Report - dood.cm/f/mqQzD2A4bEb/poop.bar/f/mqQzD2A4bEb

Report Overview

Visited public
2024-09-02 06:03:42
Tags
URL
dood.cm/f/mqQzD2A4bEb/poop.bar/f/mqQzD2A4bEb
Finishing URL
poop.bar/404.php
IP / ASN
104.21.2.36
#13335 CLOUDFLARENET
Title
404 File not found - PoopHD

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-09-02 01:08:08	415 B	105 kB	142.250.74.168
js.capndr.com	316718	2021-08-30	2021-08-30 14:51:01	2024-08-30 20:36:54	410 B	30 kB	45.133.44.52
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2024-09-01 18:21:49	1.7 kB	7.9 kB	74.125.131.84
dood.cm	unknown	unknown	No data	No data	498 B	844 B	172.67.128.171
imgsdn.com	unknown	2024-02-12	2024-02-12 16:14:01	2024-09-01 14:09:20	3.9 kB	1.8 kB	176.9.142.103
na.nawpush.com	38563	2020-12-21	2020-12-23 09:18:12	2024-09-01 05:15:49	448 B	3.6 kB	45.133.44.24
static.bookmsg.com	47495	2020-09-15	2020-11-24 15:56:32	2024-08-31 16:45:14	1.1 kB	2.2 kB	45.133.44.24
storage.multstorage.com	unknown	2023-09-22	2023-09-22 14:56:00	2024-09-01 05:15:56	518 B	1.1 kB	104.21.30.242
imdn.pics	unknown	2023-09-14	2023-09-14 16:55:44	2024-08-31 19:03:59	871 B	6.3 kB	45.133.44.25
e5.o.lencr.org	unknown	2020-06-29	2024-06-07 07:39:25	2024-09-01 18:14:02	326 B	729 B	23.36.77.32
cmpuwps.com	unknown	2024-05-30	2024-05-31 20:13:09	2024-08-30 20:35:57	468 B	4.3 kB	94.130.197.239
track-us.rwtrack.xyz	unknown	2023-11-29	2024-02-19 22:22:51	2024-09-02 03:01:26	1.9 kB	374 B	88.214.195.99
cdn.poop.gold	unknown	2024-01-12	2024-01-25 19:09:43	2024-03-06 17:32:09	9.1 kB	0 B	0.0.0.0
poophd.com	unknown	2023-09-16	2023-09-24 18:31:59	2024-04-13 06:52:18	4.3 kB	530 kB	172.67.132.168
js.wpadmngr.com	25762	2021-06-02	2021-06-02 16:43:46	2024-09-01 17:40:54	810 B	120 kB	45.133.44.52
metrolagu.cam	unknown	2023-03-24	2023-08-23 12:17:15	2024-04-15 11:58:10	388 B	1.8 kB	188.114.96.1
js.wpushsdk.com	36947	2021-05-07	2021-05-07 14:03:12	2024-08-30 18:24:31	1.2 kB	1.1 MB	45.133.44.52
ads-us.rwtrack.xyz	unknown	2023-11-29	2024-06-08 17:01:34	2024-09-02 03:01:26	474 B	0 B	0.0.0.0
poop.bar	unknown	unknown	No data	No data	2.0 kB	46 kB	104.21.10.178
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-01 18:13:08	2.6 kB	7.1 kB	23.36.76.226
e6.o.lencr.org	unknown	2020-06-29	2024-06-07 08:35:09	2024-09-01 18:20:40	1.3 kB	2.9 kB	23.36.77.32
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-09-01 18:12:27	975 B	2.1 kB	142.250.74.131
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22 13:20:32	2024-09-01 05:15:57	1.0 kB	701 B	157.90.84.242
4bb6cef88c.4917493a9d.com	unknown	unknown	No data	No data	20 kB	19 kB	168.119.25.102
p.a64x.com	unknown	2023-07-27	2023-07-27 15:12:45	2024-08-31 19:03:59	1.5 kB	713 B	172.67.185.171
eu.skated.co	unknown	2022-11-28	2023-03-22 11:01:50	2024-08-31 19:14:49	2.2 kB	1.4 kB	5.200.15.240
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-01 18:13:21	3.3 kB	8.9 kB	23.36.76.226
nereserv.com	40015	2020-12-21	2020-12-21 12:07:56	2024-08-31 16:45:13	1.7 kB	960 B	116.202.204.105
b004dc0e97.043213c072.com	unknown	unknown	No data	No data	813 B	343 B	45.133.44.52

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-02	medium	043213c072.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	js.wpushsdk.com/npc/sdk/wpu/npush.m.js	ScriptElement	185 kB	2024-08-29	2024-09-20
Pretty URL js.wpushsdk.com/npc/sdk/wpu/npush.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-29 14:53 Last Seen2024-09-20 20:15 Times Seen138 Hash cf47521aecd972ed892c05ab0220d40a b3529b27821da3eb65843f2c0694f033dbeac314 f9454fa0cf6e276fc0bccfe002602fea464355bc050df44a08f6d1b3a41bd624 Loading...

	js.wpushsdk.com/skins/nmain.m.js	ScriptElement	540 kB	2024-08-29	2024-09-20
Pretty URL js.wpushsdk.com/skins/nmain.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-29 14:53 Last Seen2024-09-20 20:15 Times Seen132 Hash 1c0a42a2f8b353db45dcfa4b18920d1d 9e9d38917c174a139f1f6126cf6d674290a3ae27 8112f6f951f2a376474acb4e268432f06bc7e368457d66f4114bb7727e37a074 Loading...

	metrolagu.cam/adus.js	ScriptElement	1.4 kB	2024-06-11	2024-11-08
Pretty URL metrolagu.cam/adus.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-11 09:11 Last Seen2024-11-08 00:03 Times Seen42 Hash a7336b587f88363c69e976c6a627cd80 370143245c18dd3351333dc17abcbca22bab22b3 a6710b726eb2163741b7afb141586f4155823165469165d7e53a7b72a28b6a4a Loading...

	js.wpadmngr.com/static/adManager.js	ScriptElement	1.7 kB	2024-04-09	2025-05-20
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 16:57 Last Seen2025-05-20 22:05 Times Seen3339 Hash 1e936cad37e18ba5bc2f07acd57447d6 f55969248208bb6871e28b9478761ffb25207c35 e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8 Loading...

	js.wpadmngr.com/static/adManager.m.js	ScriptElement	117 kB	2024-08-21	2024-09-20
Pretty URL js.wpadmngr.com/static/adManager.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 19:04 Last Seen2024-09-20 20:14 Times Seen418 Hash 7b63cd368cc280fd19a6a15a46ff0dee e9337c675f2f07502ed4acf27ad578d81fa30907 cc9188ad86af0804dbccdbff0342240008695828a4eecabe17e4ba0d4f7f20c5 Loading...

	js.capndr.com/popunder-admanager/build.m.js	ScriptElement	103 kB	2024-08-30	2024-09-20
Pretty URL js.capndr.com/popunder-admanager/build.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-30 16:49 Last Seen2024-09-20 20:13 Times Seen56 Hash f6441909b549c7d9de0481d021d4b76d a3850ec5da52fc96478c069c6682a6813ed500a8 a34acbd10bd08dbf97841320e89fb1da964ff37e0cc926695771f8560566c609 Loading...

	storage.multstorage.com/log/count.html	ScriptElement	718 B	2023-09-18	2025-03-01
Pretty URL storage.multstorage.com/log/count.html IP 104.21.30.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-18 17:19 Last Seen2025-03-01 23:33 Times Seen12563 Hash 1f697a0f2411e463adbc1211493fe5a6 93c154152bda427938543b8efbd8d3b594abbac7 08a5735f5232b651af89f552e8d0fb7b21d6605fba48f335318699d80d12703e Loading...

	poop.bar/404.php	ScriptElement	201 B	2024-05-05	2024-12-08
Pretty URL poop.bar/404.php IP 104.21.10.178 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-05 15:19 Last Seen2024-12-08 15:47 Times Seen48 Hash 573c74d46885d7cd92ed478fd65866d1 3195718f62aff1d98a32e2d6715657194a9ecc73 a4f615ddf9a72ad3e1fcd210c0fb7b3d889368b948b5f37e83b0d47ab4b3cf94 Loading...

	www.googletagmanager.com/gtag/js?id=G-RRBBHD087X	ScriptElement	316 kB	2024-09-20	2024-09-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-RRBBHD087X IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-20 19:48 Last Seen2024-09-20 19:48 Times Seen1 Hash 2ea2818c260e74243e46d039ea777271 db73d2f6b34ce880a6d245b3bb45e0410e33f479 dd9e1c4e4764eb02116996b31c24f5be2364049420b4d7213705fa5e4459ca90 Loading...

HTTP Transactions (102)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9af7a8cd532ef5aaf31ca93238520c04
f072b79c778c47733bbd3377e03f716ecdfc14ea
36e32e96e96ff13975dfb765119ad431a8a3bedc9cdd8f16bbe7460664ee177c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "36E32E96E96FF13975DFB765119AD431A8A3BEDC9CDD8F16BBE7460664EE177C"
Last-Modified: Sat, 31 Aug 2024 21:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5178
Expires: Mon, 02 Sep 2024 07:29:33 GMT
Date: Mon, 02 Sep 2024 06:03:15 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
404e3e4520c09fcce1358b1a21f6b171
040aa03460f3d7ec6f75cae0bf5a462a4bb9798d
f6fc34acb6b2d60bb37dd5caf92b0988cdd52927d80d1f5e7bc23b7db9e8209a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F6FC34ACB6B2D60BB37DD5CAF92B0988CDD52927D80D1F5E7BC23B7DB9E8209A"
Last-Modified: Sat, 31 Aug 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3184
Expires: Mon, 02 Sep 2024 06:56:19 GMT
Date: Mon, 02 Sep 2024 06:03:15 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
231aa156f55dd8497dca6a2066312be3
741432c8275492eb38bba5d0841685dc4f864fee
f348affacf8e814c579ff56d592287275dcf79e2f55f1d041921833d730d2349

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F348AFFACF8E814C579FF56D592287275DCF79E2F55F1D041921833D730D2349"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5608
Expires: Mon, 02 Sep 2024 07:36:43 GMT
Date: Mon, 02 Sep 2024 06:03:15 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
4a4558475f4cf98bb3e50c28fa9bb507
cb6f501d6e6530d3862a5185a44b4cb2afdbbd3e
0f9071190d9540a4b9b61adc368010f73de32acfb6e478fcb6188cd42566e491

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0F9071190D9540A4B9B61ADC368010F73DE32ACFB6E478FCB6188CD42566E491"
Last-Modified: Sat, 31 Aug 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4814
Expires: Mon, 02 Sep 2024 07:23:29 GMT
Date: Mon, 02 Sep 2024 06:03:15 GMT
Connection: keep-alive

dood.cm/f/mqQzD2A4bEb/poop.bar/f/mqQzD2A4bEb

172.67.128.171

302 Found

143 B

URL User Request GET HTTP/2
dood.cm/f/mqQzD2A4bEb/poop.bar/f/mqQzD2A4bEb
IP
172.67.128.171:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdood.cm
Fingerprint60:37:A0:11:3C:61:00:63:9F:81:86:6D:C0:B3:EA:F0:A0:29:0B:E7
ValidityMon, 15 Jul 2024 15:14:32 GMT - Sun, 13 Oct 2024 15:14:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
143 B (143 bytes)
Hash
cb7b8f439b04c00f4a2d78160ddfee8d
9aa44b5d68f6359f10de0dcd24ea3e12548d9bd4
12755429beb15d5eb57eafa45b8dba326343dd099bf0552038694c3856e8860e

HTTP Headers

GET /f/mqQzD2A4bEb/poop.bar/f/mqQzD2A4bEb HTTP/1.1
Host: dood.cm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 02 Sep 2024 06:03:15 GMT
content-type: text/html
content-length: 143
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: //poop.bar/f/mqQzD2A4bEb/poop.bar/f/mqQzD2A4bEb
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hcG4OglXArC68oUs29kPnk9zbLXoBZYWcUaMtmR2X40FEiqqHfnSpn8WpxSZEnTw5H3NuCykTvF6uMOcOxkiVHYzrOcOEdhsJLVlEtdJaPiXa%2BPHVh%2FENNTi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bcb4bbfd9ae1c16-OSL
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
50a853e273797d40ef0aa698c6cb8ebd
a51baaff7dfcddf2e1a129534ab9bb4ed92acda3
7d1348f542ac4eac0f9ff29ce7b37a12c8d3e843b6df71f6c7f11ec1b6517d54

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 02 Sep 2024 06:03:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ceb800630daa055a507c759a1775e1c0
92eed1345c541c096f75988a2b4ab1327e1f5082
5f8ae869022f3f587e65a438ecbd0dc6bc83e5ff235c1c33a3b93be15c98bc44

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5F8AE869022F3F587E65A438ECBD0DC6BC83E5FF235C1C33A3B93BE15C98BC44"
Last-Modified: Sat, 31 Aug 2024 02:49:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2427
Expires: Mon, 02 Sep 2024 06:43:43 GMT
Date: Mon, 02 Sep 2024 06:03:16 GMT
Connection: keep-alive

www.googletagmanager.com/gtag/js?id=G-RRBBHD087X

142.250.74.168

200 OK

105 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-RRBBHD087X
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint6F:61:E4:8D:EC:1C:CD:28:E6:08:5A:59:AA:A1:D3:6D:7E:95:B9:28
ValidityMon, 05 Aug 2024 06:37:21 GMT - Mon, 28 Oct 2024 06:37:20 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
105 kB (104777 bytes)
Hash
2ea2818c260e74243e46d039ea777271
db73d2f6b34ce880a6d245b3bb45e0410e33f479
dd9e1c4e4764eb02116996b31c24f5be2364049420b4d7213705fa5e4459ca90

HTTP Headers

GET /gtag/js?id=G-RRBBHD087X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 02 Sep 2024 06:03:16 GMT
expires: Mon, 02 Sep 2024 06:03:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104777
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
50a853e273797d40ef0aa698c6cb8ebd
a51baaff7dfcddf2e1a129534ab9bb4ed92acda3
7d1348f542ac4eac0f9ff29ce7b37a12c8d3e843b6df71f6c7f11ec1b6517d54

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 02 Sep 2024 06:03:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

poophd.com/theme_2/fonts/avertastd-regular-webfont.woff2

172.67.132.168

200 OK

24 kB

URL GET HTTP/3
poophd.com/theme_2/fonts/avertastd-regular-webfont.woff2
IP
172.67.132.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectpoophd.com
Fingerprint03:C3:B4:5A:DE:B8:10:2D:CB:42:AA:EE:50:F6:2E:26:24:C9:88:01
ValidityWed, 07 Aug 2024 08:27:24 GMT - Tue, 05 Nov 2024 08:27:23 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23812, version 1.524
Size
24 kB (23812 bytes)
Hash
eb586e5a1b86dbf1c866e3ed80f9d18e
280ee78d19c017ab9335f769595e5157d3c4a343
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf

HTTP Headers

GET /theme_2/fonts/avertastd-regular-webfont.woff2 HTTP/1.1
Host: poophd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poophd.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: font/woff2
content-length: 23812
last-modified: Fri, 29 Sep 2023 09:10:53 GMT
etag: "6516949d-5d04"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2QOTsl%2BjMIcsy2hjxlPziFKOSBZ62Liv6AJIVt%2BgxQsClTw3VTGz1UKQVZ%2BTnir3FJ9RhIVRJqs%2BIONpIUen5W5gQ3te%2BnepiB7LGa1DFLdWYlrvUmUUZhyoOObA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bcb4bc6bafe56cc-OSL
alt-svc: h3=":443"; ma=86400

poophd.com/theme_2/fonts/avertastd-black-webfont.woff2

172.67.132.168

200 OK

23 kB

URL GET HTTP/3
poophd.com/theme_2/fonts/avertastd-black-webfont.woff2
IP
172.67.132.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectpoophd.com
Fingerprint03:C3:B4:5A:DE:B8:10:2D:CB:42:AA:EE:50:F6:2E:26:24:C9:88:01
ValidityWed, 07 Aug 2024 08:27:24 GMT - Tue, 05 Nov 2024 08:27:23 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22820, version 1.0
Size
23 kB (22820 bytes)
Hash
1e976387cb594982692bdbdffde86f91
9546836a7d80c17d85cdd37a9553852f00af031b
4dc982a61a00481f4c9545f9f2da64098428b4aec96838de3c194fa82373ce1d

HTTP Headers

GET /theme_2/fonts/avertastd-black-webfont.woff2 HTTP/1.1
Host: poophd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poophd.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: font/woff2
content-length: 22820
last-modified: Fri, 29 Sep 2023 09:10:53 GMT
etag: "6516949d-5924"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qZUX4qJ%2BNujxTPzlRPqaZjjzbgZb42zjA7qU54DNDMd46pyQzLkzkCzNc%2BwCt5LCNjilnAkMqPIqJntZ1tc382bBs3EpJSdBswsVLq7yV%2BB%2FWRufM%2Bp9%2F3eVEtLB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bcb4bc6bafc56cc-OSL
alt-svc: h3=":443"; ma=86400

poophd.com/theme_2/fonts/avertastd-bold-webfont.woff2

172.67.132.168

200 OK

24 kB

URL GET HTTP/3
poophd.com/theme_2/fonts/avertastd-bold-webfont.woff2
IP
172.67.132.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectpoophd.com
Fingerprint03:C3:B4:5A:DE:B8:10:2D:CB:42:AA:EE:50:F6:2E:26:24:C9:88:01
ValidityWed, 07 Aug 2024 08:27:24 GMT - Tue, 05 Nov 2024 08:27:23 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23604, version 1.0
Size
24 kB (23604 bytes)
Hash
e9133fd11f14c09a2e4556c395a0ef7d
00fad09605f3342df5c9aeba130156fe19ade8b0
06244cc9cd0c998581b1bf93f5222deee7d2d0b09299190e163961afa973ba91

HTTP Headers

GET /theme_2/fonts/avertastd-bold-webfont.woff2 HTTP/1.1
Host: poophd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poophd.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: font/woff2
content-length: 23604
last-modified: Fri, 29 Sep 2023 09:10:53 GMT
etag: "6516949d-5c34"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pLef%2BeSZLygUC3WeaIcP7camsb6L50ojgPIPDpYqi%2BBQOqzVOJRsh0vz2hQZAzlFgYBtZn4XIdKsYgcFjDbugcdAnE9TvlWUhnBENznbohaop43FDZQGOdsxgyXG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bcb4bc73bb056cc-OSL
alt-svc: h3=":443"; ma=86400

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
53b4c95c73d66a2eeac1c99d1a3cc42d
fe407cc69fcb4b7d63b67e390687ebd184048925
555a4c767f2d3cf42d5c1be8d852c8f43a0695186dbf9f62b3fdc71f2285358e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "555A4C767F2D3CF42D5C1BE8D852C8F43A0695186DBF9F62B3FDC71F2285358E"
Last-Modified: Sat, 31 Aug 2024 02:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5867
Expires: Mon, 02 Sep 2024 07:41:04 GMT
Date: Mon, 02 Sep 2024 06:03:17 GMT
Connection: keep-alive

poop.bar/favicon-16x16.png

104.21.10.178

200 OK

612 B

URL GET HTTP/3
poop.bar/favicon-16x16.png
IP
104.21.10.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectpoop.bar
Fingerprint4B:11:F9:04:78:01:62:D4:0D:81:CD:2E:1B:D5:EC:84:8D:04:10:B8
ValidityTue, 27 Aug 2024 23:57:34 GMT - Mon, 25 Nov 2024 23:57:33 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
612 B (612 bytes)
Hash
ac008ea155d4beee1e93247d7434c77d
f8ea94e94e0cc310202a517a9c445c3d70af564e
283e092dad794fdd9212249389fb2acb6d6846f332413ab2af7bbcced9a4957e

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: poop.bar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/404.php
Cookie: _ga_RRBBHD087X=GS1.1.1725256997.1.0.1725256997.0.0.0; _ga=GA1.1.1634203677.1725256997
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: image/png
content-length: 612
last-modified: Wed, 28 Aug 2024 01:08:47 GMT
etag: "66ce789f-264"
expires: Fri, 27 Sep 2024 12:14:34 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 409723
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aLbMM2D9MmWrQNoNqRhUVC%2FBNTrdr71%2BR%2F68YwBQ533uyNJjpvR2ZHmTPHRe5vhkilTbxDqEXlOu%2BtT4rmclEMvrsMa%2B%2FW6LCYQEbEAe0e7DxGSLuNA7pN6tLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bcb4bcaacc90b4d-OSL
alt-svc: h3=":443"; ma=86400

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
2c0a491c4b150117fa365943be019267
bd16866e816c370f85caca62f1942ca1a44334cb
c617b42438ad5cff7fb78040e988131b2402eb1b3fc75ea793f791e26f9cbcd4

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C617B42438AD5CFF7FB78040E988131B2402EB1B3FC75EA793F791E26F9CBCD4"
Last-Modified: Sat, 31 Aug 2024 02:39:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4581
Expires: Mon, 02 Sep 2024 07:19:38 GMT
Date: Mon, 02 Sep 2024 06:03:17 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
5d08611ae628e5756b17edf488d65a13
1184f8143c3669fafdd952b4f00c3988b59fb7fd
ad4c878f72572043570bbea71b6ff38ccccb7a8d0a29d3b7561bd65cb852f803

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "AD4C878F72572043570BBEA71B6FF38CCCCB7A8D0A29D3B7561BD65CB852F803"
Last-Modified: Sat, 31 Aug 2024 02:41:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10699
Expires: Mon, 02 Sep 2024 09:01:36 GMT
Date: Mon, 02 Sep 2024 06:03:17 GMT
Connection: keep-alive

fp.metricswpsh.com/fp?tag_id=114039

157.90.84.242

500 Internal Server Error

0 B

URL POST HTTP/1.1
fp.metricswpsh.com/fp?tag_id=114039
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint45:52:8C:9D:57:BA:65:CC:D6:E3:BA:47:79:D3:57:FC:CA:CB:04:0B
ValiditySun, 18 Aug 2024 04:34:54 GMT - Sat, 16 Nov 2024 04:34:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=114039 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://poop.bar/
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Mon, 02 Sep 2024 06:03:17 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://poop.bar
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

js.capndr.com/popunder-admanager/build.m.js

45.133.44.52

200 OK

30 kB

URL GET HTTP/2
js.capndr.com/popunder-admanager/build.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
FingerprintA0:3C:B8:F2:B0:74:40:26:0C:8B:97:F4:AE:8A:17:21:9E:B9:63:3B
ValidityMon, 19 Aug 2024 02:02:32 GMT - Sun, 17 Nov 2024 02:02:31 GMT

File type
gzip compressed data, from Unix
Size
30 kB (30154 bytes)
Hash
86196f0786bc72f0d5b4bf261998d1ca
ba7259206411c39d60d2ba7d9c3ca0f2948d8490
b59064d9eed0e35c4e043f3934be0013263d43332ef60e99911e75de4b452621

HTTP Headers

GET /popunder-admanager/build.m.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 30 Aug 2024 12:52:00 GMT
etag: W/"66d1c070-1925c"
content-encoding: gzip
expires: Mon, 02 Sep 2024 06:08:17 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds9225
access-control-allow-origin: *
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=114039

157.90.84.242

500 Internal Server Error

36 B

URL POST HTTP/1.1
fp.metricswpsh.com/fp?tag_id=114039
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint45:52:8C:9D:57:BA:65:CC:D6:E3:BA:47:79:D3:57:FC:CA:CB:04:0B
ValiditySun, 18 Aug 2024 04:34:54 GMT - Sat, 16 Nov 2024 04:34:53 GMT

File type
JSON text data
Size
36 B (36 bytes)
Hash
0849660b654e3a313882a44c0e7dc08a
b1493d6ce204eb99837d9b33849d1458093a6e6d
6e73b83ae8fcdaf81421a4236c9f817a9e4ea0fa931bf696f72872b266bd83e6

HTTP Headers

POST /fp?tag_id=114039 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1881
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 500 Internal Server Error
Server: nginx/1.20.1
Date: Mon, 02 Sep 2024 06:03:17 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 36
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://poop.bar
Vary: Origin

b004dc0e97.043213c072.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0NDk0NjAxMjA3MDYwNjI5NTAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTI3LjQiLCJ0YWdfaWQiOjExNDAzOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9

