RF9N5Yhx6FffYh5WFqwO4e3d5wGXTkLsG2M1HFPLHfW07fzR9b1ET-8U_j9LqnCtTTZzoAC50f3tBXPkvZoRzLWbSGXrrUqlTnOBZMjHgroS4YJmSyddfcJBZiwOwpgdPUizxa1lg9YvwmdzM2jraQgVv47OHL1BRtm5La4404x7k5Wlk3VSSmo-gtlpREIMPCwXJJe67oRCpesCqNsE40AVXnH_jr72JK8p7Jmy6HU9rcs6iLlVWuY_zHs5rmbW8du08cTkdUEo7_CW60LtUxHlJxPKLty5QsGXFGQxKZoA1uNzATvIyk4Y-RIUTmPoR_hBt91tlZjks69W_1f5gnDodM3cchPNZVjQ&bid=0.024934347133183776&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.02&cpa=ecb6cb05-a634-4a45-ba10-36f03cafeca8&prev_step_diff=761

104.21.19.82

302 Found

0 B

URL GET HTTP/2
p.a64x.com/in/tip_shows/?katds_ep=QnSgYe8uXSqHKNHPaBlxUNRqwdDIAYSqmWHh8GzZXKWxymu7kcKLoYi4pW9L93pJyJ8Z4yTHCqwATMG9utjNeRAlNLk3mLSps9_xThbfqM1HvabDWay-PArHtT9Pu0CLm8WAf1p9cFEhf4Syz8L2cUsV9MM1w2oZwIbLRwDntrqxmWjrPU3_gswdu71AlCQp13zqUU9JPEStaEwuJOJ2t0UDQMW_iYh_v2T79g3F1QjVoOE2OdkAAiAa5AXc9e2ZYwGVkQrrlKznD5AEVu7CgBkvuQ4HimiCAohSujpdtRCbgfZKGwWRITWYjwJJwHOC4VvahzpJo9_NdGqTCpKwZ_GgfwAFUnKiiOJ-3OJjuetsFfWPgQpgYluv18y9p3RjPuzoJBBnR1E0zVVeecXMtF2jvhT8hSvyczNNQ7YOQu2yrckSezefzd577szxPdxOnMgnu4SVEHQUBNlvc_BguO5Yn1U9leLW3VYcR61siBAiEPNLcP4b92WXmWrBft_VsdNXk9-DKSrmOO4T4aupkAfUu0RF9N5Yhx6FffYh5WFqwO4e3d5wGXTkLsG2M1HFPLHfW07fzR9b1ET-8U_j9LqnCtTTZzoAC50f3tBXPkvZoRzLWbSGXrrUqlTnOBZMjHgroS4YJmSyddfcJBZiwOwpgdPUizxa1lg9YvwmdzM2jraQgVv47OHL1BRtm5La4404x7k5Wlk3VSSmo-gtlpREIMPCwXJJe67oRCpesCqNsE40AVXnH_jr72JK8p7Jmy6HU9rcs6iLlVWuY_zHs5rmbW8du08cTkdUEo7_CW60LtUxHlJxPKLty5QsGXFGQxKZoA1uNzATvIyk4Y-RIUTmPoR_hBt91tlZjks69W_1f5gnDodM3cchPNZVjQ&bid=0.024934347133183776&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.02&cpa=ecb6cb05-a634-4a45-ba10-36f03cafeca8&prev_step_diff=761
IP
104.21.19.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerGoogle Trust Services LLC
Subjecta64x.com
Fingerprint86:FD:2B:DD:CC:BD:8D:ED:C0:8D:41:81:C1:48:2D:45:D6:4F:67:88
ValidityTue, 19 Mar 2024 14:58:28 GMT - Mon, 17 Jun 2024 14:58:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/tip_shows/?katds_ep=QnSgYe8uXSqHKNHPaBlxUNRqwdDIAYSqmWHh8GzZXKWxymu7kcKLoYi4pW9L93pJyJ8Z4yTHCqwATMG9utjNeRAlNLk3mLSps9_xThbfqM1HvabDWay-PArHtT9Pu0CLm8WAf1p9cFEhf4Syz8L2cUsV9MM1w2oZwIbLRwDntrqxmWjrPU3_gswdu71AlCQp13zqUU9JPEStaEwuJOJ2t0UDQMW_iYh_v2T79g3F1QjVoOE2OdkAAiAa5AXc9e2ZYwGVkQrrlKznD5AEVu7CgBkvuQ4HimiCAohSujpdtRCbgfZKGwWRITWYjwJJwHOC4VvahzpJo9_NdGqTCpKwZ_GgfwAFUnKiiOJ-3OJjuetsFfWPgQpgYluv18y9p3RjPuzoJBBnR1E0zVVeecXMtF2jvhT8hSvyczNNQ7YOQu2yrckSezefzd577szxPdxOnMgnu4SVEHQUBNlvc_BguO5Yn1U9leLW3VYcR61siBAiEPNLcP4b92WXmWrBft_VsdNXk9-DKSrmOO4T4aupkAfUu0RF9N5Yhx6FffYh5WFqwO4e3d5wGXTkLsG2M1HFPLHfW07fzR9b1ET-8U_j9LqnCtTTZzoAC50f3tBXPkvZoRzLWbSGXrrUqlTnOBZMjHgroS4YJmSyddfcJBZiwOwpgdPUizxa1lg9YvwmdzM2jraQgVv47OHL1BRtm5La4404x7k5Wlk3VSSmo-gtlpREIMPCwXJJe67oRCpesCqNsE40AVXnH_jr72JK8p7Jmy6HU9rcs6iLlVWuY_zHs5rmbW8du08cTkdUEo7_CW60LtUxHlJxPKLty5QsGXFGQxKZoA1uNzATvIyk4Y-RIUTmPoR_hBt91tlZjks69W_1f5gnDodM3cchPNZVjQ&bid=0.024934347133183776&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&st=0.02&cpa=ecb6cb05-a634-4a45-ba10-36f03cafeca8&prev_step_diff=761 HTTP/1.1
Host: p.a64x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 09 May 2024 19:38:37 GMT
content-type: application/json
content-length: 0
location: https://imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ih0Ne9YVg4gnFszo9D2a64XevaAMH2Vn%2B4EyW5LoijKMXlrcMzYQ%2FwJXCCB%2FDXiy4SZykCXlvpZB1zTePa57su7rF0KlNj3xasHME7%2B4TcH7IXph1HyNnf5CTuar"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8814269fbbc27129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