45.133.44.52

200 OK

0 B

URL GET HTTP/2
b004dc0e97.043213c072.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0NDk0NjAxMjA3MDYwNjI5NTAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTI3LjQiLCJ0YWdfaWQiOjExNDAzOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectb004dc0e97.043213c072.com
FingerprintA4:E7:6E:14:16:1F:7D:90:16:B3:51:CE:28:76:6F:5F:C7:D6:E1:D2
ValidityFri, 30 Aug 2024 02:51:52 GMT - Thu, 28 Nov 2024 02:51:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0NDk0NjAxMjA3MDYwNjI5NTAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTI3LjQiLCJ0YWdfaWQiOjExNDAzOSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: b004dc0e97.043213c072.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:17 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
x-cdn-host-id: ds9225
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
20c9eec1ed6a0f3c730b021493b9e3ec
9f241af1cf1513631da05ffbaede6bcd16e93571
0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9284
Expires: Mon, 02 Sep 2024 08:38:02 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
20c9eec1ed6a0f3c730b021493b9e3ec
9f241af1cf1513631da05ffbaede6bcd16e93571
0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9284
Expires: Mon, 02 Sep 2024 08:38:02 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
20c9eec1ed6a0f3c730b021493b9e3ec
9f241af1cf1513631da05ffbaede6bcd16e93571
0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9284
Expires: Mon, 02 Sep 2024 08:38:02 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
20c9eec1ed6a0f3c730b021493b9e3ec
9f241af1cf1513631da05ffbaede6bcd16e93571
0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9284
Expires: Mon, 02 Sep 2024 08:38:02 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
20c9eec1ed6a0f3c730b021493b9e3ec
9f241af1cf1513631da05ffbaede6bcd16e93571
0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9284
Expires: Mon, 02 Sep 2024 08:38:02 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

js.wpushsdk.com/npc/sdk/wpu/npush.m.js

45.133.44.52

200 OK

57 kB

URL GET HTTP/2
js.wpushsdk.com/npc/sdk/wpu/npush.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectjs.wpushsdk.com
FingerprintA2:B9:AA:8C:6A:EB:D2:88:07:DA:5A:50:52:7A:9E:38:3D:BC:AD:BE
ValidityWed, 10 Jul 2024 03:01:18 GMT - Tue, 08 Oct 2024 03:01:17 GMT

File type
gzip compressed data, from Unix
Size
57 kB (57409 bytes)
Hash
129aff1ebe915e6b5f3bf1cc1317073a
7cb2a022e8d6fb8505c657a2c2ec22a260f8e7d4
b3b334b68942291820247ed07d35c0295493d89bfe693284735d9199a01549ee

HTTP Headers

GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 29 Aug 2024 12:47:48 GMT
etag: W/"66d06df4-2d392"
content-encoding: gzip
expires: Mon, 02 Sep 2024 06:08:17 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds9225
access-control-allow-origin: *
X-Firefox-Spdy: h2

storage.multstorage.com/log/count.html

104.21.30.242

200 OK

390 B

URL GET HTTP/2
storage.multstorage.com/log/count.html
IP
104.21.30.242:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectmultstorage.com
Fingerprint78:B6:52:5B:BA:05:3E:4A:22:73:D1:DC:2A:9E:46:23:D1:72:D3:F2
ValiditySat, 13 Jul 2024 07:13:35 GMT - Fri, 11 Oct 2024 07:13:34 GMT

File type
HTML document, ASCII text, with very long lines (700)
Size
390 B (390 bytes)
Hash
b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 94774a1c7fc11250b3ea35932b4f6b20
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gSDwXMiVD1%2FY9l9xW2bLwAO7E5W1fuLQGT9te28wfqt6mbFxLihAHMNR2UixU5tlAu2wDCFaxsz%2FU3NUFyK0bLjcylOxfQc049ScSJPvkEjlfj0%2BdjAvMF5u5uVKYvVNZqJ3qi10O%2FHBhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bcb4bcb5f7756c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

nereserv.com/in/dip?site=native-push&wl=1&event_id=1c09beeb-bd70-4073-8752-3cc376c201c5&subid=357529620&sid=1633553334&spot_id=418774&created_at=2024-09-02&timezone=0&ver=8.184.0&is_native=1

116.202.204.105

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?site=native-push&wl=1&event_id=1c09beeb-bd70-4073-8752-3cc376c201c5&subid=357529620&sid=1633553334&spot_id=418774&created_at=2024-09-02&timezone=0&ver=8.184.0&is_native=1
IP
116.202.204.105:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint45:52:8C:9D:57:BA:65:CC:D6:E3:BA:47:79:D3:57:FC:CA:CB:04:0B
ValiditySun, 18 Aug 2024 04:34:54 GMT - Sat, 16 Nov 2024 04:34:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=1c09beeb-bd70-4073-8752-3cc376c201c5&subid=357529620&sid=1633553334&spot_id=418774&created_at=2024-09-02&timezone=0&ver=8.184.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Mon, 02 Sep 2024 06:03:18 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

e6.o.lencr.org/

23.36.77.32

344 B

URL
e6.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
0844b09aaff2f9f8299a02fc5d40eea1
63922661f80ba95d812cef34f6d25653b536435a
bf9fed2af245245867e2032ad85959a1daa8d9fc9aaf673ac2fd901c054f953f

HTTP Headers

POST / HTTP/1.1
Host: e6.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "BF9FED2AF245245867E2032AD85959A1DAA8D9FC9AAF673AC2FD901C054F953F"
Last-Modified: Sun, 01 Sep 2024 03:15:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19258
Expires: Mon, 02 Sep 2024 11:24:16 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

e6.o.lencr.org/

23.36.77.32

344 B

URL
e6.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
0844b09aaff2f9f8299a02fc5d40eea1
63922661f80ba95d812cef34f6d25653b536435a
bf9fed2af245245867e2032ad85959a1daa8d9fc9aaf673ac2fd901c054f953f

HTTP Headers

POST / HTTP/1.1
Host: e6.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "BF9FED2AF245245867E2032AD85959A1DAA8D9FC9AAF673AC2FD901C054F953F"
Last-Modified: Sun, 01 Sep 2024 03:15:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19258
Expires: Mon, 02 Sep 2024 11:24:16 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

e6.o.lencr.org/

23.36.77.32

344 B

URL
e6.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
0844b09aaff2f9f8299a02fc5d40eea1
63922661f80ba95d812cef34f6d25653b536435a
bf9fed2af245245867e2032ad85959a1daa8d9fc9aaf673ac2fd901c054f953f

HTTP Headers

POST / HTTP/1.1
Host: e6.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "BF9FED2AF245245867E2032AD85959A1DAA8D9FC9AAF673AC2FD901C054F953F"
Last-Modified: Sun, 01 Sep 2024 03:15:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19258
Expires: Mon, 02 Sep 2024 11:24:16 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

e6.o.lencr.org/

23.36.77.32

344 B

URL
e6.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
0844b09aaff2f9f8299a02fc5d40eea1
63922661f80ba95d812cef34f6d25653b536435a
bf9fed2af245245867e2032ad85959a1daa8d9fc9aaf673ac2fd901c054f953f

HTTP Headers

POST / HTTP/1.1
Host: e6.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "BF9FED2AF245245867E2032AD85959A1DAA8D9FC9AAF673AC2FD901C054F953F"
Last-Modified: Sun, 01 Sep 2024 03:15:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19258
Expires: Mon, 02 Sep 2024 11:24:16 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

nereserv.com/in/dip?site=native-push&wl=1&event_id=f68f651c-b10d-4b35-b489-1d29e2a2d970&subid=388464194&sid=2978436941&spot_id=418776&created_at=2024-09-02&timezone=0&ver=8.184.0&is_native=1

116.202.204.105

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?site=native-push&wl=1&event_id=f68f651c-b10d-4b35-b489-1d29e2a2d970&subid=388464194&sid=2978436941&spot_id=418776&created_at=2024-09-02&timezone=0&ver=8.184.0&is_native=1
IP
116.202.204.105:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint45:52:8C:9D:57:BA:65:CC:D6:E3:BA:47:79:D3:57:FC:CA:CB:04:0B
ValiditySun, 18 Aug 2024 04:34:54 GMT - Sat, 16 Nov 2024 04:34:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=f68f651c-b10d-4b35-b489-1d29e2a2d970&subid=388464194&sid=2978436941&spot_id=418776&created_at=2024-09-02&timezone=0&ver=8.184.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Mon, 02 Sep 2024 06:03:18 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

4bb6cef88c.4917493a9d.com/in/multy

168.119.25.102

200 OK

0 B

URL POST HTTP/2
4bb6cef88c.4917493a9d.com/in/multy
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subject4917493a9d.com
Fingerprint81:6B:99:40:4A:C5:6E:8B:27:F3:A4:C6:7C:EF:D3:3F:91:86:5F:27
ValidityThu, 29 Aug 2024 14:03:46 GMT - Wed, 27 Nov 2024 14:03:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: 4bb6cef88c.4917493a9d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://poop.bar/
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.18.0
date: Mon, 02 Sep 2024 06:03:18 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

4bb6cef88c.4917493a9d.com/in/multy

168.119.25.102

200 OK

0 B

URL POST HTTP/2
4bb6cef88c.4917493a9d.com/in/multy
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subject4917493a9d.com
Fingerprint81:6B:99:40:4A:C5:6E:8B:27:F3:A4:C6:7C:EF:D3:3F:91:86:5F:27
ValidityThu, 29 Aug 2024 14:03:46 GMT - Wed, 27 Nov 2024 14:03:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: 4bb6cef88c.4917493a9d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://poop.bar/
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.18.0
date: Mon, 02 Sep 2024 06:03:18 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a359243b8824c96bab1e4932bd607e28
517cd573e5d1c9acfeca4bc99b986dd386c39635
0c02542a334bfb5318994439673318790a95fefaef357605fae4e0362cffe199

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 02 Sep 2024 06:03:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

74.125.131.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintBF:81:A1:2A:1D:B9:BA:98:48:CC:71:D4:22:44:39:74:64:A4:07:BC
ValidityMon, 05 Aug 2024 07:20:02 GMT - Mon, 28 Oct 2024 07:20:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:HEV5uxlpYpbLEQnCiGwf2YohvsdBtQ:I8TYbQ2_onoi3A1I; Expires=Wed, 02-Sep-2026 06:03:18 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 02 Sep 2024 06:03:18 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Ab5oB3o8CaVDjsCTrRIcuPJBGXPMNI7n9lEAvHSxRcJ4pDGDayQOLe_Jm6Q1F5aYsEANeQ4ziIKkxA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-ZH-rJuKCSfhPqx72AScJww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Ab5oB3o8CaVDjsCTrRIcuPJBGXPMNI7n9lEAvHSxRcJ4pDGDayQOLe_Jm6Q1F5aYsEANeQ4ziIKkxA

74.125.131.84

302 Found

421 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Ab5oB3o8CaVDjsCTrRIcuPJBGXPMNI7n9lEAvHSxRcJ4pDGDayQOLe_Jm6Q1F5aYsEANeQ4ziIKkxA
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintBF:81:A1:2A:1D:B9:BA:98:48:CC:71:D4:22:44:39:74:64:A4:07:BC
ValidityMon, 05 Aug 2024 07:20:02 GMT - Mon, 28 Oct 2024 07:20:01 GMT

File type
HTML document, ASCII text, with very long lines (392)
Size
421 B (421 bytes)
Hash
38ec3386cd235f80c3f06ab377c05498
5f10ac116c2e768d0e16e5a941d87378f273f0e8
605145ad13fa413ffc7415409a472f2def777503709051fc264cc53ca973eebf

HTTP Headers

GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Ab5oB3o8CaVDjsCTrRIcuPJBGXPMNI7n9lEAvHSxRcJ4pDGDayQOLe_Jm6Q1F5aYsEANeQ4ziIKkxA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:nGb78bgybDiWq7geVSAJMDmqVMtECg:dhWVvRTVb9hiNBXf;Path=/;Expires=Wed, 02-Sep-2026 06:03:18 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 02 Sep 2024 06:03:18 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Ab5oB3rSb4zqnWaMDV3VCwPNqqgRctHNuVZ-ohgkBcffCpJTmpnsuZb0-6YHTNiqYp74yJyhvIUKEg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1983067959%3A1725256998598820&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce--1X_z5MpsLwnHfu7zdn3dQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 421
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

4bb6cef88c.4917493a9d.com/in/multy

168.119.25.102

200 OK

8.8 kB

URL POST HTTP/2
4bb6cef88c.4917493a9d.com/in/multy
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subject4917493a9d.com
Fingerprint81:6B:99:40:4A:C5:6E:8B:27:F3:A4:C6:7C:EF:D3:3F:91:86:5F:27
ValidityThu, 29 Aug 2024 14:03:46 GMT - Wed, 27 Nov 2024 14:03:45 GMT

File type
JSON text data
Size
8.8 kB (8756 bytes)
Hash
f4906cc9a2b972223b24fa272112c6b0
6a4fea6c2dec579aaaa3230f5fec4c28493ad616
e2f848e90c2bc40c4e59cab3563b14d2d5586b02040d69f8ba1fc60914c96466

HTTP Headers

POST /in/multy HTTP/1.1
Host: 4bb6cef88c.4917493a9d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1717
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 02 Sep 2024 06:03:18 GMT
content-type: application/json
content-length: 8756
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

4bb6cef88c.4917493a9d.com/in/multy

168.119.25.102

200 OK

7.2 kB

URL POST HTTP/2
4bb6cef88c.4917493a9d.com/in/multy
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subject4917493a9d.com
Fingerprint81:6B:99:40:4A:C5:6E:8B:27:F3:A4:C6:7C:EF:D3:3F:91:86:5F:27
ValidityThu, 29 Aug 2024 14:03:46 GMT - Wed, 27 Nov 2024 14:03:45 GMT

File type
JSON text data
Size
7.2 kB (7197 bytes)
Hash
8a76b1a1e43a81ae0bf09ba67ff8b0b4
53eb948bf9c1831307f3aefdeeccbe0d07853a42
272414898e050bbcb5cbd12fdfc66cfc27b405aa1ae6a7fc265c814691ddff09

HTTP Headers

POST /in/multy HTTP/1.1
Host: 4bb6cef88c.4917493a9d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1717
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 02 Sep 2024 06:03:18 GMT
content-type: application/json
content-length: 7197
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Ab5oB3rSb4zqnWaMDV3VCwPNqqgRctHNuVZ-ohgkBcffCpJTmpnsuZb0-6YHTNiqYp74yJyhvIUKEg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1983067959%3A1725256998598820&ddm=0

74.125.131.84

403 Forbidden

1.3 kB

URL GET HTTP/2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Ab5oB3rSb4zqnWaMDV3VCwPNqqgRctHNuVZ-ohgkBcffCpJTmpnsuZb0-6YHTNiqYp74yJyhvIUKEg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1983067959%3A1725256998598820&ddm=0
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintBF:81:A1:2A:1D:B9:BA:98:48:CC:71:D4:22:44:39:74:64:A4:07:BC
ValidityMon, 05 Aug 2024 07:20:02 GMT - Mon, 28 Oct 2024 07:20:01 GMT

File type
gzip compressed data, max compression
Size
1.3 kB (1277 bytes)
Hash
7f6047f6639d68c0957e41bf8df6ef02
32f12c90aeb3923b9b1ce744f4500e52282dd37f
277e933b7e00ace7c7336bed3ab491a76153d80cc589cae0b82885ec1b4bfbf4

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Ab5oB3rSb4zqnWaMDV3VCwPNqqgRctHNuVZ-ohgkBcffCpJTmpnsuZb0-6YHTNiqYp74yJyhvIUKEg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1983067959%3A1725256998598820&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 02 Sep 2024 06:03:18 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-_oVT3Tc9lyZvHPORD1nt2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.clR4MTyL-is.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

4bb6cef88c.4917493a9d.com/in/show/?tag_ab=c&site_id=31418776&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.bar%2F404.php&refdom=poop.bar&auction_time=1725256998&subid=388464194&sid=2978436941&tcid=0&ver=8.184.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-09-02&iabcat=IAB25-3&keywords=&user_fp=17482288374655957434&score=77.61610364421898&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.bar%252F404.php%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=40828&crtid=ff211e80ebf657db1e8305c91c480275&url=http%3A%2F%2Fyuoprae.com%2Fie%3Fv%3D4%26c%3DcGOIjD3EchF1KsLgIOKUFvWaoZH9eq0aIojGEtkml2L7lbohYcW-KFDVj0JUen0TC7McPXbZToyG2MaQ1AKAArgSzyAK_ttJP5lCjK2ugX-P9Twlqv6wWaD4OENNfZ_CnoMg1QQbMdaGJNDFSJdJbaOyMUEMESknSxshl2b18ESaqucN_m6Yndx8OJC2tuxGgM0j-s6jWOGUTsk5aLCEzVghuGmQc4Zmo2U1bou-qmSeMuFMJFaAdJYiQ7SABoPuQG_VyANaQryqRzoY107PzfE5dwEy2bR99DdJUw2bbTSjRMOn1u5yAoEtvgCVpoV-tczsxVQVePooNQ4vt1BvGHxnSEmEPHZt2_djE7JSMm2c6UE5altyHbyiQh_J6wIsDcMxbyagQWd98NHwAjgxkJtRwA6Bg2kXu1Vd43wl1AWNr9mFAtvOjlz28Rog3-fNUPIAfJlUXhyS-4tcdscMq16Mx4XJURCE5-YuAXAOiCy9KwIDg68Xy4huJhaKi1DInt06_xhuGDlGtsHmO0jh7S-u%26v1%3D199%26v2%3D40828&icons=90P_BEhJtAxmQ5CHW1JO1z1fzqE3PdXCOCwP4i7VIuPzUEt-CM_9SL7EtcTFlFfnyaSx3B76gDAtkYJ9l7BTcWZvdmpFzFd4oIaNSEQMkIbtjZKF7GfQrOzbXWKkEbyQif7XU2RkLyr1ZDeRnCUxdwH-381sNxiimjy3OK_-X3OKKZF6WrQDklm1ij1AeEMYHlbYHAHv5nCm8WN6RsTIBzgGTH-P8J6Hp1Yy8IK_zs3aScvlJyFsobwSjasG4T4MDp0GZQdzpo3tKKUu6ylRiEHRCVMkcniUqguuibSuD31eDS9kdPd28Ulj20EhpRceRT_kCHVmWSEA1BvWPtD5j60saJA5qNXqhWUhS0agIjlk7llrpjCczqadz_4m0qghk3_RtqL0WyXtl9qgntm6_8LWoAAEgFH2RQ6ctQYW6IEW42QE2BevRZdNChzHHr1WmfcBEome_TJIImT4Eww3UJvyoGP_igfQlO8vzKGfuuaKm2PaXjHTchyfW0NEPE5DU4mQ6R2FcOznwLrjPnNepo9866vnmyz1rCnbFeaNRs5WNZw44zRH1rneHj-9NilcWX4Lq6XGfF9OLGNLdrj4an247mTJrCrge31IgKeeCo-eU06eGqSSqqRChizlH_AANSZl3JnFepb4cAnpjRV0rgqC8YATLK3qTgbHoq7Ky3mH55g-RvQs-Jd2Gz8o-be1FtLj_HQn47B11t47l2yD3JSkMVe5_Gw2h5GePpXBLKoy5EOWyjkEoXZnb61xDmpblLPwOgtPzqRx1A8Rkl1UKI5E1Ef-EzZoyFjZhVELK4jFD1SpI-DOzP78RQ1PTw-yALuBL0sev_y122_iR9hHsEGHhb48o_QV16nciMKX8I9kjOapQQcq8nEhGIvbpu01AYIYKvf-EjUpMek_B8hjuZK0ZOr1ZRp9zqLf-iWwoqjZmPICM-aPQYHjnrAvKsZTV7S41V77ZgWND0K7NyQDzX36r4q1EY0i9OoPEI9MGHvSHkf__0RtamzY6B_o1IHowbRw9D-dS2LD-dHYKVFfQECHH4P0G7VzVdkWB0IpbX1Jl5SSOhbdhGiQChxQYQ3lADN7JxcjoH9ANMd69vvExLwNqnDhd43RfjFkM6AR3nOBP3AtZQaxJ-QnGwShclhinGcO8H-8eyAsz6aWs9ByB5no4G-bs848hWQYXYvkuleFP9AG35srRRZ4Q4iy6rhVSZJy56zQ5AYUv4hcNjzsmCF0vDzUCam7nOUVMjEa5BFREIRawMdW-L0sVhTAEAjufRTgbC8uBb04GKN2UNDdJgdxTgMpcS-RKKCghNvvedfDkwyQtFYQrknmBcBlsjgBhd4LbssQhso0_woQXijRANV2ckF28Q6OLOl3AkOLjJiWVjxsGtNhZky55BXSXaYqgLsBP5cDX6dL0dSoxgP4OI20LSbpkgxDn9xcqplTgUU84jWrOc9z3Q1eAj7AkY7a7vJfdv5c6oNd5rwu3RIG3tIlaC5J9Dgj1iB4uXzx68_3BTjj-YsiNfCZokcsfrLPICJFx8oRPpWVQPxp3iJX2ffQYB-xy6IoWXYIAy7Dj0lY12AuEtDnB1XnQ0ugWu6MuDquGO__VgmczSyc6SMri88nwTCYqFUyVSjNhf3wJE3J-8tsGyZC0DysK_GnNfxuRPC0D8UMhNVkioU_k4SPyxH-wBmaOpO3qdQ7yLohEnm1-jsfifAqaewKxbDGP4fuFSi3Etv1p3985B2dAhv-m51goAgyBoeGxZdzilxy_VgN6YfeuYsMBsYVZlMHCQWjRLFeVzpc7hRfgW2O2ccc7r5RoJed1mEAYKvHBW7xyP3J27Hc6xe_OAT1xYqK5EBchuIELdevLKK-gHhSPiQV0Rj4rF-59gppmhY-bD5acjKE_2a6NegFwK7XxC--RxEANwmG3eZsyv8dTNsFXNgYvQkbIcc&ext_cid=40828&px_id=31418776&min_cpm=0.011105795220920416&out_id=1&campaign_type=lq&aid=291&cid=1730&uniq=&mid=6858113746656956773&skin_id=2&vertical_id=14&skin_test=0&from_cache=0&ecpm=0.17663280936214892&cpm=0&verify_hash=497c9cf1af0343821a2226789b513303&is_native=1&real_bid=0.00456088764486944&original_bid_usd=0.005059782&original_bid=0.005059782&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,88,95,70,14&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=1725314598&image_url=&site=native-push-adult&price=0.005059782&hostname=auc-inpage-hz-13-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000005059782&ext_campaign_id_str=40828&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=f1a73150-4668-4598-a489-68dc461497fb&prev_step_diff=670

168.119.25.102

200 OK

0 B

URL GET HTTP/2
4bb6cef88c.4917493a9d.com/in/show/?tag_ab=c&site_id=31418776&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.bar%2F404.php&refdom=poop.bar&auction_time=1725256998&subid=388464194&sid=2978436941&tcid=0&ver=8.184.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-09-02&iabcat=IAB25-3&keywords=&user_fp=17482288374655957434&score=77.61610364421898&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.bar%252F404.php%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=40828&crtid=ff211e80ebf657db1e8305c91c480275&url=http%3A%2F%2Fyuoprae.com%2Fie%3Fv%3D4%26c%3DcGOIjD3EchF1KsLgIOKUFvWaoZH9eq0aIojGEtkml2L7lbohYcW-KFDVj0JUen0TC7McPXbZToyG2MaQ1AKAArgSzyAK_ttJP5lCjK2ugX-P9Twlqv6wWaD4OENNfZ_CnoMg1QQbMdaGJNDFSJdJbaOyMUEMESknSxshl2b18ESaqucN_m6Yndx8OJC2tuxGgM0j-s6jWOGUTsk5aLCEzVghuGmQc4Zmo2U1bou-qmSeMuFMJFaAdJYiQ7SABoPuQG_VyANaQryqRzoY107PzfE5dwEy2bR99DdJUw2bbTSjRMOn1u5yAoEtvgCVpoV-tczsxVQVePooNQ4vt1BvGHxnSEmEPHZt2_djE7JSMm2c6UE5altyHbyiQh_J6wIsDcMxbyagQWd98NHwAjgxkJtRwA6Bg2kXu1Vd43wl1AWNr9mFAtvOjlz28Rog3-fNUPIAfJlUXhyS-4tcdscMq16Mx4XJURCE5-YuAXAOiCy9KwIDg68Xy4huJhaKi1DInt06_xhuGDlGtsHmO0jh7S-u%26v1%3D199%26v2%3D40828&icons=90P_BEhJtAxmQ5CHW1JO1z1fzqE3PdXCOCwP4i7VIuPzUEt-CM_9SL7EtcTFlFfnyaSx3B76gDAtkYJ9l7BTcWZvdmpFzFd4oIaNSEQMkIbtjZKF7GfQrOzbXWKkEbyQif7XU2RkLyr1ZDeRnCUxdwH-381sNxiimjy3OK_-X3OKKZF6WrQDklm1ij1AeEMYHlbYHAHv5nCm8WN6RsTIBzgGTH-P8J6Hp1Yy8IK_zs3aScvlJyFsobwSjasG4T4MDp0GZQdzpo3tKKUu6ylRiEHRCVMkcniUqguuibSuD31eDS9kdPd28Ulj20EhpRceRT_kCHVmWSEA1BvWPtD5j60saJA5qNXqhWUhS0agIjlk7llrpjCczqadz_4m0qghk3_RtqL0WyXtl9qgntm6_8LWoAAEgFH2RQ6ctQYW6IEW42QE2BevRZdNChzHHr1WmfcBEome_TJIImT4Eww3UJvyoGP_igfQlO8vzKGfuuaKm2PaXjHTchyfW0NEPE5DU4mQ6R2FcOznwLrjPnNepo9866vnmyz1rCnbFeaNRs5WNZw44zRH1rneHj-9NilcWX4Lq6XGfF9OLGNLdrj4an247mTJrCrge31IgKeeCo-eU06eGqSSqqRChizlH_AANSZl3JnFepb4cAnpjRV0rgqC8YATLK3qTgbHoq7Ky3mH55g-RvQs-Jd2Gz8o-be1FtLj_HQn47B11t47l2yD3JSkMVe5_Gw2h5GePpXBLKoy5EOWyjkEoXZnb61xDmpblLPwOgtPzqRx1A8Rkl1UKI5E1Ef-EzZoyFjZhVELK4jFD1SpI-DOzP78RQ1PTw-yALuBL0sev_y122_iR9hHsEGHhb48o_QV16nciMKX8I9kjOapQQcq8nEhGIvbpu01AYIYKvf-EjUpMek_B8hjuZK0ZOr1ZRp9zqLf-iWwoqjZmPICM-aPQYHjnrAvKsZTV7S41V77ZgWND0K7NyQDzX36r4q1EY0i9OoPEI9MGHvSHkf__0RtamzY6B_o1IHowbRw9D-dS2LD-dHYKVFfQECHH4P0G7VzVdkWB0IpbX1Jl5SSOhbdhGiQChxQYQ3lADN7JxcjoH9ANMd69vvExLwNqnDhd43RfjFkM6AR3nOBP3AtZQaxJ-QnGwShclhinGcO8H-8eyAsz6aWs9ByB5no4G-bs848hWQYXYvkuleFP9AG35srRRZ4Q4iy6rhVSZJy56zQ5AYUv4hcNjzsmCF0vDzUCam7nOUVMjEa5BFREIRawMdW-L0sVhTAEAjufRTgbC8uBb04GKN2UNDdJgdxTgMpcS-RKKCghNvvedfDkwyQtFYQrknmBcBlsjgBhd4LbssQhso0_woQXijRANV2ckF28Q6OLOl3AkOLjJiWVjxsGtNhZky55BXSXaYqgLsBP5cDX6dL0dSoxgP4OI20LSbpkgxDn9xcqplTgUU84jWrOc9z3Q1eAj7AkY7a7vJfdv5c6oNd5rwu3RIG3tIlaC5J9Dgj1iB4uXzx68_3BTjj-YsiNfCZokcsfrLPICJFx8oRPpWVQPxp3iJX2ffQYB-xy6IoWXYIAy7Dj0lY12AuEtDnB1XnQ0ugWu6MuDquGO__VgmczSyc6SMri88nwTCYqFUyVSjNhf3wJE3J-8tsGyZC0DysK_GnNfxuRPC0D8UMhNVkioU_k4SPyxH-wBmaOpO3qdQ7yLohEnm1-jsfifAqaewKxbDGP4fuFSi3Etv1p3985B2dAhv-m51goAgyBoeGxZdzilxy_VgN6YfeuYsMBsYVZlMHCQWjRLFeVzpc7hRfgW2O2ccc7r5RoJed1mEAYKvHBW7xyP3J27Hc6xe_OAT1xYqK5EBchuIELdevLKK-gHhSPiQV0Rj4rF-59gppmhY-bD5acjKE_2a6NegFwK7XxC--RxEANwmG3eZsyv8dTNsFXNgYvQkbIcc&ext_cid=40828&px_id=31418776&min_cpm=0.011105795220920416&out_id=1&campaign_type=lq&aid=291&cid=1730&uniq=&mid=6858113746656956773&skin_id=2&vertical_id=14&skin_test=0&from_cache=0&ecpm=0.17663280936214892&cpm=0&verify_hash=497c9cf1af0343821a2226789b513303&is_native=1&real_bid=0.00456088764486944&original_bid_usd=0.005059782&original_bid=0.005059782&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,88,95,70,14&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=1725314598&image_url=&site=native-push-adult&price=0.005059782&hostname=auc-inpage-hz-13-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000005059782&ext_campaign_id_str=40828&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=f1a73150-4668-4598-a489-68dc461497fb&prev_step_diff=670
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subject4917493a9d.com
Fingerprint81:6B:99:40:4A:C5:6E:8B:27:F3:A4:C6:7C:EF:D3:3F:91:86:5F:27
ValidityThu, 29 Aug 2024 14:03:46 GMT - Wed, 27 Nov 2024 14:03:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=c&site_id=31418776&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.bar%2F404.php&refdom=poop.bar&auction_time=1725256998&subid=388464194&sid=2978436941&tcid=0&ver=8.184.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-09-02&iabcat=IAB25-3&keywords=&user_fp=17482288374655957434&score=77.61610364421898&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.bar%252F404.php%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=40828&crtid=ff211e80ebf657db1e8305c91c480275&url=http%3A%2F%2Fyuoprae.com%2Fie%3Fv%3D4%26c%3DcGOIjD3EchF1KsLgIOKUFvWaoZH9eq0aIojGEtkml2L7lbohYcW-KFDVj0JUen0TC7McPXbZToyG2MaQ1AKAArgSzyAK_ttJP5lCjK2ugX-P9Twlqv6wWaD4OENNfZ_CnoMg1QQbMdaGJNDFSJdJbaOyMUEMESknSxshl2b18ESaqucN_m6Yndx8OJC2tuxGgM0j-s6jWOGUTsk5aLCEzVghuGmQc4Zmo2U1bou-qmSeMuFMJFaAdJYiQ7SABoPuQG_VyANaQryqRzoY107PzfE5dwEy2bR99DdJUw2bbTSjRMOn1u5yAoEtvgCVpoV-tczsxVQVePooNQ4vt1BvGHxnSEmEPHZt2_djE7JSMm2c6UE5altyHbyiQh_J6wIsDcMxbyagQWd98NHwAjgxkJtRwA6Bg2kXu1Vd43wl1AWNr9mFAtvOjlz28Rog3-fNUPIAfJlUXhyS-4tcdscMq16Mx4XJURCE5-YuAXAOiCy9KwIDg68Xy4huJhaKi1DInt06_xhuGDlGtsHmO0jh7S-u%26v1%3D199%26v2%3D40828&icons=90P_BEhJtAxmQ5CHW1JO1z1fzqE3PdXCOCwP4i7VIuPzUEt-CM_9SL7EtcTFlFfnyaSx3B76gDAtkYJ9l7BTcWZvdmpFzFd4oIaNSEQMkIbtjZKF7GfQrOzbXWKkEbyQif7XU2RkLyr1ZDeRnCUxdwH-381sNxiimjy3OK_-X3OKKZF6WrQDklm1ij1AeEMYHlbYHAHv5nCm8WN6RsTIBzgGTH-P8J6Hp1Yy8IK_zs3aScvlJyFsobwSjasG4T4MDp0GZQdzpo3tKKUu6ylRiEHRCVMkcniUqguuibSuD31eDS9kdPd28Ulj20EhpRceRT_kCHVmWSEA1BvWPtD5j60saJA5qNXqhWUhS0agIjlk7llrpjCczqadz_4m0qghk3_RtqL0WyXtl9qgntm6_8LWoAAEgFH2RQ6ctQYW6IEW42QE2BevRZdNChzHHr1WmfcBEome_TJIImT4Eww3UJvyoGP_igfQlO8vzKGfuuaKm2PaXjHTchyfW0NEPE5DU4mQ6R2FcOznwLrjPnNepo9866vnmyz1rCnbFeaNRs5WNZw44zRH1rneHj-9NilcWX4Lq6XGfF9OLGNLdrj4an247mTJrCrge31IgKeeCo-eU06eGqSSqqRChizlH_AANSZl3JnFepb4cAnpjRV0rgqC8YATLK3qTgbHoq7Ky3mH55g-RvQs-Jd2Gz8o-be1FtLj_HQn47B11t47l2yD3JSkMVe5_Gw2h5GePpXBLKoy5EOWyjkEoXZnb61xDmpblLPwOgtPzqRx1A8Rkl1UKI5E1Ef-EzZoyFjZhVELK4jFD1SpI-DOzP78RQ1PTw-yALuBL0sev_y122_iR9hHsEGHhb48o_QV16nciMKX8I9kjOapQQcq8nEhGIvbpu01AYIYKvf-EjUpMek_B8hjuZK0ZOr1ZRp9zqLf-iWwoqjZmPICM-aPQYHjnrAvKsZTV7S41V77ZgWND0K7NyQDzX36r4q1EY0i9OoPEI9MGHvSHkf__0RtamzY6B_o1IHowbRw9D-dS2LD-dHYKVFfQECHH4P0G7VzVdkWB0IpbX1Jl5SSOhbdhGiQChxQYQ3lADN7JxcjoH9ANMd69vvExLwNqnDhd43RfjFkM6AR3nOBP3AtZQaxJ-QnGwShclhinGcO8H-8eyAsz6aWs9ByB5no4G-bs848hWQYXYvkuleFP9AG35srRRZ4Q4iy6rhVSZJy56zQ5AYUv4hcNjzsmCF0vDzUCam7nOUVMjEa5BFREIRawMdW-L0sVhTAEAjufRTgbC8uBb04GKN2UNDdJgdxTgMpcS-RKKCghNvvedfDkwyQtFYQrknmBcBlsjgBhd4LbssQhso0_woQXijRANV2ckF28Q6OLOl3AkOLjJiWVjxsGtNhZky55BXSXaYqgLsBP5cDX6dL0dSoxgP4OI20LSbpkgxDn9xcqplTgUU84jWrOc9z3Q1eAj7AkY7a7vJfdv5c6oNd5rwu3RIG3tIlaC5J9Dgj1iB4uXzx68_3BTjj-YsiNfCZokcsfrLPICJFx8oRPpWVQPxp3iJX2ffQYB-xy6IoWXYIAy7Dj0lY12AuEtDnB1XnQ0ugWu6MuDquGO__VgmczSyc6SMri88nwTCYqFUyVSjNhf3wJE3J-8tsGyZC0DysK_GnNfxuRPC0D8UMhNVkioU_k4SPyxH-wBmaOpO3qdQ7yLohEnm1-jsfifAqaewKxbDGP4fuFSi3Etv1p3985B2dAhv-m51goAgyBoeGxZdzilxy_VgN6YfeuYsMBsYVZlMHCQWjRLFeVzpc7hRfgW2O2ccc7r5RoJed1mEAYKvHBW7xyP3J27Hc6xe_OAT1xYqK5EBchuIELdevLKK-gHhSPiQV0Rj4rF-59gppmhY-bD5acjKE_2a6NegFwK7XxC--RxEANwmG3eZsyv8dTNsFXNgYvQkbIcc&ext_cid=40828&px_id=31418776&min_cpm=0.011105795220920416&out_id=1&campaign_type=lq&aid=291&cid=1730&uniq=&mid=6858113746656956773&skin_id=2&vertical_id=14&skin_test=0&from_cache=0&ecpm=0.17663280936214892&cpm=0&verify_hash=497c9cf1af0343821a2226789b513303&is_native=1&real_bid=0.00456088764486944&original_bid_usd=0.005059782&original_bid=0.005059782&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,88,95,70,14&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=1725314598&image_url=&site=native-push-adult&price=0.005059782&hostname=auc-inpage-hz-13-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000005059782&ext_campaign_id_str=40828&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=f1a73150-4668-4598-a489-68dc461497fb&prev_step_diff=670 HTTP/1.1
Host: 4bb6cef88c.4917493a9d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 02 Sep 2024 06:03:18 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

4bb6cef88c.4917493a9d.com/in/show/?tag_ab=c&site_id=31418776&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.bar%2F404.php&refdom=poop.bar&auction_time=1725256998&subid=388464194&sid=2978436941&tcid=0&ver=8.184.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-09-02&iabcat=IAB25-3&keywords=&user_fp=17482288374655957434&score=77.61610364421898&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.bar%252F404.php%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=15470&crtid=a448785754fcf5a97a1ec8e8b27b4f57&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DgLiiEuzs0PQIQmIx7merFcvUe1FxXrDTdI6yuDqMcYHqgaaD4DQZrIekNFumGsE6iWIci1OugEfdDKULyDZwNgtdO-L04H3HCVQb196NA4eOg12BVHU4Pa71LlbvNQpI62iFcqzpVm0JJuiGdoaL6FKQkLz8sFsfGBNyG20nGb6mSPB3QH-AN3M6Xwom5cY0Nec-FebUT8OEyXtkjrTOcMXrq1QA_DxunFAGSla-Lxl213RPwg5PoUJe3Q7iUcqto5INWK9EaemHVc6qz5QS1fmJnc2BCKJZC4mLh7Fv4-ZVcpCqtdbIggBbyjOzIiMaPC4-gcEAsTkxnomCMLbXjqTNB9LPA8EyOygyZ_pSrezln4VvMt63xkL-kGPKobbKaJ-c0VbrJ1oqfGFwE3a0WTzSxRUwexSr59VX5RK0UJTI25Q66LNc-08KgdoEIvSDQ51N-XgycTg1_PULx0y5Ln1rziS5iIsE67KNIowflSAfFaoEl8cIhBmyj8Em2E5QQcXvNFB9fZy2M0UR0NNbo7eGoylpsthNjt9aRabIArx7eHj-79vkePgHCj18mKpDr24huIbmq9nKy7xRkWzzdKgA7GiqdSaPcG2EjzwK-Tgw5q7aYa1fMXpPGOfY5hzs8T7rDvfSwxyBV7dCMGvj2paZuQ0vDSO5eExdZ5FnJ6w0YRiBuI41dN3lipkVCSVdhtyiRoVbxgR_uvzHVTyYCdSH5dp-brqPA4EGCj8bqGvtX5nXuVFGJyqJUbaA3Q4D_wUmqdw0rh8w9CGoKnq7yxFLRF-_Z8k7T8YQWTcGA5ol0K444bok-_jgsY1o4inOnZ_vx61_qq5HCcm-GZHF5aC9w4U5Gsi1vIoDuq7QfJXGVJpjcBmt9PAbhvW5NtIOoklCrJOgjlqQAMXSEqgccbpzBsxWTsio39rasu32gG5fcMNaZJ5yoNOKH0DROJXetrG7Dmug5p46IKgeDrapAJsMLAD5Y0ADyjB_1SShg-FfFldmUg8FmsMVFYmHhI2A0krS9OJFk-mzaXhOcynUKcGSz_TGUE54F5schGd80kNWMcNF-1iCz-ZtABIIfD6TDoplTt1NVVZK3HKosuOWXdpn8TZepMbkV6Ruz0ylNDY5nJB8xOL_qiu-DU2aUVzN2P0EWUbgTTJFoKERE6Q_P5ZKpF3luuwiBYY%26sp%3D0.055&icons=lCmY83ADHRi_uuD8bLN6_To-bBGihuF9D67jgrKjcCBa0K66px1E2E8TVJKsSIvZfjkabCZPcoH1IJGQqhc7sVKYMYQTfPyaSxDNz0bV27tBBIkf--ykhfeWW8WWzn5lmqRt6R2sGeNpDniPcQrRNptxTMx49T4CdsLsN1pT5imLNL74lZVSNETy1tJCNPOnlEmvbayN6-Nx3DPCahCcpqjqXNKjY_CKM6VN4-QjVhE6fhd0XAPdEXVWfXy1iUfV7ypLIGNPh7_TMsC4uqsvfqTDjGX9oKreIffQwZgOkIdk7utkh2SNs-1PWnbGrDC6xkHKE3AS40aByGF3icCk7iYYXpcJoaUAmAJdOjF3e2bzSvRgXw9rTZBVsUWtKm496KBCHqPRpCZLS2AEns8ML6VyuYoSLBwqDOf1pCGNCA08fA_75DKaOxVKtLrLyZXrDQdrEQXtOCDQENX1kpy2OThC4C5HRGUusN6F14NthoBc3MWAnwFUR5H03U4Tr0sjUvwGCLamXIJdd1Tli-HOLerYa4OoC3LsOgXoxZ_jXsAN_UZdQtIDKtfupzBmOg3GL6hU45PzuTY--SxCjxEGSgeVfwdUPXaDDOlHru2bb-d-EaiKSNaNKTWhz6alfEd42dnV5OWn34cxb4nVOSrxS4fi-MmMqoyRsD9cYBSkvCkoWyROtK5sLiYgDm4sfj87xtFPB10-se8oHqmzJOWEq-ffr_omgELvgj2C5NvelSJi049L1TSw41n-spFrcZO8sH2uVMATZv1b8QmSnEN57EXlQjfaAN2zIhFJuCj60uGU9HUFqUskcLkj0ilz6K-w2Oyi4LVSnEZTAvcjdg0N8ymbPStSPPXFsuC8f2fp81YdSDKblKj37xl9fqUCkh1JQb3rb_UHQMGI8PHNOCJameQMlzEk_80baSt6IEu4HgZDMOCqAYBsK-3pLW87yQZMnAQun6G4TPw4Xlk4_pW0N6Z0_7eAM2LdVXfgIwc0xUJEldOPLjxzSdwypgWEcELCyAWqMq5ZrtXTai3B7h9JBEU7Ikx49KJcIa-QhYOXMsD-6Jgoyfu_G0z71Ia4hPOtakUE1qBalmG-Juz32LKjLVcK-TU9ELDhKclrZ7SVq6dMclCrQq-D4ORbT6uw4WR9TdAjKYNj1uSp8j8I5YTiWEIJ_jkELyhVniaaRXKXsTIICizT9kCeXo7ddjZ12KgHMib6173nYwVyRIUHCkcDNFs0-bxbZRQ_P8a5MlythdC5cyR16CT-GFZZ_Sx1sI8rvoAf_cB1pPqDW6y01m5mySB6GXcGFE1wnBUaU58i9jheVylyddbgRUo94Nf_8hc&ext_cid=217903&px_id=31418776&min_cpm=0.0015329977747882292&out_id=0&campaign_type=mq&aid=127&cid=12695&uniq=34d3b07b42d61d4561e6068f66f2a7660a7ce2ba959fa10f4073bd1e499cf814&mid=6858113746656956773&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.05468650043010715&cpm=0.055&verify_hash=e665d8118d1869a35f4eec74151a894c&is_native=1&real_bid=0.05468650043010715&original_bid_usd=0.055&original_bid=0.055&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,5,98,70,108,0&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=1725429798&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F756%2F756856%2Fconversions%2FLEW9txun-in-page-ad-images.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-13-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=217903&is_webview=0&client_price=0.05468650043010715&direct_client_price=0&priority=0&client_payment_model=cpm&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.02&cpa=0301b4e3-1319-44f4-ad22-89f7bb340ad3&prev_step_diff=670