p.a64x.com/in/tip_shows/?katds_ep=XmbKqZwELPLwDC0hS0KqJqHM-aWzLY3tq_9uFwPM13vcoQzvFh0aEX0G0yn95Wra9L_4PfO4gaI5ZDBLAE4Bu4nKBnBKIUH6mryohkMZpEa8YKQCAzmNMUYUhlP6gDInclGVxmZzeL6UHzlS6WC8Kl8AjrJ6KD8eVxhSvE8nVNR05xDpP6j9ITmGX9BVdD2Ds1G3G_mvr__AOzGB9zU62IcVgaINDcLkqJF9AYrc7WjuBnjI5KaNJBOzmh9JwDSKfkRQZeHjM4r36LKOilflQTKnkSBQ4pYXFPc_qOzUJ3-Q_XHXci8X5-s5FiE_Pf7K3SOubig4copawyag5qllXRUt8unBAOhMw55F2cyivvDhinKph6yJO2d34jKf5zXGpAUdGP9lpbxeaAUSGTV8j3WV0QsYXTKJJJ4vTTX5gq8ZqnbXdILuWQL6JcEOm7P26Ez6CrRKHGTABF9jneuQiS14A8CQUM8QzxY4uPQXdvTO6ZpE5YbNLD9n4QFFPHjLwutK0MRzgE_St4I_682J3VR-1Z7fO23XOPgeSfSGHDV12LUsAK7327KlmKZWEcHdMOmtzGfac70gLiwxRa68x4UWzL4Q9vFHZUUwFc2c7eS7TltzO61IcFzs2my8Z5jMmL03gYSgNXMYbVvP0k64_cMUf6pnl4tDrXxrBm3xFvg2iPk9VLWCj-D3Q4MjGLWxbtKJIfFEVMXypGr5FUw40t2YdkwURXL1C5gthg3wE48a4S5zXu52ArskiPHxrdMn_CNNwj2k5a1XJXvm4KjwLDtgTgkWw_Mcaqc9fw6dFkaLNPjRLLHBWxk_UVDmX0tfEdeKO-VhK2S3kQPM0kn97EcSJFdFidTI0kZ2YiEjaVVhu5ZDh0PJPw1ydkDS&bid=0.0319&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&st=0.02&cpa=7715391e-ece1-48d5-a0a6-d17e18597102&prev_step_diff=905