168.119.25.102

200 OK

0 B

URL GET HTTP/2
4bb6cef88c.4917493a9d.com/in/show/?tag_ab=c&site_id=31418776&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.bar%2F404.php&refdom=poop.bar&auction_time=1725256998&subid=388464194&sid=2978436941&tcid=0&ver=8.184.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-09-02&iabcat=IAB25-3&keywords=&user_fp=17482288374655957434&score=77.61610364421898&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.bar%252F404.php%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=15470&crtid=a448785754fcf5a97a1ec8e8b27b4f57&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DgLiiEuzs0PQIQmIx7merFcvUe1FxXrDTdI6yuDqMcYHqgaaD4DQZrIekNFumGsE6iWIci1OugEfdDKULyDZwNgtdO-L04H3HCVQb196NA4eOg12BVHU4Pa71LlbvNQpI62iFcqzpVm0JJuiGdoaL6FKQkLz8sFsfGBNyG20nGb6mSPB3QH-AN3M6Xwom5cY0Nec-FebUT8OEyXtkjrTOcMXrq1QA_DxunFAGSla-Lxl213RPwg5PoUJe3Q7iUcqto5INWK9EaemHVc6qz5QS1fmJnc2BCKJZC4mLh7Fv4-ZVcpCqtdbIggBbyjOzIiMaPC4-gcEAsTkxnomCMLbXjqTNB9LPA8EyOygyZ_pSrezln4VvMt63xkL-kGPKobbKaJ-c0VbrJ1oqfGFwE3a0WTzSxRUwexSr59VX5RK0UJTI25Q66LNc-08KgdoEIvSDQ51N-XgycTg1_PULx0y5Ln1rziS5iIsE67KNIowflSAfFaoEl8cIhBmyj8Em2E5QQcXvNFB9fZy2M0UR0NNbo7eGoylpsthNjt9aRabIArx7eHj-79vkePgHCj18mKpDr24huIbmq9nKy7xRkWzzdKgA7GiqdSaPcG2EjzwK-Tgw5q7aYa1fMXpPGOfY5hzs8T7rDvfSwxyBV7dCMGvj2paZuQ0vDSO5eExdZ5FnJ6w0YRiBuI41dN3lipkVCSVdhtyiRoVbxgR_uvzHVTyYCdSH5dp-brqPA4EGCj8bqGvtX5nXuVFGJyqJUbaA3Q4D_wUmqdw0rh8w9CGoKnq7yxFLRF-_Z8k7T8YQWTcGA5ol0K444bok-_jgsY1o4inOnZ_vx61_qq5HCcm-GZHF5aC9w4U5Gsi1vIoDuq7QfJXGVJpjcBmt9PAbhvW5NtIOoklCrJOgjlqQAMXSEqgccbpzBsxWTsio39rasu32gG5fcMNaZJ5yoNOKH0DROJXetrG7Dmug5p46IKgeDrapAJsMLAD5Y0ADyjB_1SShg-FfFldmUg8FmsMVFYmHhI2A0krS9OJFk-mzaXhOcynUKcGSz_TGUE54F5schGd80kNWMcNF-1iCz-ZtABIIfD6TDoplTt1NVVZK3HKosuOWXdpn8TZepMbkV6Ruz0ylNDY5nJB8xOL_qiu-DU2aUVzN2P0EWUbgTTJFoKERE6Q_P5ZKpF3luuwiBYY%26sp%3D0.055&icons=lCmY83ADHRi_uuD8bLN6_To-bBGihuF9D67jgrKjcCBa0K66px1E2E8TVJKsSIvZfjkabCZPcoH1IJGQqhc7sVKYMYQTfPyaSxDNz0bV27tBBIkf--ykhfeWW8WWzn5lmqRt6R2sGeNpDniPcQrRNptxTMx49T4CdsLsN1pT5imLNL74lZVSNETy1tJCNPOnlEmvbayN6-Nx3DPCahCcpqjqXNKjY_CKM6VN4-QjVhE6fhd0XAPdEXVWfXy1iUfV7ypLIGNPh7_TMsC4uqsvfqTDjGX9oKreIffQwZgOkIdk7utkh2SNs-1PWnbGrDC6xkHKE3AS40aByGF3icCk7iYYXpcJoaUAmAJdOjF3e2bzSvRgXw9rTZBVsUWtKm496KBCHqPRpCZLS2AEns8ML6VyuYoSLBwqDOf1pCGNCA08fA_75DKaOxVKtLrLyZXrDQdrEQXtOCDQENX1kpy2OThC4C5HRGUusN6F14NthoBc3MWAnwFUR5H03U4Tr0sjUvwGCLamXIJdd1Tli-HOLerYa4OoC3LsOgXoxZ_jXsAN_UZdQtIDKtfupzBmOg3GL6hU45PzuTY--SxCjxEGSgeVfwdUPXaDDOlHru2bb-d-EaiKSNaNKTWhz6alfEd42dnV5OWn34cxb4nVOSrxS4fi-MmMqoyRsD9cYBSkvCkoWyROtK5sLiYgDm4sfj87xtFPB10-se8oHqmzJOWEq-ffr_omgELvgj2C5NvelSJi049L1TSw41n-spFrcZO8sH2uVMATZv1b8QmSnEN57EXlQjfaAN2zIhFJuCj60uGU9HUFqUskcLkj0ilz6K-w2Oyi4LVSnEZTAvcjdg0N8ymbPStSPPXFsuC8f2fp81YdSDKblKj37xl9fqUCkh1JQb3rb_UHQMGI8PHNOCJameQMlzEk_80baSt6IEu4HgZDMOCqAYBsK-3pLW87yQZMnAQun6G4TPw4Xlk4_pW0N6Z0_7eAM2LdVXfgIwc0xUJEldOPLjxzSdwypgWEcELCyAWqMq5ZrtXTai3B7h9JBEU7Ikx49KJcIa-QhYOXMsD-6Jgoyfu_G0z71Ia4hPOtakUE1qBalmG-Juz32LKjLVcK-TU9ELDhKclrZ7SVq6dMclCrQq-D4ORbT6uw4WR9TdAjKYNj1uSp8j8I5YTiWEIJ_jkELyhVniaaRXKXsTIICizT9kCeXo7ddjZ12KgHMib6173nYwVyRIUHCkcDNFs0-bxbZRQ_P8a5MlythdC5cyR16CT-GFZZ_Sx1sI8rvoAf_cB1pPqDW6y01m5mySB6GXcGFE1wnBUaU58i9jheVylyddbgRUo94Nf_8hc&ext_cid=217903&px_id=31418776&min_cpm=0.0015329977747882292&out_id=0&campaign_type=mq&aid=127&cid=12695&uniq=34d3b07b42d61d4561e6068f66f2a7660a7ce2ba959fa10f4073bd1e499cf814&mid=6858113746656956773&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.05468650043010715&cpm=0.055&verify_hash=e665d8118d1869a35f4eec74151a894c&is_native=1&real_bid=0.05468650043010715&original_bid_usd=0.055&original_bid=0.055&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,5,98,70,108,0&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=1725429798&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F756%2F756856%2Fconversions%2FLEW9txun-in-page-ad-images.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-13-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=217903&is_webview=0&client_price=0.05468650043010715&direct_client_price=0&priority=0&client_payment_model=cpm&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.02&cpa=0301b4e3-1319-44f4-ad22-89f7bb340ad3&prev_step_diff=670
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subject4917493a9d.com
Fingerprint81:6B:99:40:4A:C5:6E:8B:27:F3:A4:C6:7C:EF:D3:3F:91:86:5F:27
ValidityThu, 29 Aug 2024 14:03:46 GMT - Wed, 27 Nov 2024 14:03:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=c&site_id=31418776&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.bar%2F404.php&refdom=poop.bar&auction_time=1725256998&subid=388464194&sid=2978436941&tcid=0&ver=8.184.0&ver_c=&spot_id=418776&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-09-02&iabcat=IAB25-3&keywords=&user_fp=17482288374655957434&score=77.61610364421898&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D388464194%26spot_id%3D418776%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.bar%252F404.php%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=15470&crtid=a448785754fcf5a97a1ec8e8b27b4f57&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DgLiiEuzs0PQIQmIx7merFcvUe1FxXrDTdI6yuDqMcYHqgaaD4DQZrIekNFumGsE6iWIci1OugEfdDKULyDZwNgtdO-L04H3HCVQb196NA4eOg12BVHU4Pa71LlbvNQpI62iFcqzpVm0JJuiGdoaL6FKQkLz8sFsfGBNyG20nGb6mSPB3QH-AN3M6Xwom5cY0Nec-FebUT8OEyXtkjrTOcMXrq1QA_DxunFAGSla-Lxl213RPwg5PoUJe3Q7iUcqto5INWK9EaemHVc6qz5QS1fmJnc2BCKJZC4mLh7Fv4-ZVcpCqtdbIggBbyjOzIiMaPC4-gcEAsTkxnomCMLbXjqTNB9LPA8EyOygyZ_pSrezln4VvMt63xkL-kGPKobbKaJ-c0VbrJ1oqfGFwE3a0WTzSxRUwexSr59VX5RK0UJTI25Q66LNc-08KgdoEIvSDQ51N-XgycTg1_PULx0y5Ln1rziS5iIsE67KNIowflSAfFaoEl8cIhBmyj8Em2E5QQcXvNFB9fZy2M0UR0NNbo7eGoylpsthNjt9aRabIArx7eHj-79vkePgHCj18mKpDr24huIbmq9nKy7xRkWzzdKgA7GiqdSaPcG2EjzwK-Tgw5q7aYa1fMXpPGOfY5hzs8T7rDvfSwxyBV7dCMGvj2paZuQ0vDSO5eExdZ5FnJ6w0YRiBuI41dN3lipkVCSVdhtyiRoVbxgR_uvzHVTyYCdSH5dp-brqPA4EGCj8bqGvtX5nXuVFGJyqJUbaA3Q4D_wUmqdw0rh8w9CGoKnq7yxFLRF-_Z8k7T8YQWTcGA5ol0K444bok-_jgsY1o4inOnZ_vx61_qq5HCcm-GZHF5aC9w4U5Gsi1vIoDuq7QfJXGVJpjcBmt9PAbhvW5NtIOoklCrJOgjlqQAMXSEqgccbpzBsxWTsio39rasu32gG5fcMNaZJ5yoNOKH0DROJXetrG7Dmug5p46IKgeDrapAJsMLAD5Y0ADyjB_1SShg-FfFldmUg8FmsMVFYmHhI2A0krS9OJFk-mzaXhOcynUKcGSz_TGUE54F5schGd80kNWMcNF-1iCz-ZtABIIfD6TDoplTt1NVVZK3HKosuOWXdpn8TZepMbkV6Ruz0ylNDY5nJB8xOL_qiu-DU2aUVzN2P0EWUbgTTJFoKERE6Q_P5ZKpF3luuwiBYY%26sp%3D0.055&icons=lCmY83ADHRi_uuD8bLN6_To-bBGihuF9D67jgrKjcCBa0K66px1E2E8TVJKsSIvZfjkabCZPcoH1IJGQqhc7sVKYMYQTfPyaSxDNz0bV27tBBIkf--ykhfeWW8WWzn5lmqRt6R2sGeNpDniPcQrRNptxTMx49T4CdsLsN1pT5imLNL74lZVSNETy1tJCNPOnlEmvbayN6-Nx3DPCahCcpqjqXNKjY_CKM6VN4-QjVhE6fhd0XAPdEXVWfXy1iUfV7ypLIGNPh7_TMsC4uqsvfqTDjGX9oKreIffQwZgOkIdk7utkh2SNs-1PWnbGrDC6xkHKE3AS40aByGF3icCk7iYYXpcJoaUAmAJdOjF3e2bzSvRgXw9rTZBVsUWtKm496KBCHqPRpCZLS2AEns8ML6VyuYoSLBwqDOf1pCGNCA08fA_75DKaOxVKtLrLyZXrDQdrEQXtOCDQENX1kpy2OThC4C5HRGUusN6F14NthoBc3MWAnwFUR5H03U4Tr0sjUvwGCLamXIJdd1Tli-HOLerYa4OoC3LsOgXoxZ_jXsAN_UZdQtIDKtfupzBmOg3GL6hU45PzuTY--SxCjxEGSgeVfwdUPXaDDOlHru2bb-d-EaiKSNaNKTWhz6alfEd42dnV5OWn34cxb4nVOSrxS4fi-MmMqoyRsD9cYBSkvCkoWyROtK5sLiYgDm4sfj87xtFPB10-se8oHqmzJOWEq-ffr_omgELvgj2C5NvelSJi049L1TSw41n-spFrcZO8sH2uVMATZv1b8QmSnEN57EXlQjfaAN2zIhFJuCj60uGU9HUFqUskcLkj0ilz6K-w2Oyi4LVSnEZTAvcjdg0N8ymbPStSPPXFsuC8f2fp81YdSDKblKj37xl9fqUCkh1JQb3rb_UHQMGI8PHNOCJameQMlzEk_80baSt6IEu4HgZDMOCqAYBsK-3pLW87yQZMnAQun6G4TPw4Xlk4_pW0N6Z0_7eAM2LdVXfgIwc0xUJEldOPLjxzSdwypgWEcELCyAWqMq5ZrtXTai3B7h9JBEU7Ikx49KJcIa-QhYOXMsD-6Jgoyfu_G0z71Ia4hPOtakUE1qBalmG-Juz32LKjLVcK-TU9ELDhKclrZ7SVq6dMclCrQq-D4ORbT6uw4WR9TdAjKYNj1uSp8j8I5YTiWEIJ_jkELyhVniaaRXKXsTIICizT9kCeXo7ddjZ12KgHMib6173nYwVyRIUHCkcDNFs0-bxbZRQ_P8a5MlythdC5cyR16CT-GFZZ_Sx1sI8rvoAf_cB1pPqDW6y01m5mySB6GXcGFE1wnBUaU58i9jheVylyddbgRUo94Nf_8hc&ext_cid=217903&px_id=31418776&min_cpm=0.0015329977747882292&out_id=0&campaign_type=mq&aid=127&cid=12695&uniq=34d3b07b42d61d4561e6068f66f2a7660a7ce2ba959fa10f4073bd1e499cf814&mid=6858113746656956773&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.05468650043010715&cpm=0.055&verify_hash=e665d8118d1869a35f4eec74151a894c&is_native=1&real_bid=0.05468650043010715&original_bid_usd=0.055&original_bid=0.055&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=101,4,5,98,70,108,0&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=1725429798&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F756%2F756856%2Fconversions%2FLEW9txun-in-page-ad-images.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-13-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=217903&is_webview=0&client_price=0.05468650043010715&direct_client_price=0&priority=0&client_payment_model=cpm&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.02&cpa=0301b4e3-1319-44f4-ad22-89f7bb340ad3&prev_step_diff=670 HTTP/1.1
Host: 4bb6cef88c.4917493a9d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 02 Sep 2024 06:03:18 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

nereserv.com/in/dip?event_id=7910cf6d-1e9d-44d5-b0d8-f6d3aa6b6b49&subid=500843478&spot_id=503362&created_at=2024-09-02&timezone=0&ver=1.154.2

116.202.204.105

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?event_id=7910cf6d-1e9d-44d5-b0d8-f6d3aa6b6b49&subid=500843478&spot_id=503362&created_at=2024-09-02&timezone=0&ver=1.154.2
IP
116.202.204.105:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint45:52:8C:9D:57:BA:65:CC:D6:E3:BA:47:79:D3:57:FC:CA:CB:04:0B
ValiditySun, 18 Aug 2024 04:34:54 GMT - Sat, 16 Nov 2024 04:34:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?event_id=7910cf6d-1e9d-44d5-b0d8-f6d3aa6b6b49&subid=500843478&spot_id=503362&created_at=2024-09-02&timezone=0&ver=1.154.2 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.24.0
date: Mon, 02 Sep 2024 06:03:18 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

168.119.25.102

200 OK

0 B

URL GET HTTP/2
4bb6cef88c.4917493a9d.com/in/show/?tag_ab=c&site_id=31418774&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.bar%2F404.php&refdom=poop.bar&auction_time=1725256998&subid=357529620&sid=1633553334&tcid=0&ver=8.184.0&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-09-02&iabcat=IAB25-3&keywords=&user_fp=17482288374655957434&score=74.28172718272594&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.bar%252F404.php%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=55184&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.rwtrack.xyz%2Fpop%2Fimp%3Fauth%3D5xjb7j%26c%3D4p66wHdKPvgGK8golNhd75TRyxnelJobr3xX8tm5gWH-xWgu_-IYxy-EhUN8snklFYc5Tc4iqfMxb-zR6_AmU50QO2acCcdJDVtLlCQRn_T2FTQJQ0bmQDiWlOKRf3JgChaqfVzXOWgrbfeNVkxaXaloR49IgRUM2xWzYCl0QFdoQVSDj41dJ6G3IDBT7kA6dLGsBC7_4_za399G8uhHjsAKEGEkqxenu5raMIrj1ghAeSW48FV-Xe6EQfDTytanGyy_AzFHLw1mh5Rcaa46RZ2TRe8wcv56vhs5rp7Yx3JWeAipU7l30muBaZnCh9LAOSwxNm25meEIkKjingE1iVPrnSr6zivZcExp67-SaUyxemK0bGwbB3kIw8vbmBO6WOYtoTYmPwiw48F1QmNbVJsN0H4Byyx8fV2wjSiIKQpFqt6swfb2peZB7t11oCNCHZMjD6fVLYhKogL_m6o3pjxW7oI9sQ9FUhiHc7_wRWQnF4AaigxdVHLaj3KhjKp48NtWC6U2MLqeLqBcQrSRsG3L2eXmB-8dygZfnRO1m3snJNtrwoeZLjZwJOsydaBOcQowmse-fMM&icons=aJu4tfdMvWJESDvrRgmiIbw47_WyeQYYMxllA0ukEr0S86Xe_5LH-sH4JHw9u28S6FDlBaMoqPzcxIPgFdF6OVavtnL1ZM5DQ_Xxt9DFETDio3natWGHiRc9PDylCRiCKP7fqxhd_UJJShFeF_aKjEhHHTqzx2VNAcVTv-iGvm1FtGbO0w&ext_cid=184&px_id=53418774&min_cpm=0.002149198116868228&out_id=1&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=637749563550412968&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.003174377770402765&cpm=0&verify_hash=5af837ae6205e0be43d483fcd9a41186&is_native=2&real_bid=0.00042355500340461724&original_bid_usd=0.00051&original_bid=0.00051&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=83,27,108,4,89,20,70,0&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00051&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000005100000000000001&ext_campaign_id_str=184&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=b97325b5-9e8b-4edf-9b06-616f2f5ca1e9&prev_step_diff=658
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subject4917493a9d.com
Fingerprint81:6B:99:40:4A:C5:6E:8B:27:F3:A4:C6:7C:EF:D3:3F:91:86:5F:27
ValidityThu, 29 Aug 2024 14:03:46 GMT - Wed, 27 Nov 2024 14:03:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=c&site_id=31418774&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.bar%2F404.php&refdom=poop.bar&auction_time=1725256998&subid=357529620&sid=1633553334&tcid=0&ver=8.184.0&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-09-02&iabcat=IAB25-3&keywords=&user_fp=17482288374655957434&score=74.28172718272594&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.bar%252F404.php%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=55184&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.rwtrack.xyz%2Fpop%2Fimp%3Fauth%3D5xjb7j%26c%3D4p66wHdKPvgGK8golNhd75TRyxnelJobr3xX8tm5gWH-xWgu_-IYxy-EhUN8snklFYc5Tc4iqfMxb-zR6_AmU50QO2acCcdJDVtLlCQRn_T2FTQJQ0bmQDiWlOKRf3JgChaqfVzXOWgrbfeNVkxaXaloR49IgRUM2xWzYCl0QFdoQVSDj41dJ6G3IDBT7kA6dLGsBC7_4_za399G8uhHjsAKEGEkqxenu5raMIrj1ghAeSW48FV-Xe6EQfDTytanGyy_AzFHLw1mh5Rcaa46RZ2TRe8wcv56vhs5rp7Yx3JWeAipU7l30muBaZnCh9LAOSwxNm25meEIkKjingE1iVPrnSr6zivZcExp67-SaUyxemK0bGwbB3kIw8vbmBO6WOYtoTYmPwiw48F1QmNbVJsN0H4Byyx8fV2wjSiIKQpFqt6swfb2peZB7t11oCNCHZMjD6fVLYhKogL_m6o3pjxW7oI9sQ9FUhiHc7_wRWQnF4AaigxdVHLaj3KhjKp48NtWC6U2MLqeLqBcQrSRsG3L2eXmB-8dygZfnRO1m3snJNtrwoeZLjZwJOsydaBOcQowmse-fMM&icons=aJu4tfdMvWJESDvrRgmiIbw47_WyeQYYMxllA0ukEr0S86Xe_5LH-sH4JHw9u28S6FDlBaMoqPzcxIPgFdF6OVavtnL1ZM5DQ_Xxt9DFETDio3natWGHiRc9PDylCRiCKP7fqxhd_UJJShFeF_aKjEhHHTqzx2VNAcVTv-iGvm1FtGbO0w&ext_cid=184&px_id=53418774&min_cpm=0.002149198116868228&out_id=1&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=637749563550412968&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.003174377770402765&cpm=0&verify_hash=5af837ae6205e0be43d483fcd9a41186&is_native=2&real_bid=0.00042355500340461724&original_bid_usd=0.00051&original_bid=0.00051&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=83,27,108,4,89,20,70,0&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00051&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000005100000000000001&ext_campaign_id_str=184&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=b97325b5-9e8b-4edf-9b06-616f2f5ca1e9&prev_step_diff=658 HTTP/1.1
Host: 4bb6cef88c.4917493a9d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 02 Sep 2024 06:03:18 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
82dbd738029147cc30b7a767248bb113
e4e56340b662b1dc5359042a3df99aa42c5e9f4a
b988a21ae59434f20d05f3247048db303f877319d6e14ae2e4b0bfd6f9f46559

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B988A21AE59434F20D05F3247048DB303F877319D6E14AE2E4B0BFD6F9F46559"
Last-Modified: Sat, 31 Aug 2024 02:56:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14188
Expires: Mon, 02 Sep 2024 09:59:46 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

p.a64x.com/in/tip_shows/?katds_ep=MI-zwqGU5hezH5yHZPZFhhOmy7WoGfR4E6szatTrY2z3b8HGh9fsSC8hpvOpW_8HR4TXLnqmUiEbBOSpNbiCi9F57tNV9QWpLMPqGzOzwIvR7AQ_3pbhTd9fo6Kgw0Gvo3wnn6hx-RyC7bCQ3QODddleFw48Uxb-AyWbRopib_61KD5-yZBl6bKhmszsLJbaEylbKIACs3mwVqfDtFafVoj8k6ssDi1LvOQA1o9MvqFy_GuUc_1CvBCEkfq_3T76mxrIsJKi-Q3MEtlSM3wHPv8-nsZerCXCFNJGzJQ5jPZCTOmTJ2sK58nmgtcruSeL76PffAZ87Kbodkpp8HJkwB4I5EwyYW1gLAWGLCsbOpeO-hnmwtjEzccS1lsPBy0vgEcoIzhwP_ggbI0BU2jct0Wil7p7SWOmQnYgNe6HyPVGysUN3pQd4-_NQKvHZFBzksYR8ix9oixjQl0vDeZdHZ-v1rbSw6J7z2soAffPCt2xknKVyjcrHVEvHdME0t5PPnJuV4mAtXujbyCJp5WMM9GVzDx1kjl936VR6QoAk8ouvVOLsIZ0mv_ehEbdsmAD_jfeXFbu2r-yZJj9A_U_TJyIfDg3UkVuKuNmo0MM57OIrNVIec56HrCQ-pgLkS2HU7ydY9wv8Gm0Gvc9vmNDCgQ4ZraPo3e2aqIHe2eoCgmpXQfhSkNHSk2hRKFWgKLst3JnFeEu9__H10UVzFblRKhIquBOgZQIm1CEB9z4m6lUDPImvbD52GV3Vg7BoRei284EFEGMSr9LqMbN8F2JEXZRiiue4ZtN5stGsCwpi6FVp65JSt6tZyMdFLnGkoupesCUBsVvfLoIZBbED8wOcbBQMCfBS07Xn38cIM0CP6LC3_lTsy75pkYO4nA8nXZMbBCOrWRaINDqqVL5XQhM&sp=0.055&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.02&cpa=92f91c56-fb82-4594-8f53-403b1caa5499&prev_step_diff=670

172.67.185.171

302 Found

0 B

URL GET HTTP/2
p.a64x.com/in/tip_shows/?katds_ep=MI-zwqGU5hezH5yHZPZFhhOmy7WoGfR4E6szatTrY2z3b8HGh9fsSC8hpvOpW_8HR4TXLnqmUiEbBOSpNbiCi9F57tNV9QWpLMPqGzOzwIvR7AQ_3pbhTd9fo6Kgw0Gvo3wnn6hx-RyC7bCQ3QODddleFw48Uxb-AyWbRopib_61KD5-yZBl6bKhmszsLJbaEylbKIACs3mwVqfDtFafVoj8k6ssDi1LvOQA1o9MvqFy_GuUc_1CvBCEkfq_3T76mxrIsJKi-Q3MEtlSM3wHPv8-nsZerCXCFNJGzJQ5jPZCTOmTJ2sK58nmgtcruSeL76PffAZ87Kbodkpp8HJkwB4I5EwyYW1gLAWGLCsbOpeO-hnmwtjEzccS1lsPBy0vgEcoIzhwP_ggbI0BU2jct0Wil7p7SWOmQnYgNe6HyPVGysUN3pQd4-_NQKvHZFBzksYR8ix9oixjQl0vDeZdHZ-v1rbSw6J7z2soAffPCt2xknKVyjcrHVEvHdME0t5PPnJuV4mAtXujbyCJp5WMM9GVzDx1kjl936VR6QoAk8ouvVOLsIZ0mv_ehEbdsmAD_jfeXFbu2r-yZJj9A_U_TJyIfDg3UkVuKuNmo0MM57OIrNVIec56HrCQ-pgLkS2HU7ydY9wv8Gm0Gvc9vmNDCgQ4ZraPo3e2aqIHe2eoCgmpXQfhSkNHSk2hRKFWgKLst3JnFeEu9__H10UVzFblRKhIquBOgZQIm1CEB9z4m6lUDPImvbD52GV3Vg7BoRei284EFEGMSr9LqMbN8F2JEXZRiiue4ZtN5stGsCwpi6FVp65JSt6tZyMdFLnGkoupesCUBsVvfLoIZBbED8wOcbBQMCfBS07Xn38cIM0CP6LC3_lTsy75pkYO4nA8nXZMbBCOrWRaINDqqVL5XQhM&sp=0.055&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.02&cpa=92f91c56-fb82-4594-8f53-403b1caa5499&prev_step_diff=670
IP
172.67.185.171:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjecta64x.com
FingerprintB5:4B:C1:A8:2B:E0:9A:23:FC:3F:C3:F1:D9:B6:C0:C6:0E:F4:16:D9
ValidityMon, 15 Jul 2024 19:41:15 GMT - Sun, 13 Oct 2024 19:41:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/tip_shows/?katds_ep=MI-zwqGU5hezH5yHZPZFhhOmy7WoGfR4E6szatTrY2z3b8HGh9fsSC8hpvOpW_8HR4TXLnqmUiEbBOSpNbiCi9F57tNV9QWpLMPqGzOzwIvR7AQ_3pbhTd9fo6Kgw0Gvo3wnn6hx-RyC7bCQ3QODddleFw48Uxb-AyWbRopib_61KD5-yZBl6bKhmszsLJbaEylbKIACs3mwVqfDtFafVoj8k6ssDi1LvOQA1o9MvqFy_GuUc_1CvBCEkfq_3T76mxrIsJKi-Q3MEtlSM3wHPv8-nsZerCXCFNJGzJQ5jPZCTOmTJ2sK58nmgtcruSeL76PffAZ87Kbodkpp8HJkwB4I5EwyYW1gLAWGLCsbOpeO-hnmwtjEzccS1lsPBy0vgEcoIzhwP_ggbI0BU2jct0Wil7p7SWOmQnYgNe6HyPVGysUN3pQd4-_NQKvHZFBzksYR8ix9oixjQl0vDeZdHZ-v1rbSw6J7z2soAffPCt2xknKVyjcrHVEvHdME0t5PPnJuV4mAtXujbyCJp5WMM9GVzDx1kjl936VR6QoAk8ouvVOLsIZ0mv_ehEbdsmAD_jfeXFbu2r-yZJj9A_U_TJyIfDg3UkVuKuNmo0MM57OIrNVIec56HrCQ-pgLkS2HU7ydY9wv8Gm0Gvc9vmNDCgQ4ZraPo3e2aqIHe2eoCgmpXQfhSkNHSk2hRKFWgKLst3JnFeEu9__H10UVzFblRKhIquBOgZQIm1CEB9z4m6lUDPImvbD52GV3Vg7BoRei284EFEGMSr9LqMbN8F2JEXZRiiue4ZtN5stGsCwpi6FVp65JSt6tZyMdFLnGkoupesCUBsVvfLoIZBbED8wOcbBQMCfBS07Xn38cIM0CP6LC3_lTsy75pkYO4nA8nXZMbBCOrWRaINDqqVL5XQhM&sp=0.055&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.02&cpa=92f91c56-fb82-4594-8f53-403b1caa5499&prev_step_diff=670 HTTP/1.1
Host: p.a64x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 02 Sep 2024 06:03:18 GMT
content-type: application/json
content-length: 0
location: https://imdn.pics/m/p/0/756/756855/conversions/7bkHArcN-in-page-ad-icons.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SAsBXRp68KOeww%2Fna0hK5f6XheI0fKs4f9ieE3JPVWul%2BfosZ8dqXZfWLXYrbbkQLza2DWO25PU3c%2Fox%2BSVMZKmuOebR%2BZeln3QHpY18tsHhtbc9IHZxbhUa7%2BgF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bcb4bd24f99b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