104.21.19.82

302 Found

0 B

URL GET HTTP/2
p.a64x.com/in/tip_shows/?katds_ep=XmbKqZwELPLwDC0hS0KqJqHM-aWzLY3tq_9uFwPM13vcoQzvFh0aEX0G0yn95Wra9L_4PfO4gaI5ZDBLAE4Bu4nKBnBKIUH6mryohkMZpEa8YKQCAzmNMUYUhlP6gDInclGVxmZzeL6UHzlS6WC8Kl8AjrJ6KD8eVxhSvE8nVNR05xDpP6j9ITmGX9BVdD2Ds1G3G_mvr__AOzGB9zU62IcVgaINDcLkqJF9AYrc7WjuBnjI5KaNJBOzmh9JwDSKfkRQZeHjM4r36LKOilflQTKnkSBQ4pYXFPc_qOzUJ3-Q_XHXci8X5-s5FiE_Pf7K3SOubig4copawyag5qllXRUt8unBAOhMw55F2cyivvDhinKph6yJO2d34jKf5zXGpAUdGP9lpbxeaAUSGTV8j3WV0QsYXTKJJJ4vTTX5gq8ZqnbXdILuWQL6JcEOm7P26Ez6CrRKHGTABF9jneuQiS14A8CQUM8QzxY4uPQXdvTO6ZpE5YbNLD9n4QFFPHjLwutK0MRzgE_St4I_682J3VR-1Z7fO23XOPgeSfSGHDV12LUsAK7327KlmKZWEcHdMOmtzGfac70gLiwxRa68x4UWzL4Q9vFHZUUwFc2c7eS7TltzO61IcFzs2my8Z5jMmL03gYSgNXMYbVvP0k64_cMUf6pnl4tDrXxrBm3xFvg2iPk9VLWCj-D3Q4MjGLWxbtKJIfFEVMXypGr5FUw40t2YdkwURXL1C5gthg3wE48a4S5zXu52ArskiPHxrdMn_CNNwj2k5a1XJXvm4KjwLDtgTgkWw_Mcaqc9fw6dFkaLNPjRLLHBWxk_UVDmX0tfEdeKO-VhK2S3kQPM0kn97EcSJFdFidTI0kZ2YiEjaVVhu5ZDh0PJPw1ydkDS&bid=0.0319&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&st=0.02&cpa=7715391e-ece1-48d5-a0a6-d17e18597102&prev_step_diff=905
IP
104.21.19.82:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerGoogle Trust Services LLC
Subjecta64x.com
Fingerprint86:FD:2B:DD:CC:BD:8D:ED:C0:8D:41:81:C1:48:2D:45:D6:4F:67:88
ValidityTue, 19 Mar 2024 14:58:28 GMT - Mon, 17 Jun 2024 14:58:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/tip_shows/?katds_ep=XmbKqZwELPLwDC0hS0KqJqHM-aWzLY3tq_9uFwPM13vcoQzvFh0aEX0G0yn95Wra9L_4PfO4gaI5ZDBLAE4Bu4nKBnBKIUH6mryohkMZpEa8YKQCAzmNMUYUhlP6gDInclGVxmZzeL6UHzlS6WC8Kl8AjrJ6KD8eVxhSvE8nVNR05xDpP6j9ITmGX9BVdD2Ds1G3G_mvr__AOzGB9zU62IcVgaINDcLkqJF9AYrc7WjuBnjI5KaNJBOzmh9JwDSKfkRQZeHjM4r36LKOilflQTKnkSBQ4pYXFPc_qOzUJ3-Q_XHXci8X5-s5FiE_Pf7K3SOubig4copawyag5qllXRUt8unBAOhMw55F2cyivvDhinKph6yJO2d34jKf5zXGpAUdGP9lpbxeaAUSGTV8j3WV0QsYXTKJJJ4vTTX5gq8ZqnbXdILuWQL6JcEOm7P26Ez6CrRKHGTABF9jneuQiS14A8CQUM8QzxY4uPQXdvTO6ZpE5YbNLD9n4QFFPHjLwutK0MRzgE_St4I_682J3VR-1Z7fO23XOPgeSfSGHDV12LUsAK7327KlmKZWEcHdMOmtzGfac70gLiwxRa68x4UWzL4Q9vFHZUUwFc2c7eS7TltzO61IcFzs2my8Z5jMmL03gYSgNXMYbVvP0k64_cMUf6pnl4tDrXxrBm3xFvg2iPk9VLWCj-D3Q4MjGLWxbtKJIfFEVMXypGr5FUw40t2YdkwURXL1C5gthg3wE48a4S5zXu52ArskiPHxrdMn_CNNwj2k5a1XJXvm4KjwLDtgTgkWw_Mcaqc9fw6dFkaLNPjRLLHBWxk_UVDmX0tfEdeKO-VhK2S3kQPM0kn97EcSJFdFidTI0kZ2YiEjaVVhu5ZDh0PJPw1ydkDS&bid=0.0319&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_l-body&st=0.02&cpa=7715391e-ece1-48d5-a0a6-d17e18597102&prev_step_diff=905 HTTP/1.1
Host: p.a64x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 09 May 2024 19:38:37 GMT
content-type: application/json
content-length: 0
location: https://imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xSU7phTpeKBYqzPAv7NhB5jo2t5ee4ZAxaWiXYiN0ohnHAQ1olZXVhzCPxrTRWPd820PDIy99cixW9f7CfI%2F7iFXVkQo8NxQCzRFQpB5rMZ2dVz7SFsbBg3wuZqS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8814269fcbd87129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

imdn.pics/m/p/0/777/777156/conversions/3b69WTpe-minify.jpg

45.133.44.25

200 OK

10 kB

URL GET HTTP/2
imdn.pics/m/p/0/777/777156/conversions/3b69WTpe-minify.jpg
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectimdn.pics
Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5
ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 360x240, components 3
Size
10 kB (10147 bytes)
Hash
d27321438be78f72c18f84cecb85c11e
31084685ba871245f90f4ac23949bc4aa37ce39b
d08796c038822a8e5b0b8f249dda868ce114459c911091b0969acf32df501b98

HTTP Headers

GET /m/p/0/777/777156/conversions/3b69WTpe-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:37 GMT
content-type: image/jpeg
content-length: 10147
server: nginx
last-modified: Tue, 09 Apr 2024 19:44:54 GMT
etag: "66159ab6-27a3"
x-request-id: a42fb51f65ac1ae8733899620e4ac07b
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

poopstream.co/assets/jquery.main.js

104.21.58.50

200 OK

12 kB

URL GET HTTP/3
poopstream.co/assets/jquery.main.js
IP
104.21.58.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectpoopstream.co
FingerprintAF:C5:66:C3:4D:AD:E0:89:B3:56:EB:78:34:32:18:02:0E:D0:A8:E9
ValiditySat, 16 Mar 2024 14:11:11 GMT - Fri, 14 Jun 2024 14:11:10 GMT