4bb6cef88c.4917493a9d.com/in/show/?tag_ab=c&site_id=31418774&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.bar%2F404.php&refdom=poop.bar&auction_time=1725256998&subid=357529620&sid=1633553334&tcid=0&ver=8.184.0&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-09-02&iabcat=IAB25-3&keywords=&user_fp=17482288374655957434&score=74.28172718272594&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.bar%252F404.php%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=40828&crtid=ff211e80ebf657db1e8305c91c480275&url=http%3A%2F%2Fyuoprae.com%2Fie%3Fv%3D4%26c%3DMaeJ72S5xmLjgn75XWafdDpykyosojunKU3NmKzowJUkIwORqF5PSaxDdyXP5S76XHKoPqrb4r98fgXBUpauTF6pGjXFdwQsAbZm9zVpuXXU4rMHi-P3Fnmys5Pj76rzHs1LJ3sSCQMKQwuxdrnrSdksK6suUJ1Ai56MQJ6b9B_ZjP7zvFdBVsXUGzL3Bv1l_7FQLG_BESXmPH2MViXLW3hLs-yBEe39AGsR2wY9tZsEgHc5VJfPlI-BQwHllb3QcfU4s3Z8vaQSKkUXY1immIsusvnRUSO1WtxuoEM3PdX_x6PWNSSZqmA2FFDV8CYdzr90EiycLKsn_-1XUom3OUW9RnkMXXRBePO13vcFCSyAvmsSObECfWdrM-q7DDiXuoyNJkYnMzE5OrKf_Y5ka60rLyPTpT1uSrBM8u28juAHi4E7R4rlStKF8-dKMB12JzhRtmGbaS0YEDeZWgor3muMHoWFzg2NL1VwZeARM1cZ9R_LtbiE8yAbLJBPvdF-%26v1%3D531%26v2%3D40828&icons=Uujs1Ptn35k5sHqf38cPHuo6qH0yT4YqyoCL9faInNTEhFCXTokg2GNNQ7n1OO2qucXUkJxCX_srmkIKazNw0hC_tP9YRAVyGXLRh4cAgzY8ozKaUjKjEqryFLioRnvvljKdMP0YiyhQITzqK4GOTDlr954hOLESXhsef1X-3x1fKd13uZ99VgJZtxZ7J4HtPlBCMr06K2GtFxhLnt6U8hIZiQ23gqCulegHl7QSwebn-uXrtispTm4PlLvG2W01hQwumU5dQuZ3R1Cwao0O3CSokqA-8vuPsaIs473LQtP5AurDcnha2WPkV9W7zy-xxeqjOVcoDfriU5HKwebUbIkBGz1BbA2dFIywtPiSO-CxTVFeUXVpXSFGyG6mspwFpVKpWNzz0LKkopRHrpdxWYrZv61LssNeoZnt37KYYFJCh3mf_xLEiPc3ryL0g7OtgcCfhUTJcyknU0QOH7gfzmN9PXuS9iI2rPwoZS8_0ZBvxpOe4MtT3r2gH51pdUSqSEMblYFYiT1-ar4dTGPxIJETeQNeAJE-mFw_Q9JQleL-PQ3N_08MiXdIqQamdMBSW1VZDkCVJz0DmwM2smomAl8NfOo_y4NpB4xxH17I9ls9Tif4ZX2CkNBaH_I8i9ZyG3al4iOo2PrZlxcjGrjIR0hbuQwaSFMp7Fypvda1M2S4hMPjGo9KpNEUET0u0JMG2xwGctUa1rwkef1kaQiTlj9-2aM4-NiGnQ3yYWw7Zjw2LXL1HoKYaKUYn00EgZXiiwat1yzv0RUOhsQrDHxvT_t9cEwSOlpEm65IpQ_7ybSa5UiTW6I3XpXTRa98VKHv9efQTcJsAYOr9KDQCFWs6rTs2Qb44I8Qn5jN4rIpxHEm_d2D8dZr259Q_Omlnw5EzzCjWS2C41BeEwuLWfpQdUUouFwKePORxntGbGif4eBM-b1O9xhmxkBZamVgTvwbOf-QLoBhS20bT_230A2fGaXiKqxr43MsSdx_0MuppAwt0eGMB6If-JLWvN5pkV6FmZk_H26XxYkUWUivxzcwHbY-CDxhezGarGD4mBaY2Mm7Kw5ESpOpXO2QJMzM61vH09cAMYEUAJXQogdihSTqc3ea254NhrsDy7joLfoE9M0qbLYBPCfatmWMzxpYsSoTbrkT-uNe8sfpV7bgcrbQoU8Gqs96W6P2-netL6tiLIvBy-7P5f3GWxTwJ5h6Lk5-BP70qh8ZKe7dwP8QRQKUz6G3o_vFyOuqrFNHCcSyPNQgLeJD9trZzgTfrxoLOXZPx7mLU_xXb4qNM8dASyE020ZLdxabO3SYKE1m3FT0wLe9XS4jXLPMfCDFvZSqIHPKBiIfaiFbLT8wo2VjorB5K3M8_NZrCxDrzr02Zh3B0gIqOhuhMXbUVp0JB3jsw7hh5mXUly37lc0w3BWLC0F3cWBg-FUMjesaN55jXzjmrXreexdUIwJr65eGlSOvno_M_byYi9-QZ1G56OXKPB5br1jsEIxVtO2eEvpdm_wGPI6aQazkA7JyDCGw1lf-cbw-4Gwo48jREhdrFm_sayZ0XG6_FQpy3ME7d8AyQUwlVublYMZ4gFVZDq7K6L0mU7ZRdEPd7SDIpWfgeOusTuO2A5U0iveLqelMxENSx-08-32cEcLB75rq2OsJWFfcGh-0yhmbBE6xifogsIaECdECwNBTGvOANfvucztfk8NHu2uqXBzKFfCWSazeLHfvSw7g1VCq5Ielh_4ojg5cfQOdn-Fi_uDr-we3UFUa28bPwpC_SswjYTCi6lwCyCpW9-z9f3osbPTY5z2iRmQtvmXVGqiCFTH3MnGU9XPdLrjQG0FlpjwjlPOI-P14q2NV-1vD9kMCHET_8xnADEcAB06DBmpmiKzaNRTVtg6tCStkDWBirKKvagWJlYUHWYaNTUb2MXvkDVrt_oSECaHJbI9fCJ7FKFU&ext_cid=0&px_id=31418774&min_cpm=0.008976486890479144&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=637749563550412968&skin_id=71&vertical_id=14&skin_test=0&from_cache=0&ecpm=0.18041885948615505&cpm=0&verify_hash=31bb5f8edb81cd437ff4eafcafe57dce&is_native=1&real_bid=0.00576372419306737&original_bid_usd=0.0063247275&original_bid=0.0063247275&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,14,101&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=1725314598&image_url=&site=native-push-adult&price=0.0063247275&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000063247275&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.03&cpa=4ba4b7f4-b82b-4a6d-8bb8-2084effdab82&prev_step_diff=657

168.119.25.102

200 OK

0 B

URL GET HTTP/2
4bb6cef88c.4917493a9d.com/in/show/?tag_ab=c&site_id=31418774&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.bar%2F404.php&refdom=poop.bar&auction_time=1725256998&subid=357529620&sid=1633553334&tcid=0&ver=8.184.0&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-09-02&iabcat=IAB25-3&keywords=&user_fp=17482288374655957434&score=74.28172718272594&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.bar%252F404.php%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=40828&crtid=ff211e80ebf657db1e8305c91c480275&url=http%3A%2F%2Fyuoprae.com%2Fie%3Fv%3D4%26c%3DMaeJ72S5xmLjgn75XWafdDpykyosojunKU3NmKzowJUkIwORqF5PSaxDdyXP5S76XHKoPqrb4r98fgXBUpauTF6pGjXFdwQsAbZm9zVpuXXU4rMHi-P3Fnmys5Pj76rzHs1LJ3sSCQMKQwuxdrnrSdksK6suUJ1Ai56MQJ6b9B_ZjP7zvFdBVsXUGzL3Bv1l_7FQLG_BESXmPH2MViXLW3hLs-yBEe39AGsR2wY9tZsEgHc5VJfPlI-BQwHllb3QcfU4s3Z8vaQSKkUXY1immIsusvnRUSO1WtxuoEM3PdX_x6PWNSSZqmA2FFDV8CYdzr90EiycLKsn_-1XUom3OUW9RnkMXXRBePO13vcFCSyAvmsSObECfWdrM-q7DDiXuoyNJkYnMzE5OrKf_Y5ka60rLyPTpT1uSrBM8u28juAHi4E7R4rlStKF8-dKMB12JzhRtmGbaS0YEDeZWgor3muMHoWFzg2NL1VwZeARM1cZ9R_LtbiE8yAbLJBPvdF-%26v1%3D531%26v2%3D40828&icons=Uujs1Ptn35k5sHqf38cPHuo6qH0yT4YqyoCL9faInNTEhFCXTokg2GNNQ7n1OO2qucXUkJxCX_srmkIKazNw0hC_tP9YRAVyGXLRh4cAgzY8ozKaUjKjEqryFLioRnvvljKdMP0YiyhQITzqK4GOTDlr954hOLESXhsef1X-3x1fKd13uZ99VgJZtxZ7J4HtPlBCMr06K2GtFxhLnt6U8hIZiQ23gqCulegHl7QSwebn-uXrtispTm4PlLvG2W01hQwumU5dQuZ3R1Cwao0O3CSokqA-8vuPsaIs473LQtP5AurDcnha2WPkV9W7zy-xxeqjOVcoDfriU5HKwebUbIkBGz1BbA2dFIywtPiSO-CxTVFeUXVpXSFGyG6mspwFpVKpWNzz0LKkopRHrpdxWYrZv61LssNeoZnt37KYYFJCh3mf_xLEiPc3ryL0g7OtgcCfhUTJcyknU0QOH7gfzmN9PXuS9iI2rPwoZS8_0ZBvxpOe4MtT3r2gH51pdUSqSEMblYFYiT1-ar4dTGPxIJETeQNeAJE-mFw_Q9JQleL-PQ3N_08MiXdIqQamdMBSW1VZDkCVJz0DmwM2smomAl8NfOo_y4NpB4xxH17I9ls9Tif4ZX2CkNBaH_I8i9ZyG3al4iOo2PrZlxcjGrjIR0hbuQwaSFMp7Fypvda1M2S4hMPjGo9KpNEUET0u0JMG2xwGctUa1rwkef1kaQiTlj9-2aM4-NiGnQ3yYWw7Zjw2LXL1HoKYaKUYn00EgZXiiwat1yzv0RUOhsQrDHxvT_t9cEwSOlpEm65IpQ_7ybSa5UiTW6I3XpXTRa98VKHv9efQTcJsAYOr9KDQCFWs6rTs2Qb44I8Qn5jN4rIpxHEm_d2D8dZr259Q_Omlnw5EzzCjWS2C41BeEwuLWfpQdUUouFwKePORxntGbGif4eBM-b1O9xhmxkBZamVgTvwbOf-QLoBhS20bT_230A2fGaXiKqxr43MsSdx_0MuppAwt0eGMB6If-JLWvN5pkV6FmZk_H26XxYkUWUivxzcwHbY-CDxhezGarGD4mBaY2Mm7Kw5ESpOpXO2QJMzM61vH09cAMYEUAJXQogdihSTqc3ea254NhrsDy7joLfoE9M0qbLYBPCfatmWMzxpYsSoTbrkT-uNe8sfpV7bgcrbQoU8Gqs96W6P2-netL6tiLIvBy-7P5f3GWxTwJ5h6Lk5-BP70qh8ZKe7dwP8QRQKUz6G3o_vFyOuqrFNHCcSyPNQgLeJD9trZzgTfrxoLOXZPx7mLU_xXb4qNM8dASyE020ZLdxabO3SYKE1m3FT0wLe9XS4jXLPMfCDFvZSqIHPKBiIfaiFbLT8wo2VjorB5K3M8_NZrCxDrzr02Zh3B0gIqOhuhMXbUVp0JB3jsw7hh5mXUly37lc0w3BWLC0F3cWBg-FUMjesaN55jXzjmrXreexdUIwJr65eGlSOvno_M_byYi9-QZ1G56OXKPB5br1jsEIxVtO2eEvpdm_wGPI6aQazkA7JyDCGw1lf-cbw-4Gwo48jREhdrFm_sayZ0XG6_FQpy3ME7d8AyQUwlVublYMZ4gFVZDq7K6L0mU7ZRdEPd7SDIpWfgeOusTuO2A5U0iveLqelMxENSx-08-32cEcLB75rq2OsJWFfcGh-0yhmbBE6xifogsIaECdECwNBTGvOANfvucztfk8NHu2uqXBzKFfCWSazeLHfvSw7g1VCq5Ielh_4ojg5cfQOdn-Fi_uDr-we3UFUa28bPwpC_SswjYTCi6lwCyCpW9-z9f3osbPTY5z2iRmQtvmXVGqiCFTH3MnGU9XPdLrjQG0FlpjwjlPOI-P14q2NV-1vD9kMCHET_8xnADEcAB06DBmpmiKzaNRTVtg6tCStkDWBirKKvagWJlYUHWYaNTUb2MXvkDVrt_oSECaHJbI9fCJ7FKFU&ext_cid=0&px_id=31418774&min_cpm=0.008976486890479144&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=637749563550412968&skin_id=71&vertical_id=14&skin_test=0&from_cache=0&ecpm=0.18041885948615505&cpm=0&verify_hash=31bb5f8edb81cd437ff4eafcafe57dce&is_native=1&real_bid=0.00576372419306737&original_bid_usd=0.0063247275&original_bid=0.0063247275&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,14,101&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=1725314598&image_url=&site=native-push-adult&price=0.0063247275&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000063247275&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.03&cpa=4ba4b7f4-b82b-4a6d-8bb8-2084effdab82&prev_step_diff=657
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subject4917493a9d.com
Fingerprint81:6B:99:40:4A:C5:6E:8B:27:F3:A4:C6:7C:EF:D3:3F:91:86:5F:27
ValidityThu, 29 Aug 2024 14:03:46 GMT - Wed, 27 Nov 2024 14:03:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=c&site_id=31418774&adblock=0&testab=1&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fpoop.bar%2F404.php&refdom=poop.bar&auction_time=1725256998&subid=357529620&sid=1633553334&tcid=0&ver=8.184.0&ver_c=&spot_id=418774&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-09-02&iabcat=IAB25-3&keywords=&user_fp=17482288374655957434&score=74.28172718272594&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D357529620%26spot_id%3D418774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fpoop.bar%252F404.php%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=40828&crtid=ff211e80ebf657db1e8305c91c480275&url=http%3A%2F%2Fyuoprae.com%2Fie%3Fv%3D4%26c%3DMaeJ72S5xmLjgn75XWafdDpykyosojunKU3NmKzowJUkIwORqF5PSaxDdyXP5S76XHKoPqrb4r98fgXBUpauTF6pGjXFdwQsAbZm9zVpuXXU4rMHi-P3Fnmys5Pj76rzHs1LJ3sSCQMKQwuxdrnrSdksK6suUJ1Ai56MQJ6b9B_ZjP7zvFdBVsXUGzL3Bv1l_7FQLG_BESXmPH2MViXLW3hLs-yBEe39AGsR2wY9tZsEgHc5VJfPlI-BQwHllb3QcfU4s3Z8vaQSKkUXY1immIsusvnRUSO1WtxuoEM3PdX_x6PWNSSZqmA2FFDV8CYdzr90EiycLKsn_-1XUom3OUW9RnkMXXRBePO13vcFCSyAvmsSObECfWdrM-q7DDiXuoyNJkYnMzE5OrKf_Y5ka60rLyPTpT1uSrBM8u28juAHi4E7R4rlStKF8-dKMB12JzhRtmGbaS0YEDeZWgor3muMHoWFzg2NL1VwZeARM1cZ9R_LtbiE8yAbLJBPvdF-%26v1%3D531%26v2%3D40828&icons=Uujs1Ptn35k5sHqf38cPHuo6qH0yT4YqyoCL9faInNTEhFCXTokg2GNNQ7n1OO2qucXUkJxCX_srmkIKazNw0hC_tP9YRAVyGXLRh4cAgzY8ozKaUjKjEqryFLioRnvvljKdMP0YiyhQITzqK4GOTDlr954hOLESXhsef1X-3x1fKd13uZ99VgJZtxZ7J4HtPlBCMr06K2GtFxhLnt6U8hIZiQ23gqCulegHl7QSwebn-uXrtispTm4PlLvG2W01hQwumU5dQuZ3R1Cwao0O3CSokqA-8vuPsaIs473LQtP5AurDcnha2WPkV9W7zy-xxeqjOVcoDfriU5HKwebUbIkBGz1BbA2dFIywtPiSO-CxTVFeUXVpXSFGyG6mspwFpVKpWNzz0LKkopRHrpdxWYrZv61LssNeoZnt37KYYFJCh3mf_xLEiPc3ryL0g7OtgcCfhUTJcyknU0QOH7gfzmN9PXuS9iI2rPwoZS8_0ZBvxpOe4MtT3r2gH51pdUSqSEMblYFYiT1-ar4dTGPxIJETeQNeAJE-mFw_Q9JQleL-PQ3N_08MiXdIqQamdMBSW1VZDkCVJz0DmwM2smomAl8NfOo_y4NpB4xxH17I9ls9Tif4ZX2CkNBaH_I8i9ZyG3al4iOo2PrZlxcjGrjIR0hbuQwaSFMp7Fypvda1M2S4hMPjGo9KpNEUET0u0JMG2xwGctUa1rwkef1kaQiTlj9-2aM4-NiGnQ3yYWw7Zjw2LXL1HoKYaKUYn00EgZXiiwat1yzv0RUOhsQrDHxvT_t9cEwSOlpEm65IpQ_7ybSa5UiTW6I3XpXTRa98VKHv9efQTcJsAYOr9KDQCFWs6rTs2Qb44I8Qn5jN4rIpxHEm_d2D8dZr259Q_Omlnw5EzzCjWS2C41BeEwuLWfpQdUUouFwKePORxntGbGif4eBM-b1O9xhmxkBZamVgTvwbOf-QLoBhS20bT_230A2fGaXiKqxr43MsSdx_0MuppAwt0eGMB6If-JLWvN5pkV6FmZk_H26XxYkUWUivxzcwHbY-CDxhezGarGD4mBaY2Mm7Kw5ESpOpXO2QJMzM61vH09cAMYEUAJXQogdihSTqc3ea254NhrsDy7joLfoE9M0qbLYBPCfatmWMzxpYsSoTbrkT-uNe8sfpV7bgcrbQoU8Gqs96W6P2-netL6tiLIvBy-7P5f3GWxTwJ5h6Lk5-BP70qh8ZKe7dwP8QRQKUz6G3o_vFyOuqrFNHCcSyPNQgLeJD9trZzgTfrxoLOXZPx7mLU_xXb4qNM8dASyE020ZLdxabO3SYKE1m3FT0wLe9XS4jXLPMfCDFvZSqIHPKBiIfaiFbLT8wo2VjorB5K3M8_NZrCxDrzr02Zh3B0gIqOhuhMXbUVp0JB3jsw7hh5mXUly37lc0w3BWLC0F3cWBg-FUMjesaN55jXzjmrXreexdUIwJr65eGlSOvno_M_byYi9-QZ1G56OXKPB5br1jsEIxVtO2eEvpdm_wGPI6aQazkA7JyDCGw1lf-cbw-4Gwo48jREhdrFm_sayZ0XG6_FQpy3ME7d8AyQUwlVublYMZ4gFVZDq7K6L0mU7ZRdEPd7SDIpWfgeOusTuO2A5U0iveLqelMxENSx-08-32cEcLB75rq2OsJWFfcGh-0yhmbBE6xifogsIaECdECwNBTGvOANfvucztfk8NHu2uqXBzKFfCWSazeLHfvSw7g1VCq5Ielh_4ojg5cfQOdn-Fi_uDr-we3UFUa28bPwpC_SswjYTCi6lwCyCpW9-z9f3osbPTY5z2iRmQtvmXVGqiCFTH3MnGU9XPdLrjQG0FlpjwjlPOI-P14q2NV-1vD9kMCHET_8xnADEcAB06DBmpmiKzaNRTVtg6tCStkDWBirKKvagWJlYUHWYaNTUb2MXvkDVrt_oSECaHJbI9fCJ7FKFU&ext_cid=0&px_id=31418774&min_cpm=0.008976486890479144&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=637749563550412968&skin_id=71&vertical_id=14&skin_test=0&from_cache=0&ecpm=0.18041885948615505&cpm=0&verify_hash=31bb5f8edb81cd437ff4eafcafe57dce&is_native=1&real_bid=0.00576372419306737&original_bid_usd=0.0063247275&original_bid=0.0063247275&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,14,101&need_redirect_show=0&applied_features=coef_095,main-skins-settings&show_count=1&expiration_timestamp=1725314598&image_url=&site=native-push-adult&price=0.0063247275&hostname=auc-inpage-hz-10-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000063247275&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.03&cpa=4ba4b7f4-b82b-4a6d-8bb8-2084effdab82&prev_step_diff=657 HTTP/1.1
Host: 4bb6cef88c.4917493a9d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 02 Sep 2024 06:03:18 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
852a79cbc9dc6f11f491a5a7cbac578d
3d0bf39c46993dd719ec0430691eeb515e542e95
b5704e3de0512fb2c0860e957b3dcebf97daa9c02f6eda8608ac1759bba570db

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B5704E3DE0512FB2C0860E957B3DCEBF97DAA9C02F6EDA8608AC1759BBA570DB"
Last-Modified: Sat, 31 Aug 2024 02:44:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16666
Expires: Mon, 02 Sep 2024 10:41:04 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

imdn.pics/m/p/0/756/756856/conversions/LEW9txun-in-page-ad-images.jpg

45.133.44.25

200 OK

4.1 kB

URL GET HTTP/2
imdn.pics/m/p/0/756/756856/conversions/LEW9txun-in-page-ad-images.jpg
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectimdn.pics
Fingerprint24:94:FC:B6:38:53:EF:B4:F9:40:21:2B:77:6D:16:F9:A5:41:32:86
ValidityWed, 10 Jul 2024 03:00:42 GMT - Tue, 08 Oct 2024 03:00:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 20", baseline, precision 8, 360x240, components 3
Size
4.1 kB (4109 bytes)
Hash
adeacd81c6e92c2a01f500ab2c3f5ca0
47e043050a4975989356e097dae46d72385fdcb8
2ffaa96ac4e0307c57696b8d4d20ee7019c6501a34eba303c673308baa7475e5