File type
gzip compressed data, from Unix
Size
12 kB (11965 bytes)
Hash
ce127785ca6824e0a950018b1207271f
1902410ca1fa69f9f13abafac0439517d8fec161
c4ec903cf740f8fc602b85faeaf69621be8b9484791035082c45f0ecc868a86f

HTTP Headers

GET /assets/jquery.main.js HTTP/1.1
Host: poopstream.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: application/javascript
last-modified: Mon, 06 May 2024 06:53:25 GMT
vary: Accept-Encoding
etag: W/"66387e65-1afe"
expires: Fri, 10 May 2024 07:38:35 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lVoeFvvGSEobBKj2keJicSwFtUxHCQU5Fwikfqg532KgJzt1pOou6KBCLyPPvQyf%2B028zFQvPDjbS7CevpytS4WmMGEqpBEAO%2B%2BqCIMj6GK%2BNKB6MSECqPIChwFStPkx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881426904d57568e-OSL
alt-svc: h3=":443"; ma=86400

imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg

45.133.44.25

200 OK

3.0 kB

URL GET HTTP/2
imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectimdn.pics
Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5
ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3
Size
3.0 kB (2972 bytes)
Hash
bbd50a964fd18363b647225883bbb908
960383ba8379454c49adc0ed9c0faf681a898d61
58deb046cbfa7bfae5ed5290686bda50b55be2bf0ea62f1577ca135a8fdeb10e

HTTP Headers

GET /m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:37 GMT
content-type: image/jpeg
content-length: 2972
server: nginx
last-modified: Tue, 09 Apr 2024 19:44:46 GMT
etag: "66159aae-b9c"
x-request-id: bcbe6ea9e5034af8477860eea5b5ead2
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg

45.133.44.25

200 OK

3.0 kB

URL GET HTTP/2
imdn.pics/m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectimdn.pics
Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5
ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3
Size
3.0 kB (2972 bytes)
Hash
bbd50a964fd18363b647225883bbb908
960383ba8379454c49adc0ed9c0faf681a898d61
58deb046cbfa7bfae5ed5290686bda50b55be2bf0ea62f1577ca135a8fdeb10e

HTTP Headers

GET /m/p/0/777/777155/conversions/R6Fcvd3Z-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:37 GMT
content-type: image/jpeg
content-length: 2972
server: nginx
last-modified: Tue, 09 Apr 2024 19:44:46 GMT
etag: "66159aae-b9c"
x-request-id: bcbe6ea9e5034af8477860eea5b5ead2
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

mcpuwpsh.com/get/

94.130.197.240

200 OK

4.6 kB

URL POST HTTP/2
mcpuwpsh.com/get/
IP
94.130.197.240:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92
ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT

File type
JSON text data
Size
4.6 kB (4570 bytes)
Hash
fb5de43fbf2b366e05353721aef6c515
adf217f507f34f68b83eff57ed5f81f4cf08e6c7
05c7cfa8ff3c4beaa6f7b60c8e4c91a2bfe432ab3f3010dcceb034abab7ed555

HTTP Headers

POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poopstream.co/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1061
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.16.0
date: Thu, 09 May 2024 19:38:37 GMT
content-type: application/json
content-length: 4570
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

e9b729472c.39268ea911.com/8d49d19b7765f1a8c2fc9471c8f12409.js

45.133.44.52

200 OK

101 kB

URL GET HTTP/2
e9b729472c.39268ea911.com/8d49d19b7765f1a8c2fc9471c8f12409.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecte9b729472c.39268ea911.com
FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8
ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT

File type

Size
101 kB (100855 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8d49d19b7765f1a8c2fc9471c8f12409.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:36 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 06 May 2024 08:27:28 GMT
etag: W/"66389470-189f7"
content-encoding: gzip
expires: Thu, 09 May 2024 19:43:36 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

e9b729472c.39268ea911.com/c24b4e831b8a6d9c926c8506ce6591f3/123635?version_name=b

45.133.44.52

200 OK

3.3 kB

URL GET HTTP/2
e9b729472c.39268ea911.com/c24b4e831b8a6d9c926c8506ce6591f3/123635?version_name=b
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecte9b729472c.39268ea911.com
FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8
ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3675), with no line terminators
Size
3.3 kB (3259 bytes)
Hash
3a2904095d432474310b3490c34edb67
3dcf978a5a34eacc078dcd4be554c61ad3b31f17
a9d5c7a9002c0815bce51010c005f4680e21efd22b6a18926823933e0493748e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c24b4e831b8a6d9c926c8506ce6591f3/123635?version_name=b HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Thu, 09 May 2024 19:43:35 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

poopstream.co/

104.21.58.50

200 OK

33 kB

URL User Request GET HTTP/2
poopstream.co/
IP
104.21.58.50:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectpoopstream.co
FingerprintAF:C5:66:C3:4D:AD:E0:89:B3:56:EB:78:34:32:18:02:0E:D0:A8:E9
ValiditySat, 16 Mar 2024 14:11:11 GMT - Fri, 14 Jun 2024 14:11:10 GMT

File type
HTML document, ASCII text, with very long lines (6442)
Size
33 kB (33254 bytes)
Hash
b819febea40577b42876832c67d28238
96706cf2dfc53566d0a705faa35000b27d358324
81f8b79409113336b325d11be40cabf2aefb2a5b047ec0197933d927b9e4bead

HTTP Headers

GET / HTTP/1.1
Host: poopstream.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=1200
cf-cache-status: HIT
age: 6263
last-modified: Thu, 09 May 2024 17:54:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJalkfffKQAvtM6OskHnSkaKrbFJOCiPJgYV%2BIEk38XH1TmFEwEAIob7ODzP8AcdcTnbwvHrGhDtQTS0kFNxOChnhI6zCfXTBpZc5oq9626PsfcCWF0AM0JDRYWI%2FTtq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8814268e0dcc5697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

poopstream.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.58.50

200 OK

1.2 kB

URL GET HTTP/3
poopstream.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.58.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectpoopstream.co
FingerprintAF:C5:66:C3:4D:AD:E0:89:B3:56:EB:78:34:32:18:02:0E:D0:A8:E9
ValiditySat, 16 Mar 2024 14:11:11 GMT - Fri, 14 Jun 2024 14:11:10 GMT

File type
HTML document, ASCII text, with very long lines (1271), with no line terminators
Size
1.2 kB (1239 bytes)
Hash
40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: poopstream.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 19:38:34 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 09:31:53 GMT
etag: W/"663b4689-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eXJHOaZadwRcAwyzVxB5qAOWbcEh5J5DXAee4iMsHM1czyuFi8thS2cuXxvUC0%2BItDACLFei2dGtK7D7Fhvq1xHA6AfJqZeWvuq8E8p7PugdHDYQriWGBlLlDkf5chM4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881426904d54568e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 11 May 2024 19:38:34 GMT
cache-control: max-age=172800, public
content-encoding: gzip

js.capndr.com/advertising.js

45.133.44.53

200 OK

0 B

URL GET HTTP/2
js.capndr.com/advertising.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06
ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Thu, 09 May 2024 19:43:35 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

104.18.10.207

200 OK

141 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65324)
Size
141 kB (140936 bytes)
Hash
04aca1f4cd3ec3c05a75a879f3be75a3
675fcf28f9fbf37139d3b2c0b676f96f601a4203
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