HTTP Headers

GET /m/p/0/756/756856/conversions/LEW9txun-in-page-ad-images.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:18 GMT
content-type: image/jpeg
content-length: 4109
server: nginx
last-modified: Sun, 25 Aug 2024 02:52:19 GMT
etag: "66ca9c63-100d"
x-request-id: 1fc135d2f85d7741b8e56a7a8ef68bc6
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache, no-cache
expires: 0
x-proxy-cache: MISS, HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
852a79cbc9dc6f11f491a5a7cbac578d
3d0bf39c46993dd719ec0430691eeb515e542e95
b5704e3de0512fb2c0860e957b3dcebf97daa9c02f6eda8608ac1759bba570db

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B5704E3DE0512FB2C0860E957B3DCEBF97DAA9C02F6EDA8608AC1759BBA570DB"
Last-Modified: Sat, 31 Aug 2024 02:44:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16666
Expires: Mon, 02 Sep 2024 10:41:04 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

e5.o.lencr.org/

23.36.77.32

346 B

URL
e5.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
1f08f8a54adae76b264fea34b49ffd69
58c7084a6e5ac781e16c966278d045aae493f17c
d7c2204aedd4a183ab4795ae073e6d1457718b91f115b6d5d6b592194350af39

HTTP Headers

POST / HTTP/1.1
Host: e5.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D7C2204AEDD4A183AB4795AE073E6D1457718B91F115B6D5D6B592194350AF39"
Last-Modified: Sat, 31 Aug 2024 02:45:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9638
Expires: Mon, 02 Sep 2024 08:43:56 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

imdn.pics/m/p/0/756/756855/conversions/7bkHArcN-in-page-ad-icons.jpg

45.133.44.25

200 OK

1.4 kB

URL GET HTTP/2
imdn.pics/m/p/0/756/756855/conversions/7bkHArcN-in-page-ad-icons.jpg
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectimdn.pics
Fingerprint24:94:FC:B6:38:53:EF:B4:F9:40:21:2B:77:6D:16:F9:A5:41:32:86
ValidityWed, 10 Jul 2024 03:00:42 GMT - Tue, 08 Oct 2024 03:00:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 20", baseline, precision 8, 100x100, components 3
Size
1.4 kB (1444 bytes)
Hash
da9b548f8326fd382f67a8725c246fb2
1045d7fd803e2d01278460190b4d3f1b34c3ff61
8abb87b7f5407a1cff1c6c16bad7dbb8f2b5ccf1900c011d49e7a53d3abb9748

HTTP Headers

GET /m/p/0/756/756855/conversions/7bkHArcN-in-page-ad-icons.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:18 GMT
content-type: image/jpeg
content-length: 1444
server: nginx
last-modified: Sun, 25 Aug 2024 02:52:15 GMT
etag: "66ca9c5f-5a4"
x-request-id: f3765f5ff7ac8fcbcc978eae8d63c5cd
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache, no-cache
expires: 0
x-proxy-cache: MISS, HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.24

200 OK

1.1 kB

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint0A:D1:90:4A:91:48:A7:0D:23:B0:CD:D0:39:94:55:76:8F:49:8F:12
ValiditySat, 03 Aug 2024 02:02:58 GMT - Fri, 01 Nov 2024 02:02:57 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:18 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Tue, 02 Sep 2025 06:03:18 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
x-cdn-host-id: ds5058
accept-ranges: bytes
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=ed8f68a1-e650-4495-81b1-6087dcff9938&prev_step_diff=658

45.133.44.24

200 OK

486 B

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=ed8f68a1-e650-4495-81b1-6087dcff9938&prev_step_diff=658
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint0A:D1:90:4A:91:48:A7:0D:23:B0:CD:D0:39:94:55:76:8F:49:8F:12
ValiditySat, 03 Aug 2024 02:02:58 GMT - Fri, 01 Nov 2024 02:02:57 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&mlf=1&mlc=1&st=0.03&cpa=ed8f68a1-e650-4495-81b1-6087dcff9938&prev_step_diff=658 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:18 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Tue, 02 Sep 2025 06:03:18 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
x-cdn-host-id: ds5058
accept-ranges: bytes
X-Firefox-Spdy: h2

imgsdn.com/ie?v=4&c=9mN9BUFr_tblV5cFSZ4zILO7L65tVgRToEe49c2yiWV1dh32rYYhiY49DM3zgNSiuTllrwykWqjuudcxuEFsOcWPHoPjO74lpqxmBLKJY3j-ZOCzxZzyHyobGyWsQB8Ho2FgU5Sx5Ge2iaLD_Q3q4BAZipP-WZCdL-toAGV5UsvbNM99rdSBqd1CZZ-LnWyENDuIVQRyLFiF6PKVtXdxrnt9imwmxst8x6z3E_qfypFYgbs6DZVP7tB40rBhs_FsV_9o1HY9tDr4jCCQ4MqdanoqFhMXIhNkLA3XSIh4HQdFSZO1rjhdmoAVEkndAqLa5BAtzOSmyzXHK474LflzBzCXzgTWXdbLFXW9w7gOrn0gfGYdmMr91WQqJecokFwcFB9LUQUuPemB0icxofeD7tuUp8zWEdDKZE1rj56DLRI7d-vDzInA0UvOuJr69XKtCHUvRDQ_lhP4o9l8_34U_8K5U4VcMvFqboa7ikhgFnSpEyVo8JCejXsxdF26Ds4_T2qaQVUw5GO00qxu_xh7_RdcSAa9oQ7e7DkjC5Trj5iI8-4Ll-f-lWv5Vqge_M9WOTDpZEDD8fWgJgkPd_0kP02Q7pcZahufVO3Yq4hx4xhY7smWIVsOlacQnTR4XC4ly7o-Ponas7DNSdwc-io4w2Zp6vtOtwjckr8NqQgiRPO_t9vcRWhISmctiSfX96cF_DpUVk2kQDKC3kILjGD7GgODzWtvAvrknmwfn3SfOge69FECyDmngRgjMy8gMrOMxNIAJLwNZyvoevz3HRCFROwyrNclsa1IDHB94nRdX0_ev5PBnW9TUCtdrYrYWYddAZqxrSxRpRkTx1EQBljPd1Xg9SDjyJuJxPaXYfNiCoL7wrRfbBbhLHjnM0J2zyDp-VxlC-R5hiyTlJhKQ772BuymkRQd8mjEv-MXQ4_TBf9hQaJYv9CjPd8RZKRQPljGyXJKFMX0Hb_m11X47Wke7Ymv3yaI6T78ubz77A2e2sSB99z2nF2he1cLRCSiakxqp2JqLds9IK7pNAyfr2fVULQj_z5mK2wqnYVL9j3h4J_pZ6yKSV3p0hhbOcYRErMvrpwnliBFDl2ANDPHHmc87nRgTR706tOCgLdRVmq021HL4AU5ua9ya4LJzsrIUCQ-vqVu64trVpu8C22LY-MEXTw6QFDg_4VDOqS0JUOUpP5ol62gPLNNI6N_HziBCFZun5lh6eZGFu7TgtlUNaHeOUgXgE9p7RFWgY9IS_dH4GQz7PKPLuFFsOknSgOjmlt1FwLYuH2v0aEIvgk9QJOzqK6I9Qzt_btbpFQd5uqeOuDkMVRrLQhMX9enDrdbRXW0ESj62HL2R02kMjj1iOA5Pn62DOMOF74=&v1=199&v2=40828&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=e4050392-08ae-4511-9491-69ff08f27d6d&prev_step_diff=670

176.9.142.103

301 Moved Permanently

0 B

URL GET HTTP/2
imgsdn.com/ie?v=4&c=9mN9BUFr_tblV5cFSZ4zILO7L65tVgRToEe49c2yiWV1dh32rYYhiY49DM3zgNSiuTllrwykWqjuudcxuEFsOcWPHoPjO74lpqxmBLKJY3j-ZOCzxZzyHyobGyWsQB8Ho2FgU5Sx5Ge2iaLD_Q3q4BAZipP-WZCdL-toAGV5UsvbNM99rdSBqd1CZZ-LnWyENDuIVQRyLFiF6PKVtXdxrnt9imwmxst8x6z3E_qfypFYgbs6DZVP7tB40rBhs_FsV_9o1HY9tDr4jCCQ4MqdanoqFhMXIhNkLA3XSIh4HQdFSZO1rjhdmoAVEkndAqLa5BAtzOSmyzXHK474LflzBzCXzgTWXdbLFXW9w7gOrn0gfGYdmMr91WQqJecokFwcFB9LUQUuPemB0icxofeD7tuUp8zWEdDKZE1rj56DLRI7d-vDzInA0UvOuJr69XKtCHUvRDQ_lhP4o9l8_34U_8K5U4VcMvFqboa7ikhgFnSpEyVo8JCejXsxdF26Ds4_T2qaQVUw5GO00qxu_xh7_RdcSAa9oQ7e7DkjC5Trj5iI8-4Ll-f-lWv5Vqge_M9WOTDpZEDD8fWgJgkPd_0kP02Q7pcZahufVO3Yq4hx4xhY7smWIVsOlacQnTR4XC4ly7o-Ponas7DNSdwc-io4w2Zp6vtOtwjckr8NqQgiRPO_t9vcRWhISmctiSfX96cF_DpUVk2kQDKC3kILjGD7GgODzWtvAvrknmwfn3SfOge69FECyDmngRgjMy8gMrOMxNIAJLwNZyvoevz3HRCFROwyrNclsa1IDHB94nRdX0_ev5PBnW9TUCtdrYrYWYddAZqxrSxRpRkTx1EQBljPd1Xg9SDjyJuJxPaXYfNiCoL7wrRfbBbhLHjnM0J2zyDp-VxlC-R5hiyTlJhKQ772BuymkRQd8mjEv-MXQ4_TBf9hQaJYv9CjPd8RZKRQPljGyXJKFMX0Hb_m11X47Wke7Ymv3yaI6T78ubz77A2e2sSB99z2nF2he1cLRCSiakxqp2JqLds9IK7pNAyfr2fVULQj_z5mK2wqnYVL9j3h4J_pZ6yKSV3p0hhbOcYRErMvrpwnliBFDl2ANDPHHmc87nRgTR706tOCgLdRVmq021HL4AU5ua9ya4LJzsrIUCQ-vqVu64trVpu8C22LY-MEXTw6QFDg_4VDOqS0JUOUpP5ol62gPLNNI6N_HziBCFZun5lh6eZGFu7TgtlUNaHeOUgXgE9p7RFWgY9IS_dH4GQz7PKPLuFFsOknSgOjmlt1FwLYuH2v0aEIvgk9QJOzqK6I9Qzt_btbpFQd5uqeOuDkMVRrLQhMX9enDrdbRXW0ESj62HL2R02kMjj1iOA5Pn62DOMOF74=&v1=199&v2=40828&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=e4050392-08ae-4511-9491-69ff08f27d6d&prev_step_diff=670
IP
176.9.142.103:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectnimrute.com
Fingerprint00:BD:52:6B:A4:7D:CD:9E:E3:23:17:37:DC:62:09:FF:3A:14:BA:67
ValidityMon, 29 Jul 2024 11:55:16 GMT - Sun, 27 Oct 2024 11:55:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ie?v=4&c=9mN9BUFr_tblV5cFSZ4zILO7L65tVgRToEe49c2yiWV1dh32rYYhiY49DM3zgNSiuTllrwykWqjuudcxuEFsOcWPHoPjO74lpqxmBLKJY3j-ZOCzxZzyHyobGyWsQB8Ho2FgU5Sx5Ge2iaLD_Q3q4BAZipP-WZCdL-toAGV5UsvbNM99rdSBqd1CZZ-LnWyENDuIVQRyLFiF6PKVtXdxrnt9imwmxst8x6z3E_qfypFYgbs6DZVP7tB40rBhs_FsV_9o1HY9tDr4jCCQ4MqdanoqFhMXIhNkLA3XSIh4HQdFSZO1rjhdmoAVEkndAqLa5BAtzOSmyzXHK474LflzBzCXzgTWXdbLFXW9w7gOrn0gfGYdmMr91WQqJecokFwcFB9LUQUuPemB0icxofeD7tuUp8zWEdDKZE1rj56DLRI7d-vDzInA0UvOuJr69XKtCHUvRDQ_lhP4o9l8_34U_8K5U4VcMvFqboa7ikhgFnSpEyVo8JCejXsxdF26Ds4_T2qaQVUw5GO00qxu_xh7_RdcSAa9oQ7e7DkjC5Trj5iI8-4Ll-f-lWv5Vqge_M9WOTDpZEDD8fWgJgkPd_0kP02Q7pcZahufVO3Yq4hx4xhY7smWIVsOlacQnTR4XC4ly7o-Ponas7DNSdwc-io4w2Zp6vtOtwjckr8NqQgiRPO_t9vcRWhISmctiSfX96cF_DpUVk2kQDKC3kILjGD7GgODzWtvAvrknmwfn3SfOge69FECyDmngRgjMy8gMrOMxNIAJLwNZyvoevz3HRCFROwyrNclsa1IDHB94nRdX0_ev5PBnW9TUCtdrYrYWYddAZqxrSxRpRkTx1EQBljPd1Xg9SDjyJuJxPaXYfNiCoL7wrRfbBbhLHjnM0J2zyDp-VxlC-R5hiyTlJhKQ772BuymkRQd8mjEv-MXQ4_TBf9hQaJYv9CjPd8RZKRQPljGyXJKFMX0Hb_m11X47Wke7Ymv3yaI6T78ubz77A2e2sSB99z2nF2he1cLRCSiakxqp2JqLds9IK7pNAyfr2fVULQj_z5mK2wqnYVL9j3h4J_pZ6yKSV3p0hhbOcYRErMvrpwnliBFDl2ANDPHHmc87nRgTR706tOCgLdRVmq021HL4AU5ua9ya4LJzsrIUCQ-vqVu64trVpu8C22LY-MEXTw6QFDg_4VDOqS0JUOUpP5ol62gPLNNI6N_HziBCFZun5lh6eZGFu7TgtlUNaHeOUgXgE9p7RFWgY9IS_dH4GQz7PKPLuFFsOknSgOjmlt1FwLYuH2v0aEIvgk9QJOzqK6I9Qzt_btbpFQd5uqeOuDkMVRrLQhMX9enDrdbRXW0ESj62HL2R02kMjj1iOA5Pn62DOMOF74=&v1=199&v2=40828&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.02&cpa=e4050392-08ae-4511-9491-69ff08f27d6d&prev_step_diff=670 HTTP/1.1
Host: imgsdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: fasthttp
date: Mon, 02 Sep 2024 06:03:17 GMT
content-length: 0
location: https://eu.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1725256998337-7-8275-1269726-ce681c79-d210-b704-7b19-f742c83add50&img=https%3A%2F%2Ftrack-us.rwtrack.xyz%2Fpush%2Fic%3Fauth%3D1q8b77%26c%3D5Pb_Sn4IkTM9GZ37YujVefDaQZCK1IwFtcTmkDJChd4UTnuE2i3y4YSF1XJ-oS3D-kY9LCyU5KpBjxHkDdO9R4kor3ZcOvREg5BSiAoRAgVrRQsEc0ztAu9z4t4nUrAqKhDH8SfQfxb6WU75nsfWiDRctkPfj0d_ckkk_PYyqVJYy_ertGrL3FLZeR-tR0Oge9lk-AEUqSTgiXknhAEAi35SqweplpbrqJzMSadP-SxY3Z8IUxyP4EO5btlReCcnE22Zp71KQmZGpaxLYfLd66sjwPAgLQPt7GjJAFSDEqN6BS-qz5tVatnKhB61l-DJF1Njv6XUCJ3fZD5o9Q7fpWTwwOXfv2pIZqE-864QAn_xkFzW7DE8K8xS_o1DIMHQvjQ70k3OZbdI4BwLiKvfxLYbSe6z5MZGg8r-UsaeQjUwjsGu_-cW8R7NaU8qELf7xxqIGk9VjiHK23ztJeL4qXP3PwLeVxmt_l1WBc3GL-Crm_yJJltan32GbwgnSM5-1cafoWtUqa4TpXYs
x-app-id: 42
X-Firefox-Spdy: h2

imgsdn.com/ie?v=4&c=73w9eBZg3YDhwxFlhN6L4Ts5f1uuFlSWX9vtJ4z3nbA3hfjjGyBpnCOP0-_9Js11hgzBKvknYxytHScfISmzF0P5ojZigr0wIv5ooBGWQUeqh8-mZm80_Mgv7KBoMuFGJAPrfl44ZXyeTyKIYc8xtCdgEwqhlmyC2Pci18iOJMlGtqgruLOgiv6YS2n9cJOH9s7lCPaRsLhn93Nj5vGi1UvW8rr8hCwEZMRxm0NrQHUU7D3P-6Nz90FOxn62uKh5vnj-U3KSuAr32yDXyeNPXAT-AVR85urkbb2tF00MvUzBjOhldF9LcnKcj2fwSOtA4ShbUj6u_XUyLuYpwHwImOnezDkr1bXsdL73SelwfCnjDFltQZ9ImtPv0tp8X5pSdAaCwaLehbrT6oGZpmii9NnxONuGUzv4Ja5HX16TeSRhSnuKHGoGw-o_-fQC11o3ki8HiT3E-NffcZaygO8_Ey-6NOvjSzAxMDNDaA0DCLX3S1Yk3NOtwxlkeC5QsO1--EroBXAXxs2VRgq6WMpZRKnIiA_VBhnhy01Mc6gax5_OAlMgytDLVKrd4MVvJ66Mtmeg8vJu59WC70Vcnv6cEVCsAyCvu993EBhVO4XJdXbfYq3zA6YeYDEEz1FCTEimO34rEmNif6z8gPUUsGKHiHS5BdkCTSbVTafXpvdor0ItjEDoSBg68Y_rRyOSAFLWEHfbSsAc9N5yDvNTGgoiNWKCvRKrax3-p8ThQ09HHAFkIehtzu6VGu0Y2_BhjbyPr04NQBUPqUEFOEldVNfdlxa_LVeJVqvXrdn5PfYw8Y0A4cEn3kS21rq66SG4hPdHUVXdEnPEp7Ha6PAHEfTkEZwgSXqKqt3Led3QFd41lBXBRvEvqqdBfZal_LtLyoIZC3_nmlrXdGJYFWa9AhqKB_m3pQGuPsuiOmQTncFrczEHlWot0aKKMFj4ZyErbDSOx6_r16DJz7mj12PGdj8E8LS6TZvqhBMS_vyO1Aw7KPZ8Hhh6BuM1nJZQxSjeW8pqBPC0e-ul7mH28mLIFooDZ_kBGfJ5y41ej-35KuKz3JOh7PY6Trdd83XIrb4wS3aerrWve4dOy-LTxdvlx-GRsMHKdYpFsu4sLHyIJa5-Ma-AT7yHN2iqcj1Nj9asfKjliGKMoQ6xpm3k875-wghzAuoErTyprJp-fFqix_ixn-AGQkgtSU7DVWS2M5UDtS5ZmPHbORYoXl567jKvE7KruAlcPUpwcVwY8MvnekHkYIE4iVMP6LBoVY9rf2KhDLgUpe8VhfJid59E2dwSvRw9NiQXVyCrM0aDw0RDQY-x-kb8LFvXe8U5d9L4tD9PkmgW7m2jS3O_nAhtwdLnseilPccNeNfT6bV-&v1=531&v2=40828&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.03&cpa=cb29199c-5874-4bc2-b139-f6803dddd880&prev_step_diff=657

176.9.142.103

301 Moved Permanently

0 B

URL GET HTTP/2
imgsdn.com/ie?v=4&c=73w9eBZg3YDhwxFlhN6L4Ts5f1uuFlSWX9vtJ4z3nbA3hfjjGyBpnCOP0-_9Js11hgzBKvknYxytHScfISmzF0P5ojZigr0wIv5ooBGWQUeqh8-mZm80_Mgv7KBoMuFGJAPrfl44ZXyeTyKIYc8xtCdgEwqhlmyC2Pci18iOJMlGtqgruLOgiv6YS2n9cJOH9s7lCPaRsLhn93Nj5vGi1UvW8rr8hCwEZMRxm0NrQHUU7D3P-6Nz90FOxn62uKh5vnj-U3KSuAr32yDXyeNPXAT-AVR85urkbb2tF00MvUzBjOhldF9LcnKcj2fwSOtA4ShbUj6u_XUyLuYpwHwImOnezDkr1bXsdL73SelwfCnjDFltQZ9ImtPv0tp8X5pSdAaCwaLehbrT6oGZpmii9NnxONuGUzv4Ja5HX16TeSRhSnuKHGoGw-o_-fQC11o3ki8HiT3E-NffcZaygO8_Ey-6NOvjSzAxMDNDaA0DCLX3S1Yk3NOtwxlkeC5QsO1--EroBXAXxs2VRgq6WMpZRKnIiA_VBhnhy01Mc6gax5_OAlMgytDLVKrd4MVvJ66Mtmeg8vJu59WC70Vcnv6cEVCsAyCvu993EBhVO4XJdXbfYq3zA6YeYDEEz1FCTEimO34rEmNif6z8gPUUsGKHiHS5BdkCTSbVTafXpvdor0ItjEDoSBg68Y_rRyOSAFLWEHfbSsAc9N5yDvNTGgoiNWKCvRKrax3-p8ThQ09HHAFkIehtzu6VGu0Y2_BhjbyPr04NQBUPqUEFOEldVNfdlxa_LVeJVqvXrdn5PfYw8Y0A4cEn3kS21rq66SG4hPdHUVXdEnPEp7Ha6PAHEfTkEZwgSXqKqt3Led3QFd41lBXBRvEvqqdBfZal_LtLyoIZC3_nmlrXdGJYFWa9AhqKB_m3pQGuPsuiOmQTncFrczEHlWot0aKKMFj4ZyErbDSOx6_r16DJz7mj12PGdj8E8LS6TZvqhBMS_vyO1Aw7KPZ8Hhh6BuM1nJZQxSjeW8pqBPC0e-ul7mH28mLIFooDZ_kBGfJ5y41ej-35KuKz3JOh7PY6Trdd83XIrb4wS3aerrWve4dOy-LTxdvlx-GRsMHKdYpFsu4sLHyIJa5-Ma-AT7yHN2iqcj1Nj9asfKjliGKMoQ6xpm3k875-wghzAuoErTyprJp-fFqix_ixn-AGQkgtSU7DVWS2M5UDtS5ZmPHbORYoXl567jKvE7KruAlcPUpwcVwY8MvnekHkYIE4iVMP6LBoVY9rf2KhDLgUpe8VhfJid59E2dwSvRw9NiQXVyCrM0aDw0RDQY-x-kb8LFvXe8U5d9L4tD9PkmgW7m2jS3O_nAhtwdLnseilPccNeNfT6bV-&v1=531&v2=40828&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.03&cpa=cb29199c-5874-4bc2-b139-f6803dddd880&prev_step_diff=657
IP
176.9.142.103:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectnimrute.com
Fingerprint00:BD:52:6B:A4:7D:CD:9E:E3:23:17:37:DC:62:09:FF:3A:14:BA:67
ValidityMon, 29 Jul 2024 11:55:16 GMT - Sun, 27 Oct 2024 11:55:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ie?v=4&c=73w9eBZg3YDhwxFlhN6L4Ts5f1uuFlSWX9vtJ4z3nbA3hfjjGyBpnCOP0-_9Js11hgzBKvknYxytHScfISmzF0P5ojZigr0wIv5ooBGWQUeqh8-mZm80_Mgv7KBoMuFGJAPrfl44ZXyeTyKIYc8xtCdgEwqhlmyC2Pci18iOJMlGtqgruLOgiv6YS2n9cJOH9s7lCPaRsLhn93Nj5vGi1UvW8rr8hCwEZMRxm0NrQHUU7D3P-6Nz90FOxn62uKh5vnj-U3KSuAr32yDXyeNPXAT-AVR85urkbb2tF00MvUzBjOhldF9LcnKcj2fwSOtA4ShbUj6u_XUyLuYpwHwImOnezDkr1bXsdL73SelwfCnjDFltQZ9ImtPv0tp8X5pSdAaCwaLehbrT6oGZpmii9NnxONuGUzv4Ja5HX16TeSRhSnuKHGoGw-o_-fQC11o3ki8HiT3E-NffcZaygO8_Ey-6NOvjSzAxMDNDaA0DCLX3S1Yk3NOtwxlkeC5QsO1--EroBXAXxs2VRgq6WMpZRKnIiA_VBhnhy01Mc6gax5_OAlMgytDLVKrd4MVvJ66Mtmeg8vJu59WC70Vcnv6cEVCsAyCvu993EBhVO4XJdXbfYq3zA6YeYDEEz1FCTEimO34rEmNif6z8gPUUsGKHiHS5BdkCTSbVTafXpvdor0ItjEDoSBg68Y_rRyOSAFLWEHfbSsAc9N5yDvNTGgoiNWKCvRKrax3-p8ThQ09HHAFkIehtzu6VGu0Y2_BhjbyPr04NQBUPqUEFOEldVNfdlxa_LVeJVqvXrdn5PfYw8Y0A4cEn3kS21rq66SG4hPdHUVXdEnPEp7Ha6PAHEfTkEZwgSXqKqt3Led3QFd41lBXBRvEvqqdBfZal_LtLyoIZC3_nmlrXdGJYFWa9AhqKB_m3pQGuPsuiOmQTncFrczEHlWot0aKKMFj4ZyErbDSOx6_r16DJz7mj12PGdj8E8LS6TZvqhBMS_vyO1Aw7KPZ8Hhh6BuM1nJZQxSjeW8pqBPC0e-ul7mH28mLIFooDZ_kBGfJ5y41ej-35KuKz3JOh7PY6Trdd83XIrb4wS3aerrWve4dOy-LTxdvlx-GRsMHKdYpFsu4sLHyIJa5-Ma-AT7yHN2iqcj1Nj9asfKjliGKMoQ6xpm3k875-wghzAuoErTyprJp-fFqix_ixn-AGQkgtSU7DVWS2M5UDtS5ZmPHbORYoXl567jKvE7KruAlcPUpwcVwY8MvnekHkYIE4iVMP6LBoVY9rf2KhDLgUpe8VhfJid59E2dwSvRw9NiQXVyCrM0aDw0RDQY-x-kb8LFvXe8U5d9L4tD9PkmgW7m2jS3O_nAhtwdLnseilPccNeNfT6bV-&v1=531&v2=40828&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-t_r-body&st=0.03&cpa=cb29199c-5874-4bc2-b139-f6803dddd880&prev_step_diff=657 HTTP/1.1
Host: imgsdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: fasthttp
date: Mon, 02 Sep 2024 06:03:17 GMT
content-length: 0
location: https://eu.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1725256998354-7-8275-1269726-18d33dc0-a0f2-8d89-dc4b-9d85516be1f6&img=https%3A%2F%2Ftrack-us.rwtrack.xyz%2Fpush%2Fic%3Fauth%3D1q8b77%26c%3D7Gf7ik3tXMTb9aUTWJsagk2-UfnkOsZ-VRihtS4MgnpVK15ves5rOm6iksNDKR9UWH8-sUXkCRPUuE9yUJS7jcqGlld77aIA2pa0snMt_Mh6RtX5ZIeJIgArSFkQyRnYLWH4EbhvBOc68-F-QFXwDVTlcZ4Ox7DOBdgfWVHREEaAmEPkAovbFMBmnv1hHFb-WG425mjsme5R1xXp2rraLyoWs76fSfyVRORv9loe8plVClP0jxfCE94n2HeKfBxplNJWEFqMWnC0YRSQuE2aP4-8Rkkr0SuVwL6YcXoAtLAs1h6_6LZarzZvJ5eFdQ1bQNLxl_L-x4lqMf7WuxB-jIYm7zww7HiWZSxc3eAVlkNbjG7A2oHT-lDCHc83yQzi-QEOffQb4G9GEwFuXA7aBYSlrjsMiozI-7YA2tWNFQ2GEdMqyQ5ZBE5bE0aLxab6xGBigXUPFOCGma4qq7WBmcSCQRo6aVKpvmYCFiWcBsTYZ3qyxSPRufs3Kf3pBmBleCIICucKl65l-KCu
x-app-id: 42
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a978f700d58516275084e8b5d183c2bb
dae905fd690405dd8608825a4b0a0cd5157e7c10
ff49892f841daf0adefd73d8ebbf36fed136f84e4ed2148c72d56165ee15bf5e

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "FF49892F841DAF0ADEFD73D8EBBF36FED136F84E4ED2148C72D56165EE15BF5E"
Last-Modified: Sun, 01 Sep 2024 03:15:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2975
Expires: Mon, 02 Sep 2024 06:52:53 GMT
Date: Mon, 02 Sep 2024 06:03:18 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
99796264a9fdf992d057e1b456e0ec45
f46e54dc472587f9c1fc7a682a31a32a42c01184
2098aef8e276acc8c17d6d3ac30c4a536ca5d0e1b0778d492c1fb6f71e9c0800

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "2098AEF8E276ACC8C17D6D3AC30C4A536CA5D0E1B0778D492C1FB6F71E9C0800"
Last-Modified: Sat, 31 Aug 2024 02:54:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18646
Expires: Mon, 02 Sep 2024 11:14:05 GMT
Date: Mon, 02 Sep 2024 06:03:19 GMT
Connection: keep-alive

metrolagu.cam/adus.js

188.114.96.1

200 OK

1.1 kB

URL GET HTTP/2
metrolagu.cam/adus.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectmetrolagu.cam
Fingerprint09:BA:CE:E9:EA:A4:B1:66:80:78:6A:CC:C4:30:59:28:31:C3:99:6E
ValiditySat, 10 Aug 2024 11:30:40 GMT - Fri, 08 Nov 2024 11:30:39 GMT

File type
gzip compressed data, from Unix
Size
1.1 kB (1079 bytes)
Hash
fb307ff2da8178fbb28ba627346c4bbc
5162fe1fa8fbbae368aa22c1332b1ea14194f237
fef7a581abb0c524cc63e5ee3752c21ce040d9ee4ba2f2cba140c4e787a8788c

HTTP Headers

GET /adus.js HTTP/1.1
Host: metrolagu.cam
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:16 GMT
content-type: application/javascript
last-modified: Tue, 28 May 2024 17:17:42 GMT
vary: Accept-Encoding
etag: W/"665611b6-59d"
expires: Mon, 02 Sep 2024 08:06:18 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 35818
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l5Izkk12hXSA%2FFRf93Vuqg%2BLCt8CR1B2td8VFJX%2F8jEeJW2G4tzmkPKI1KHwjuBcAQsKa%2BmkcVg%2B908EQfZoStgRJZwce9V5Ttda93Dkbktu3efxAxMKEonBJpjuFYRA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bcb4bc589170b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

eu.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1725256998354-7-8275-1269726-18d33dc0-a0f2-8d89-dc4b-9d85516be1f6&img=https%3A%2F%2Ftrack-us.rwtrack.xyz%2Fpush%2Fic%3Fauth%3D1q8b77%26c%3D7Gf7ik3tXMTb9aUTWJsagk2-UfnkOsZ-VRihtS4MgnpVK15ves5rOm6iksNDKR9UWH8-sUXkCRPUuE9yUJS7jcqGlld77aIA2pa0snMt_Mh6RtX5ZIeJIgArSFkQyRnYLWH4EbhvBOc68-F-QFXwDVTlcZ4Ox7DOBdgfWVHREEaAmEPkAovbFMBmnv1hHFb-WG425mjsme5R1xXp2rraLyoWs76fSfyVRORv9loe8plVClP0jxfCE94n2HeKfBxplNJWEFqMWnC0YRSQuE2aP4-8Rkkr0SuVwL6YcXoAtLAs1h6_6LZarzZvJ5eFdQ1bQNLxl_L-x4lqMf7WuxB-jIYm7zww7HiWZSxc3eAVlkNbjG7A2oHT-lDCHc83yQzi-QEOffQb4G9GEwFuXA7aBYSlrjsMiozI-7YA2tWNFQ2GEdMqyQ5ZBE5bE0aLxab6xGBigXUPFOCGma4qq7WBmcSCQRo6aVKpvmYCFiWcBsTYZ3qyxSPRufs3Kf3pBmBleCIICucKl65l-KCu

5.200.15.240

302 Found

0 B

URL GET HTTP/2
eu.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1725256998354-7-8275-1269726-18d33dc0-a0f2-8d89-dc4b-9d85516be1f6&img=https%3A%2F%2Ftrack-us.rwtrack.xyz%2Fpush%2Fic%3Fauth%3D1q8b77%26c%3D7Gf7ik3tXMTb9aUTWJsagk2-UfnkOsZ-VRihtS4MgnpVK15ves5rOm6iksNDKR9UWH8-sUXkCRPUuE9yUJS7jcqGlld77aIA2pa0snMt_Mh6RtX5ZIeJIgArSFkQyRnYLWH4EbhvBOc68-F-QFXwDVTlcZ4Ox7DOBdgfWVHREEaAmEPkAovbFMBmnv1hHFb-WG425mjsme5R1xXp2rraLyoWs76fSfyVRORv9loe8plVClP0jxfCE94n2HeKfBxplNJWEFqMWnC0YRSQuE2aP4-8Rkkr0SuVwL6YcXoAtLAs1h6_6LZarzZvJ5eFdQ1bQNLxl_L-x4lqMf7WuxB-jIYm7zww7HiWZSxc3eAVlkNbjG7A2oHT-lDCHc83yQzi-QEOffQb4G9GEwFuXA7aBYSlrjsMiozI-7YA2tWNFQ2GEdMqyQ5ZBE5bE0aLxab6xGBigXUPFOCGma4qq7WBmcSCQRo6aVKpvmYCFiWcBsTYZ3qyxSPRufs3Kf3pBmBleCIICucKl65l-KCu
IP
5.200.15.240:443
ASN
#49544 i3D.net B.V

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subject*.skated.co
FingerprintCC:11:B4:17:AD:53:97:8C:9C:CF:AE:33:BB:0F:43:E7:4A:81:4E:71
ValidityThu, 25 Jul 2024 23:03:31 GMT - Wed, 23 Oct 2024 23:03:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nty/metrics/save.img?event=impressions&bid-id=v2-1725256998354-7-8275-1269726-18d33dc0-a0f2-8d89-dc4b-9d85516be1f6&img=https%3A%2F%2Ftrack-us.rwtrack.xyz%2Fpush%2Fic%3Fauth%3D1q8b77%26c%3D7Gf7ik3tXMTb9aUTWJsagk2-UfnkOsZ-VRihtS4MgnpVK15ves5rOm6iksNDKR9UWH8-sUXkCRPUuE9yUJS7jcqGlld77aIA2pa0snMt_Mh6RtX5ZIeJIgArSFkQyRnYLWH4EbhvBOc68-F-QFXwDVTlcZ4Ox7DOBdgfWVHREEaAmEPkAovbFMBmnv1hHFb-WG425mjsme5R1xXp2rraLyoWs76fSfyVRORv9loe8plVClP0jxfCE94n2HeKfBxplNJWEFqMWnC0YRSQuE2aP4-8Rkkr0SuVwL6YcXoAtLAs1h6_6LZarzZvJ5eFdQ1bQNLxl_L-x4lqMf7WuxB-jIYm7zww7HiWZSxc3eAVlkNbjG7A2oHT-lDCHc83yQzi-QEOffQb4G9GEwFuXA7aBYSlrjsMiozI-7YA2tWNFQ2GEdMqyQ5ZBE5bE0aLxab6xGBigXUPFOCGma4qq7WBmcSCQRo6aVKpvmYCFiWcBsTYZ3qyxSPRufs3Kf3pBmBleCIICucKl65l-KCu HTTP/1.1
Host: eu.skated.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: openresty/1.21.4.1
date: Mon, 02 Sep 2024 06:03:19 GMT
content-length: 0
location: https://track-us.rwtrack.xyz/push/ic?auth=1q8b77&c=7Gf7ik3tXMTb9aUTWJsagk2-UfnkOsZ-VRihtS4MgnpVK15ves5rOm6iksNDKR9UWH8-sUXkCRPUuE9yUJS7jcqGlld77aIA2pa0snMt_Mh6RtX5ZIeJIgArSFkQyRnYLWH4EbhvBOc68-F-QFXwDVTlcZ4Ox7DOBdgfWVHREEaAmEPkAovbFMBmnv1hHFb-WG425mjsme5R1xXp2rraLyoWs76fSfyVRORv9loe8plVClP0jxfCE94n2HeKfBxplNJWEFqMWnC0YRSQuE2aP4-8Rkkr0SuVwL6YcXoAtLAs1h6_6LZarzZvJ5eFdQ1bQNLxl_L-x4lqMf7WuxB-jIYm7zww7HiWZSxc3eAVlkNbjG7A2oHT-lDCHc83yQzi-QEOffQb4G9GEwFuXA7aBYSlrjsMiozI-7YA2tWNFQ2GEdMqyQ5ZBE5bE0aLxab6xGBigXUPFOCGma4qq7WBmcSCQRo6aVKpvmYCFiWcBsTYZ3qyxSPRufs3Kf3pBmBleCIICucKl65l-KCu
X-Firefox-Spdy: h2

eu.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1725256998337-7-8275-1269726-ce681c79-d210-b704-7b19-f742c83add50&img=https%3A%2F%2Ftrack-us.rwtrack.xyz%2Fpush%2Fic%3Fauth%3D1q8b77%26c%3D5Pb_Sn4IkTM9GZ37YujVefDaQZCK1IwFtcTmkDJChd4UTnuE2i3y4YSF1XJ-oS3D-kY9LCyU5KpBjxHkDdO9R4kor3ZcOvREg5BSiAoRAgVrRQsEc0ztAu9z4t4nUrAqKhDH8SfQfxb6WU75nsfWiDRctkPfj0d_ckkk_PYyqVJYy_ertGrL3FLZeR-tR0Oge9lk-AEUqSTgiXknhAEAi35SqweplpbrqJzMSadP-SxY3Z8IUxyP4EO5btlReCcnE22Zp71KQmZGpaxLYfLd66sjwPAgLQPt7GjJAFSDEqN6BS-qz5tVatnKhB61l-DJF1Njv6XUCJ3fZD5o9Q7fpWTwwOXfv2pIZqE-864QAn_xkFzW7DE8K8xS_o1DIMHQvjQ70k3OZbdI4BwLiKvfxLYbSe6z5MZGg8r-UsaeQjUwjsGu_-cW8R7NaU8qELf7xxqIGk9VjiHK23ztJeL4qXP3PwLeVxmt_l1WBc3GL-Crm_yJJltan32GbwgnSM5-1cafoWtUqa4TpXYs

5.200.15.240

302 Found

0 B

URL GET HTTP/2
eu.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1725256998337-7-8275-1269726-ce681c79-d210-b704-7b19-f742c83add50&img=https%3A%2F%2Ftrack-us.rwtrack.xyz%2Fpush%2Fic%3Fauth%3D1q8b77%26c%3D5Pb_Sn4IkTM9GZ37YujVefDaQZCK1IwFtcTmkDJChd4UTnuE2i3y4YSF1XJ-oS3D-kY9LCyU5KpBjxHkDdO9R4kor3ZcOvREg5BSiAoRAgVrRQsEc0ztAu9z4t4nUrAqKhDH8SfQfxb6WU75nsfWiDRctkPfj0d_ckkk_PYyqVJYy_ertGrL3FLZeR-tR0Oge9lk-AEUqSTgiXknhAEAi35SqweplpbrqJzMSadP-SxY3Z8IUxyP4EO5btlReCcnE22Zp71KQmZGpaxLYfLd66sjwPAgLQPt7GjJAFSDEqN6BS-qz5tVatnKhB61l-DJF1Njv6XUCJ3fZD5o9Q7fpWTwwOXfv2pIZqE-864QAn_xkFzW7DE8K8xS_o1DIMHQvjQ70k3OZbdI4BwLiKvfxLYbSe6z5MZGg8r-UsaeQjUwjsGu_-cW8R7NaU8qELf7xxqIGk9VjiHK23ztJeL4qXP3PwLeVxmt_l1WBc3GL-Crm_yJJltan32GbwgnSM5-1cafoWtUqa4TpXYs
IP
5.200.15.240:443
ASN
#49544 i3D.net B.V

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subject*.skated.co
FingerprintCC:11:B4:17:AD:53:97:8C:9C:CF:AE:33:BB:0F:43:E7:4A:81:4E:71
ValidityThu, 25 Jul 2024 23:03:31 GMT - Wed, 23 Oct 2024 23:03:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nty/metrics/save.img?event=impressions&bid-id=v2-1725256998337-7-8275-1269726-ce681c79-d210-b704-7b19-f742c83add50&img=https%3A%2F%2Ftrack-us.rwtrack.xyz%2Fpush%2Fic%3Fauth%3D1q8b77%26c%3D5Pb_Sn4IkTM9GZ37YujVefDaQZCK1IwFtcTmkDJChd4UTnuE2i3y4YSF1XJ-oS3D-kY9LCyU5KpBjxHkDdO9R4kor3ZcOvREg5BSiAoRAgVrRQsEc0ztAu9z4t4nUrAqKhDH8SfQfxb6WU75nsfWiDRctkPfj0d_ckkk_PYyqVJYy_ertGrL3FLZeR-tR0Oge9lk-AEUqSTgiXknhAEAi35SqweplpbrqJzMSadP-SxY3Z8IUxyP4EO5btlReCcnE22Zp71KQmZGpaxLYfLd66sjwPAgLQPt7GjJAFSDEqN6BS-qz5tVatnKhB61l-DJF1Njv6XUCJ3fZD5o9Q7fpWTwwOXfv2pIZqE-864QAn_xkFzW7DE8K8xS_o1DIMHQvjQ70k3OZbdI4BwLiKvfxLYbSe6z5MZGg8r-UsaeQjUwjsGu_-cW8R7NaU8qELf7xxqIGk9VjiHK23ztJeL4qXP3PwLeVxmt_l1WBc3GL-Crm_yJJltan32GbwgnSM5-1cafoWtUqa4TpXYs HTTP/1.1
Host: eu.skated.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poop.bar/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: openresty/1.21.4.1
date: Mon, 02 Sep 2024 06:03:19 GMT
content-length: 0
location: https://track-us.rwtrack.xyz/push/ic?auth=1q8b77&c=5Pb_Sn4IkTM9GZ37YujVefDaQZCK1IwFtcTmkDJChd4UTnuE2i3y4YSF1XJ-oS3D-kY9LCyU5KpBjxHkDdO9R4kor3ZcOvREg5BSiAoRAgVrRQsEc0ztAu9z4t4nUrAqKhDH8SfQfxb6WU75nsfWiDRctkPfj0d_ckkk_PYyqVJYy_ertGrL3FLZeR-tR0Oge9lk-AEUqSTgiXknhAEAi35SqweplpbrqJzMSadP-SxY3Z8IUxyP4EO5btlReCcnE22Zp71KQmZGpaxLYfLd66sjwPAgLQPt7GjJAFSDEqN6BS-qz5tVatnKhB61l-DJF1Njv6XUCJ3fZD5o9Q7fpWTwwOXfv2pIZqE-864QAn_xkFzW7DE8K8xS_o1DIMHQvjQ70k3OZbdI4BwLiKvfxLYbSe6z5MZGg8r-UsaeQjUwjsGu_-cW8R7NaU8qELf7xxqIGk9VjiHK23ztJeL4qXP3PwLeVxmt_l1WBc3GL-Crm_yJJltan32GbwgnSM5-1cafoWtUqa4TpXYs
X-Firefox-Spdy: h2

cmpuwps.com/get/

94.130.197.239

200 OK

4.0 kB

URL POST HTTP/2
cmpuwps.com/get/
IP
94.130.197.239:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint59:42:85:59:22:E5:93:73:5A:80:F6:3C:97:95:2B:D7:C3:FB:E3:75
ValiditySun, 01 Sep 2024 02:07:20 GMT - Sat, 30 Nov 2024 02:07:19 GMT

File type
JSON text data
Size
4.0 kB (3957 bytes)
Hash
1679496a996fe3ce90b89eebec6e6675
2d9e851ddc28573e360156109352b54d14c7c23f
54b5f2ddd70b428c82d92534712a28496b3eaa196a1c586a10d4b7730992118d

HTTP Headers

POST /get/ HTTP/1.1
Host: cmpuwps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poop.bar/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1018
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.16.0
date: Mon, 02 Sep 2024 06:03:19 GMT
content-type: application/json
content-length: 3957
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

track-us.rwtrack.xyz/push/ic?auth=1q8b77&c=5Pb_Sn4IkTM9GZ37YujVefDaQZCK1IwFtcTmkDJChd4UTnuE2i3y4YSF1XJ-oS3D-kY9LCyU5KpBjxHkDdO9R4kor3ZcOvREg5BSiAoRAgVrRQsEc0ztAu9z4t4nUrAqKhDH8SfQfxb6WU75nsfWiDRctkPfj0d_ckkk_PYyqVJYy_ertGrL3FLZeR-tR0Oge9lk-AEUqSTgiXknhAEAi35SqweplpbrqJzMSadP-SxY3Z8IUxyP4EO5btlReCcnE22Zp71KQmZGpaxLYfLd66sjwPAgLQPt7GjJAFSDEqN6BS-qz5tVatnKhB61l-DJF1Njv6XUCJ3fZD5o9Q7fpWTwwOXfv2pIZqE-864QAn_xkFzW7DE8K8xS_o1DIMHQvjQ70k3OZbdI4BwLiKvfxLYbSe6z5MZGg8r-UsaeQjUwjsGu_-cW8R7NaU8qELf7xxqIGk9VjiHK23ztJeL4qXP3PwLeVxmt_l1WBc3GL-Crm_yJJltan32GbwgnSM5-1cafoWtUqa4TpXYs

88.214.195.99

302 Found

0 B

URL GET HTTP/1.1
track-us.rwtrack.xyz/push/ic?auth=1q8b77&c=5Pb_Sn4IkTM9GZ37YujVefDaQZCK1IwFtcTmkDJChd4UTnuE2i3y4YSF1XJ-oS3D-kY9LCyU5KpBjxHkDdO9R4kor3ZcOvREg5BSiAoRAgVrRQsEc0ztAu9z4t4nUrAqKhDH8SfQfxb6WU75nsfWiDRctkPfj0d_ckkk_PYyqVJYy_ertGrL3FLZeR-tR0Oge9lk-AEUqSTgiXknhAEAi35SqweplpbrqJzMSadP-SxY3Z8IUxyP4EO5btlReCcnE22Zp71KQmZGpaxLYfLd66sjwPAgLQPt7GjJAFSDEqN6BS-qz5tVatnKhB61l-DJF1Njv6XUCJ3fZD5o9Q7fpWTwwOXfv2pIZqE-864QAn_xkFzW7DE8K8xS_o1DIMHQvjQ70k3OZbdI4BwLiKvfxLYbSe6z5MZGg8r-UsaeQjUwjsGu_-cW8R7NaU8qELf7xxqIGk9VjiHK23ztJeL4qXP3PwLeVxmt_l1WBc3GL-Crm_yJJltan32GbwgnSM5-1cafoWtUqa4TpXYs
IP
88.214.195.99:443
ASN
#46636 NATCOWEB

Requested by
https://poop.bar/404.php
Certificate
IssuerGoDaddy.com, Inc.
Subject*.rwtrack.xyz
Fingerprint35:E9:21:9C:2E:A4:91:C4:99:77:2B:35:D3:CC:47:5B:ED:B8:7A:70
ValidityFri, 08 Dec 2023 09:33:44 GMT - Sun, 08 Dec 2024 09:33:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /push/ic?auth=1q8b77&c=5Pb_Sn4IkTM9GZ37YujVefDaQZCK1IwFtcTmkDJChd4UTnuE2i3y4YSF1XJ-oS3D-kY9LCyU5KpBjxHkDdO9R4kor3ZcOvREg5BSiAoRAgVrRQsEc0ztAu9z4t4nUrAqKhDH8SfQfxb6WU75nsfWiDRctkPfj0d_ckkk_PYyqVJYy_ertGrL3FLZeR-tR0Oge9lk-AEUqSTgiXknhAEAi35SqweplpbrqJzMSadP-SxY3Z8IUxyP4EO5btlReCcnE22Zp71KQmZGpaxLYfLd66sjwPAgLQPt7GjJAFSDEqN6BS-qz5tVatnKhB61l-DJF1Njv6XUCJ3fZD5o9Q7fpWTwwOXfv2pIZqE-864QAn_xkFzW7DE8K8xS_o1DIMHQvjQ70k3OZbdI4BwLiKvfxLYbSe6z5MZGg8r-UsaeQjUwjsGu_-cW8R7NaU8qELf7xxqIGk9VjiHK23ztJeL4qXP3PwLeVxmt_l1WBc3GL-Crm_yJJltan32GbwgnSM5-1cafoWtUqa4TpXYs HTTP/1.1
Host: track-us.rwtrack.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poop.bar/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 02 Sep 2024 06:03:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://ads-us.rwtrack.xyz/creatives/ep6grk1w8qdxq54yj3nvx52z/1723213089268-DBr84dBJ38ct.png

cdn.poop.gold/AfDEn.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/AfDEn.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /AfDEn.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.poop.gold/19oYk.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/19oYk.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /19oYk.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

js.wpadmngr.com/static/adManager.m.js

45.133.44.52

200 OK

117 kB

URL GET HTTP/2
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintAB:91:BC:C3:B8:4C:33:2B:52:92:2B:DD:91:16:08:1D:FA:E3:D7:22
ValidityTue, 09 Jul 2024 03:21:57 GMT - Mon, 07 Oct 2024 03:21:56 GMT

File type

Size
117 kB (117307 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 21 Aug 2024 13:37:32 GMT
etag: W/"66c5ed9c-1ca3b"
content-encoding: gzip
expires: Mon, 02 Sep 2024 06:08:17 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds9225
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.poop.gold/2bV1v.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/2bV1v.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2bV1v.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.poop.gold/po2VtaEhD.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/po2VtaEhD.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /po2VtaEhD.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.poop.gold/BqV0Qw1bs.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/BqV0Qw1bs.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /BqV0Qw1bs.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.poop.gold/HWMC5.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/HWMC5.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /HWMC5.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

ads-us.rwtrack.xyz/creatives/ep6grk1w8qdxq54yj3nvx52z/1723213089268-DBr84dBJ38ct.png

0.0.0.0

0 B

URL GET
ads-us.rwtrack.xyz/creatives/ep6grk1w8qdxq54yj3nvx52z/1723213089268-DBr84dBJ38ct.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /creatives/ep6grk1w8qdxq54yj3nvx52z/1723213089268-DBr84dBJ38ct.png HTTP/1.1
Host: ads-us.rwtrack.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poop.bar/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.poop.gold/WHDfRBUMu.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/WHDfRBUMu.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WHDfRBUMu.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

poop.bar/apple-touch-icon.png

104.21.10.178

200 OK

2.8 kB

URL GET HTTP/3
poop.bar/apple-touch-icon.png
IP
104.21.10.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectpoop.bar
Fingerprint4B:11:F9:04:78:01:62:D4:0D:81:CD:2E:1B:D5:EC:84:8D:04:10:B8
ValidityTue, 27 Aug 2024 23:57:34 GMT - Mon, 25 Nov 2024 23:57:33 GMT

File type
PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Size
2.8 kB (2766 bytes)
Hash
e4acc3f05da8195dfa02a437c8b2dba2
f23df2ed14e5d52417b155ccd11187f3250861dc
8b520e4032a17a3fb0410c6e4c7da29f182ca06861aa2d64db1969927e2db0d4

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: poop.bar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/404.php
Cookie: _ga_RRBBHD087X=GS1.1.1725256997.1.0.1725256997.0.0.0; _ga=GA1.1.1634203677.1725256997
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: image/png
last-modified: Wed, 28 Aug 2024 01:08:46 GMT
vary: Accept-Encoding
etag: W/"66ce789e-ace"
expires: Fri, 27 Sep 2024 09:53:37 GMT
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
age: 418179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pfV58h4GbJ%2Fz00gK%2Fj%2FeUI2ePkjFSVGNLbTNGY5Fm5zthYXvzCp8P6T6N0P65PKtX%2FJfVjWvIXv37d0etdWFwq3AUVTvWz%2BvfSaQX4PM04Xdpw0k6RFoY28bog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bcb4bcaacc30b4d-OSL
alt-svc: h3=":443"; ma=86400

poop.bar/f/mqQzD2A4bEb/poop.bar/f/mqQzD2A4bEb

104.21.10.178

302 Found

20 kB

URL User Request GET HTTP/2
poop.bar/f/mqQzD2A4bEb/poop.bar/f/mqQzD2A4bEb
IP
104.21.10.178:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectpoop.bar
Fingerprint4B:11:F9:04:78:01:62:D4:0D:81:CD:2E:1B:D5:EC:84:8D:04:10:B8
ValidityTue, 27 Aug 2024 23:57:34 GMT - Mon, 25 Nov 2024 23:57:33 GMT

File type

Size
20 kB (19900 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f/mqQzD2A4bEb/poop.bar/f/mqQzD2A4bEb HTTP/1.1
Host: poop.bar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 02 Sep 2024 06:03:16 GMT
content-type: text/html; charset=UTF-8
location: /404.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0X7BU4EBqeR5u473MeXi%2BDIOq9i1XAUKi3gCdlKnEdtERR72lDNtoNqwn9rGPZtd%2F9wS1ZdnykRkcaJjVlPGGqPYHwLyIG0ye7be26XEjkScTcP3PswA2i79Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bcb4bc08c4656c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.poop.gold/QKnsvtc5U.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/QKnsvtc5U.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /QKnsvtc5U.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

poophd.com/theme_2/fonts/avertastd-bold-webfont.woff

172.67.132.168

404 Not Found

138 B

URL GET HTTP/3
poophd.com/theme_2/fonts/avertastd-bold-webfont.woff
IP
172.67.132.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectpoophd.com
Fingerprint03:C3:B4:5A:DE:B8:10:2D:CB:42:AA:EE:50:F6:2E:26:24:C9:88:01
ValidityWed, 07 Aug 2024 08:27:24 GMT - Tue, 05 Nov 2024 08:27:23 GMT

File type
HTML document, ASCII text, with no line terminators
Size
138 B (138 bytes)
Hash
3b46d87e0e86d52ea0d2f8fab44c53d6
667cfb6b3452b96310c6a9d791b7e452b77e2174
62de828a32e36ab676f57d291690df36bce3eed05a6693b009ac147c27d5a606

HTTP Headers

GET /theme_2/fonts/avertastd-bold-webfont.woff HTTP/1.1
Host: poophd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poophd.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2gVDOIJSPwhKgn0amsyxmxQnXTu%2F7bNBHzw7ELQKGyGdkgA9oDVfsmdolgUIY%2BQGhUepuS7YeFw6pwGuUEpGhUmLBNPnTLFLKpGXnFTfIqRKtMAYe4aLLBXRGgU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bcb4bc8fe1d56cc-OSL
alt-svc: h3=":443"; ma=86400

cdn.poop.gold/EUSflk2xy.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/EUSflk2xy.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /EUSflk2xy.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

poophd.com/theme_2/fonts/avertastd-black-webfont.woff

172.67.132.168

404 Not Found

138 B

URL GET HTTP/3
poophd.com/theme_2/fonts/avertastd-black-webfont.woff
IP
172.67.132.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectpoophd.com
Fingerprint03:C3:B4:5A:DE:B8:10:2D:CB:42:AA:EE:50:F6:2E:26:24:C9:88:01
ValidityWed, 07 Aug 2024 08:27:24 GMT - Tue, 05 Nov 2024 08:27:23 GMT

File type
HTML document, ASCII text, with no line terminators
Size
138 B (138 bytes)
Hash
3b46d87e0e86d52ea0d2f8fab44c53d6
667cfb6b3452b96310c6a9d791b7e452b77e2174
62de828a32e36ab676f57d291690df36bce3eed05a6693b009ac147c27d5a606

HTTP Headers

GET /theme_2/fonts/avertastd-black-webfont.woff HTTP/1.1
Host: poophd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poophd.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAE3cQMNdqps31yGnpbUCh3%2Fe7BCl%2Fy7HgcDSkJm3CzbErMkNKrDt5g18XTx9eC2G0INVZiuGMFHSEb0RlWTNr%2BEbzNSq2XidcdFVTZswcQESnE9JK8FdaNGPnWf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bcb4bc87d6756cc-OSL
alt-svc: h3=":443"; ma=86400

poop.bar/404.php

104.21.10.178

200 OK

20 kB

URL User Request GET HTTP/2
poop.bar/404.php
IP
104.21.10.178:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectpoop.bar
Fingerprint4B:11:F9:04:78:01:62:D4:0D:81:CD:2E:1B:D5:EC:84:8D:04:10:B8
ValidityTue, 27 Aug 2024 23:57:34 GMT - Mon, 25 Nov 2024 23:57:33 GMT

File type
HTML document, ASCII text, with very long lines (1650)
Size
20 kB (19900 bytes)
Hash
c99f30b7440982faea3818ecade58464
51a5a817330deff8dd3862c762913ca9575aef6a
6dbf5a4f53cd8cd43276f05fbbbc6adcd94aa34c5b9a3259094411849903f1a1

HTTP Headers

GET /404.php HTTP/1.1
Host: poop.bar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WU2hk530gvYILdff6Mf9UcJIoPWSW3jf6%2BH1qPIfFLxYVaNZn%2F0ZcIFmpfSuTOxESDSbxeutXp%2FH%2BW%2FdFN5XsvZcPCuPtPXv1BsEuBk21VcseiAp3Y1k7OppJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bcb4bc22f1956c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

js.wpadmngr.com/static/adManager.js

45.133.44.52

200 OK

1.7 kB

URL GET HTTP/2
js.wpadmngr.com/static/adManager.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintAB:91:BC:C3:B8:4C:33:2B:52:92:2B:DD:91:16:08:1D:FA:E3:D7:22
ValidityTue, 09 Jul 2024 03:21:57 GMT - Mon, 07 Oct 2024 03:21:56 GMT

File type
JavaScript source, ASCII text, with very long lines (1887), with no line terminators
Size
1.7 kB (1735 bytes)
Hash
8263610639624a65707a41479379709a
1653610e4e9b3814c8e68eb96814378d71be9776
8e6ca46c563e6ef9d3245fe116672ac9ff7b807033852fa0452493b5fb2d8a0c

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 21 Aug 2024 13:37:27 GMT
etag: W/"66c5ed97-6c7"
content-encoding: gzip
expires: Mon, 02 Sep 2024 06:08:17 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds9225
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.poop.gold/g2O5d0bEs.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/g2O5d0bEs.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /g2O5d0bEs.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

poophd.com/theme_2/fonts/avertastd-regular-webfont.woff

172.67.132.168

404 Not Found

138 B

URL GET HTTP/3
poophd.com/theme_2/fonts/avertastd-regular-webfont.woff
IP
172.67.132.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectpoophd.com
Fingerprint03:C3:B4:5A:DE:B8:10:2D:CB:42:AA:EE:50:F6:2E:26:24:C9:88:01
ValidityWed, 07 Aug 2024 08:27:24 GMT - Tue, 05 Nov 2024 08:27:23 GMT

File type
HTML document, ASCII text, with no line terminators
Size
138 B (138 bytes)
Hash
3b46d87e0e86d52ea0d2f8fab44c53d6
667cfb6b3452b96310c6a9d791b7e452b77e2174
62de828a32e36ab676f57d291690df36bce3eed05a6693b009ac147c27d5a606

HTTP Headers

GET /theme_2/fonts/avertastd-regular-webfont.woff HTTP/1.1
Host: poophd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poophd.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oS%2Bzv1Qip8YBHUqVv3HKYlHPhuq3V0Iv1yvAKY6hPINzPgJRXKpAPEmFaGZIQv%2FhIkU%2BMTMpkvhMcAodVsWDckhAeWqaRx%2FwVopmT0zHSszM1qZPWh0FTzssNV3%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bcb4bc84d2556cc-OSL
alt-svc: h3=":443"; ma=86400

js.wpushsdk.com/skins/nmain.m.js

45.133.44.52

200 OK

540 kB

URL GET HTTP/2
js.wpushsdk.com/skins/nmain.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectjs.wpushsdk.com
FingerprintA2:B9:AA:8C:6A:EB:D2:88:07:DA:5A:50:52:7A:9E:38:3D:BC:AD:BE
ValidityWed, 10 Jul 2024 03:01:18 GMT - Tue, 08 Oct 2024 03:01:17 GMT

File type

Size
540 kB (540226 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/nmain.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:18 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 29 Aug 2024 12:47:44 GMT
etag: W/"66d06df0-83e42"
content-encoding: gzip
expires: Mon, 02 Sep 2024 06:08:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds9225
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.poop.gold/7z5I2R1aZ.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/7z5I2R1aZ.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /7z5I2R1aZ.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.poop.gold/bkD0Ucryx.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/bkD0Ucryx.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bkD0Ucryx.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.poop.gold/cVHRu.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/cVHRu.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cVHRu.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

poophd.com/theme_2/img/not_found.svg

172.67.132.168

200 OK

35 kB

URL GET HTTP/2
poophd.com/theme_2/img/not_found.svg
IP
172.67.132.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectpoophd.com
Fingerprint03:C3:B4:5A:DE:B8:10:2D:CB:42:AA:EE:50:F6:2E:26:24:C9:88:01
ValidityWed, 07 Aug 2024 08:27:24 GMT - Tue, 05 Nov 2024 08:27:23 GMT

File type
SVG Scalable Vector Graphics image
Size
35 kB (35340 bytes)
Hash
fe18579f0723b9e577072518ddf3481e
4693707e5a03955aebd6bdcc657244c86c1ecb19
2a4930e9d642f92fa1ca93d52b411fb266019a1d676d609edf2fcfe16b7f596c

HTTP Headers

GET /theme_2/img/not_found.svg HTTP/1.1
Host: poophd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:16 GMT
content-type: image/svg+xml
last-modified: Fri, 06 Oct 2023 22:44:29 GMT
vary: Accept-Encoding
etag: W/"65208dcd-8a0c"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2388
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2Bv2xvkj8kD8yzVNCP0ksdFewD%2F%2BvP959WWwM3RX9X6GL5lbymjSlrXX5ijk%2BDDNmqxI30OeJK3EvPof2CLzHM7502AMMm6A%2BuSX2Pvjo6XH5mTWOFeW5nco4JV5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bcb4bc57f8fb4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.poop.gold/gJ1JO.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/gJ1JO.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gJ1JO.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.poop.gold/bURyoENDK.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/bURyoENDK.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bURyoENDK.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

na.nawpush.com/tags/114039?version_name=c&domain=poop.bar

45.133.44.24

200 OK

3.4 kB

URL GET HTTP/2
na.nawpush.com/tags/114039?version_name=c&domain=poop.bar
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectna.nawpush.com
FingerprintE2:BB:4F:78:5C:43:44:94:73:F1:61:7B:79:9C:4F:C6:00:14:79:EC
ValidityFri, 26 Jul 2024 03:01:09 GMT - Thu, 24 Oct 2024 03:01:08 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3829), with no line terminators
Size
3.4 kB (3399 bytes)
Hash
d97b0c4251c2fa4293cd945aba8de91e
ccee2727e071183f1989034b5fdcd5edb108dffe
ded8c6ffb1f0b96f327c6abb5d0e67318236fa62fd6137b787aadf0035f4b9ec

HTTP Headers

GET /tags/114039?version_name=c&domain=poop.bar HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poop.bar
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:17 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: EXPIRED
x-cdn-host-id: ds5058
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.wpushsdk.com/skins/nmain.m.js

45.133.44.52

200 OK

540 kB

URL GET HTTP/2
js.wpushsdk.com/skins/nmain.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://poop.bar/404.php
Certificate
IssuerLet's Encrypt
Subjectjs.wpushsdk.com
FingerprintA2:B9:AA:8C:6A:EB:D2:88:07:DA:5A:50:52:7A:9E:38:3D:BC:AD:BE
ValidityWed, 10 Jul 2024 03:01:18 GMT - Tue, 08 Oct 2024 03:01:17 GMT

File type

Size
540 kB (540226 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/nmain.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:18 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 29 Aug 2024 12:47:44 GMT
etag: W/"66d06df0-83e42"
content-encoding: gzip
expires: Mon, 02 Sep 2024 06:08:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
x-cdn-host-id: ds9225
access-control-allow-origin: *
X-Firefox-Spdy: h2

poophd.com/theme_2/css/bootstrap.min.css

172.67.132.168

200 OK

209 kB

URL GET HTTP/2
poophd.com/theme_2/css/bootstrap.min.css
IP
172.67.132.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectpoophd.com
Fingerprint03:C3:B4:5A:DE:B8:10:2D:CB:42:AA:EE:50:F6:2E:26:24:C9:88:01
ValidityWed, 07 Aug 2024 08:27:24 GMT - Tue, 05 Nov 2024 08:27:23 GMT

File type
ASCII text, with very long lines (625)
Size
209 kB (208931 bytes)
Hash
49974fd851edb5849b10db333212dfc5
f888130c76c8141caea371537bf3753802922ef2
cfc42f18c9a19a7b9819c0df62e5e58c3b2f59b8db33798e66b9c1a70b80e875

HTTP Headers

GET /theme_2/css/bootstrap.min.css HTTP/1.1
Host: poophd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:16 GMT
content-type: text/css
last-modified: Mon, 11 Dec 2023 04:16:21 GMT
vary: Accept-Encoding
etag: W/"65768d15-33023"
expires: Mon, 02 Sep 2024 08:06:19 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 35817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJPQvJtg4SxOWAz6sTcfCNMw4Ck5CtZAXT3ZlnO%2BKY6LCYje3L7Fopr1OwQ%2BouOi7j%2BRvZ4nDT7V6vLartZaMGXOLKzoqZqC6QZv2A7jXwsegwKhZ2a0XSJrNl7c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bcb4bc57f89b4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.poop.gold/CaGPm.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/CaGPm.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /CaGPm.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.poop.gold/smkAU.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/smkAU.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /smkAU.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

track-us.rwtrack.xyz/push/ic?auth=1q8b77&c=7Gf7ik3tXMTb9aUTWJsagk2-UfnkOsZ-VRihtS4MgnpVK15ves5rOm6iksNDKR9UWH8-sUXkCRPUuE9yUJS7jcqGlld77aIA2pa0snMt_Mh6RtX5ZIeJIgArSFkQyRnYLWH4EbhvBOc68-F-QFXwDVTlcZ4Ox7DOBdgfWVHREEaAmEPkAovbFMBmnv1hHFb-WG425mjsme5R1xXp2rraLyoWs76fSfyVRORv9loe8plVClP0jxfCE94n2HeKfBxplNJWEFqMWnC0YRSQuE2aP4-8Rkkr0SuVwL6YcXoAtLAs1h6_6LZarzZvJ5eFdQ1bQNLxl_L-x4lqMf7WuxB-jIYm7zww7HiWZSxc3eAVlkNbjG7A2oHT-lDCHc83yQzi-QEOffQb4G9GEwFuXA7aBYSlrjsMiozI-7YA2tWNFQ2GEdMqyQ5ZBE5bE0aLxab6xGBigXUPFOCGma4qq7WBmcSCQRo6aVKpvmYCFiWcBsTYZ3qyxSPRufs3Kf3pBmBleCIICucKl65l-KCu

0.0.0.0

0 B

URL GET
track-us.rwtrack.xyz/push/ic?auth=1q8b77&c=7Gf7ik3tXMTb9aUTWJsagk2-UfnkOsZ-VRihtS4MgnpVK15ves5rOm6iksNDKR9UWH8-sUXkCRPUuE9yUJS7jcqGlld77aIA2pa0snMt_Mh6RtX5ZIeJIgArSFkQyRnYLWH4EbhvBOc68-F-QFXwDVTlcZ4Ox7DOBdgfWVHREEaAmEPkAovbFMBmnv1hHFb-WG425mjsme5R1xXp2rraLyoWs76fSfyVRORv9loe8plVClP0jxfCE94n2HeKfBxplNJWEFqMWnC0YRSQuE2aP4-8Rkkr0SuVwL6YcXoAtLAs1h6_6LZarzZvJ5eFdQ1bQNLxl_L-x4lqMf7WuxB-jIYm7zww7HiWZSxc3eAVlkNbjG7A2oHT-lDCHc83yQzi-QEOffQb4G9GEwFuXA7aBYSlrjsMiozI-7YA2tWNFQ2GEdMqyQ5ZBE5bE0aLxab6xGBigXUPFOCGma4qq7WBmcSCQRo6aVKpvmYCFiWcBsTYZ3qyxSPRufs3Kf3pBmBleCIICucKl65l-KCu
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /push/ic?auth=1q8b77&c=7Gf7ik3tXMTb9aUTWJsagk2-UfnkOsZ-VRihtS4MgnpVK15ves5rOm6iksNDKR9UWH8-sUXkCRPUuE9yUJS7jcqGlld77aIA2pa0snMt_Mh6RtX5ZIeJIgArSFkQyRnYLWH4EbhvBOc68-F-QFXwDVTlcZ4Ox7DOBdgfWVHREEaAmEPkAovbFMBmnv1hHFb-WG425mjsme5R1xXp2rraLyoWs76fSfyVRORv9loe8plVClP0jxfCE94n2HeKfBxplNJWEFqMWnC0YRSQuE2aP4-8Rkkr0SuVwL6YcXoAtLAs1h6_6LZarzZvJ5eFdQ1bQNLxl_L-x4lqMf7WuxB-jIYm7zww7HiWZSxc3eAVlkNbjG7A2oHT-lDCHc83yQzi-QEOffQb4G9GEwFuXA7aBYSlrjsMiozI-7YA2tWNFQ2GEdMqyQ5ZBE5bE0aLxab6xGBigXUPFOCGma4qq7WBmcSCQRo6aVKpvmYCFiWcBsTYZ3qyxSPRufs3Kf3pBmBleCIICucKl65l-KCu HTTP/1.1
Host: track-us.rwtrack.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.poop.gold/lWrWU.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/lWrWU.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lWrWU.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

poophd.com/theme_2/css/style.css

172.67.132.168

200 OK

209 kB

URL GET HTTP/2
poophd.com/theme_2/css/style.css
IP
172.67.132.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://poop.bar/404.php
Certificate
IssuerGoogle Trust Services
Subjectpoophd.com
Fingerprint03:C3:B4:5A:DE:B8:10:2D:CB:42:AA:EE:50:F6:2E:26:24:C9:88:01
ValidityWed, 07 Aug 2024 08:27:24 GMT - Tue, 05 Nov 2024 08:27:23 GMT

File type
ASCII text, with very long lines (65465)
Size
209 kB (209078 bytes)
Hash
e5714ecb2afaf18d2e75840c336b0486
be06ba4d4badd7be7eaa84712747776f35b98d58
b641ac6759b2c43b856210feeb832a6a68cc83248791115458ba7f5243b6cc62

HTTP Headers

GET /theme_2/css/style.css HTTP/1.1
Host: poophd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Sep 2024 06:03:16 GMT
content-type: text/css
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=258964
etag: W/"661c1aa2-3f394"
expires: Mon, 02 Sep 2024 08:06:19 GMT
last-modified: Sun, 14 Apr 2024 18:04:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 35817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCLreQPv8qqeyULcy%2BhJfsKq0Va0N179IsdgIXYJBbzrmnv4SaRtOMBapkZpgYx%2FuDMjf9Cbz1DMd5xvVbVFxXLMjSdWDjDnlcyIEySsOeUlbhuwm5ZDatrlM1sq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bcb4bc57f93b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.poop.gold/6AR2Y.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/6AR2Y.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /6AR2Y.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.poop.gold/1H8oOmvjV.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/1H8oOmvjV.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1H8oOmvjV.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.poop.gold/jNFXp5Uc7.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/jNFXp5Uc7.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /jNFXp5Uc7.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.poop.gold/LzCwo.jpg

0.0.0.0

0 B

URL GET
cdn.poop.gold/LzCwo.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://poop.bar/404.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /LzCwo.jpg HTTP/1.1
Host: cdn.poop.gold
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poop.bar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (102)

URL

IP

ASN