HTTP Headers

GET /bootstrap/4.1.3/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:34 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 43690edcc058dae0f87f89de576f8be1
cdn-cache: HIT
cf-cache-status: HIT
age: 126230
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 881426907e2d0b06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

poopstream.co/assets/favicon-16x16.png

104.21.58.50

200 OK

1.2 kB

URL GET HTTP/3
poopstream.co/assets/favicon-16x16.png
IP
104.21.58.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectpoopstream.co
FingerprintAF:C5:66:C3:4D:AD:E0:89:B3:56:EB:78:34:32:18:02:0E:D0:A8:E9
ValiditySat, 16 Mar 2024 14:11:11 GMT - Fri, 14 Jun 2024 14:11:10 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.2 kB (1217 bytes)
Hash
627978876e7cba92d353dd3daff23dd1
89da8823adb422e9e16fab4eb48ece909759bc22
18b8292266f4a7bbfe653ca87a391c92724fc0eee0c0419f00354579ac8da513

HTTP Headers

GET /assets/favicon-16x16.png HTTP/1.1
Host: poopstream.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Cookie: _ga_JBYNTZ3LB5=GS1.1.1715283515.1.0.1715283515.0.0.0; _ga=GA1.1.1510458977.1715283516
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 19:38:37 GMT
content-type: image/png
content-length: 1217
last-modified: Mon, 06 May 2024 17:30:04 GMT
etag: "6639139c-4c1"
expires: Sat, 08 Jun 2024 19:38:37 GMT
cache-control: max-age=2592000
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MZ22KWZOBANxJtuZmwucqNV%2FNUjOs0ftOv7fvWVl4Mscg%2Bc%2F15x0gxrBJz%2FNWX83K%2BYWk7FIx4u%2BQdegMKEfaCZUoUVHpYIm43uUIPDGitmX5A%2BtnjZ1HmNsveiaO82c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8814269c8aaf568e-OSL
alt-svc: h3=":443"; ma=86400

poopstream.co/assets/jquery.rotator.js

104.21.58.50

200 OK

3.3 kB

URL GET HTTP/3
poopstream.co/assets/jquery.rotator.js
IP
104.21.58.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectpoopstream.co
FingerprintAF:C5:66:C3:4D:AD:E0:89:B3:56:EB:78:34:32:18:02:0E:D0:A8:E9
ValiditySat, 16 Mar 2024 14:11:11 GMT - Fri, 14 Jun 2024 14:11:10 GMT

File type
JavaScript source, ASCII text, with very long lines (3660), with no line terminators
Size
3.3 kB (3278 bytes)
Hash
a116bb5a675f3d3b9ae0b4ce02788a7a
76b4ca4c24be218d46105104f19d8130fb1755e0
94264a111037037cc9a5b3d3b567aee76092d2f79e9da83e342dd0284175c548

HTTP Headers

GET /assets/jquery.rotator.js HTTP/1.1
Host: poopstream.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: application/javascript
last-modified: Sun, 05 May 2024 10:31:30 GMT
vary: Accept-Encoding
etag: W/"66376002-cce"
expires: Fri, 10 May 2024 07:38:35 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rpwr1fRT%2FVlFrjFEuM%2F94xbmn4dF1VQ7iFdndxuveKRq048M04Va46g6EXSe0qFWJ467yPhBF0X%2BigfG1NWkLVsEITG6UGK1gWjjCl2vKj8X0Z6oGydbBHYTLxXf5m2i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881426904d55568e-OSL
alt-svc: h3=":443"; ma=86400

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=c0920791-1b8f-4daf-a82e-c400b7d2ca37&prev_step_diff=761

45.133.44.24

200 OK

486 B

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=c0920791-1b8f-4daf-a82e-c400b7d2ca37&prev_step_diff=761
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=c0920791-1b8f-4daf-a82e-c400b7d2ca37&prev_step_diff=761 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:37 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Fri, 09 May 2025 19:38:37 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

storage.multstorage.com/log/count.html

104.21.30.242

200 OK

882 B

URL GET HTTP/2
storage.multstorage.com/log/count.html
IP
104.21.30.242:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerGoogle Trust Services LLC
Subjectmultstorage.com
Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A
ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT

File type
HTML document, ASCII text, with very long lines (919), with no line terminators
Size
882 B (882 bytes)
Hash
053b1fe641da8057571d40ebaf1624ab
09b2648b7d08c84621298f0b939cea5170a65022
6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:36 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 8598cfc72b61d67550992e7cbec81cd8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dUN20BuF5I6cjCEQd7Dv8ADHi914%2FrEga6LYWIEUOX5swjGqPmP17nYniZaSNUfqmIdXBQI1hmh6Ua8XgTg4XRqjzCQpym23Zm28NQQ1%2Fgz%2BdrSkG8piofyofugAuVRzPAMb3nN1kF0R0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142698493d56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

e9b729472c.39268ea911.com/939b87343a3eb6ec5a1c3e8c8c6f7c47.js

45.133.44.52

200 OK

169 kB

URL GET HTTP/2
e9b729472c.39268ea911.com/939b87343a3eb6ec5a1c3e8c8c6f7c47.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjecte9b729472c.39268ea911.com
FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8
ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT

File type

Size
169 kB (168568 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /939b87343a3eb6ec5a1c3e8c8c6f7c47.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:36 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Thu, 09 May 2024 19:43:36 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.10.207

200 OK

51 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:34 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"67176c242e1bdc20603c878dee836df3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 03/18/2024 12:13:14
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 27efb82d338a9a38626e454cf61ff912
cdn-cache: HIT
cf-cache-status: HIT
age: 126230
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 881426908e360b06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

poopstream.co/assets/styles.css

104.21.58.50

200 OK

41 kB

URL GET HTTP/3
poopstream.co/assets/styles.css
IP
104.21.58.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerLet's Encrypt
Subjectpoopstream.co
FingerprintAF:C5:66:C3:4D:AD:E0:89:B3:56:EB:78:34:32:18:02:0E:D0:A8:E9
ValiditySat, 16 Mar 2024 14:11:11 GMT - Fri, 14 Jun 2024 14:11:10 GMT

File type
ASCII text, with very long lines (41056), with no line terminators
Size
41 kB (41056 bytes)
Hash
7a20d72e5f645b1a6a4d1072906c2250
c7136fef92d92cbcb3543de74683b33a9ecd2367
1daf5a9616736d0432d338a39b0fbcb75d4d57c61c60d8e693d728134a1463cf

HTTP Headers

GET /assets/styles.css HTTP/1.1
Host: poopstream.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: text/css
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=50990
etag: W/"6638d38a-c72e"
expires: Fri, 10 May 2024 07:38:35 GMT
last-modified: Mon, 06 May 2024 12:56:42 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bWRtN9KzeoefvLiIaVr%2BKQ9BR%2FQwbT8PqG1UmYlDRqsFOkVhRADQAAuDzPyT2eXrBa6OrmsJDy9U1hbxuEgqa2bL5FuK0YFPanx%2BWLV38Y3ApSPd3n4ByD7WpbtLXGXJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881426901cfd568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

use.fontawesome.com/releases/v5.7.2/css/all.css

172.67.142.245

200 OK

54 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.7.2/css/all.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poopstream.co/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (54456), with no line terminators
Size
54 kB (54456 bytes)
Hash
7b1d7f457d056ace7b230b587b9f3753
4e0b45eedbe0c405f1faff0d5236a9ee0ff2065b
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

HTTP Headers

GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poopstream.co
DNT: 1
Connection: keep-alive
Referer: https://poopstream.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:38:35 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
last-modified: Fri, 22 Sep 2023 01:45:51 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 126231
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZAtTa%2FNDaO0pzRXGY2qGmqpmHgMyQ9XcqgpJj%2BnlGT6hCkZUu1meRJF6rVpno1kafhmqEbtSUfThdj7pIRzCM%2FxIGh9Qh%2Fo4yldZxqOB8gUDtdwxoucsnrT0nEyA92Rkz%2BrfDjH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88142691f87ab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML