Report - track.cam4tracking.com/7d2d6bd6-e3b3-4194-a540-cc2205f599bf?campaignid=102485608&zoneid=6923351&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_campaign=acquisition_mar-20-2023&utm_source=341&var8=200850&var9=850_it_pop_st_mwf_323&utm_medium=popunder&cost=0.009200&SUBID=806896109229191168

Report Overview

Submitted URL
track.cam4tracking.com/7d2d6bd6-e3b3-4194-a540-cc2205f599bf?campaignid=102485608&zoneid=6923351&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_campaign=acquisition_mar-20-2023&utm_source=341&var8=200850&var9=850_it_pop_st_mwf_323&utm_medium=popunder&cost=0.009200&SUBID=806896109229191168
IP
18.192.108.151
ASN
#16509 AMAZON-02
Submitted
2024-04-24 08:50:12
Access
public
Website Title
Stella_moaning | Live Sex Chat Cams & More On CAM4
Final URL
landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
track.cam4tracking.com	85407	2014-11-27	2015-07-26	2024-04-18	770 B	1.1 kB	18.192.108.151
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-24	423 B	101 kB	142.250.74.168
cam4-static-test.xcdnpro.com	unknown	2017-02-03	2022-11-21	2024-03-10	6.7 kB	2.1 MB	64.210.135.114
welcome.cam4.com	unknown	1999-07-28	2023-08-07	2024-03-03	1.5 kB	1.6 kB	185.94.239.81
landers.cam4.com	unknown	1999-07-28	2023-10-13	2024-03-10	8.5 kB	8.0 MB	99.192.248.164
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-23	411 B	34 kB	151.101.194.137
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-04-23	886 B	49 kB	104.18.11.207
www.cam4.com	91245	1999-07-28	2012-05-22	2024-03-10	5.6 kB	49 kB	185.94.239.81
dumpster.cam4.com	200007	1999-07-28	2018-12-19	2024-03-03	7.8 kB	63 kB	185.94.239.83
collector.scarletwood.com	unknown	2005-04-29	2022-10-26	2024-03-10	984 B	757 B	3.234.27.130

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2024-02-13	medium	www.cam4.com/images/favicon_192x192.png	Internal Revenue Service
2024-02-13	medium	www.cam4.com/images/favicon.png	Internal Revenue Service
2024-02-13	medium	www.cam4.com/rest/v1.0/options/countries?full=true	Internal Revenue Service
2024-02-13	medium	www.cam4.com/api/directoryCams?directoryJson=true&online=true&url=true&recommendationsForUser=guest&recommendationsRoomName=&resultsPerPage=16&gender=&recommendationEnginePayload=	Internal Revenue Service
2024-02-13	medium	www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=landers.cam4.com/video/css/form.css	Internal Revenue Service

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css	1.5 kB	2023-03-10	2024-05-03
Pretty URL www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css IP 185.94.239.81 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 00:21:14 Last Seen2024-05-03 21:39:58 Times Seen21 Hash 4ff0ea193489619a8a9e34419cf45001 246b2d135edfc894a92662d2f9ffdbd63b84bd40 587eec424d9a400e7794199bcbe8b185f1b5440097e5aa453007d0436a328670 Loading...

	cam4-static-test.xcdnpro.com/web/js/cam4-runnable_670a275b.js	114 kB	2024-04-24	2024-05-03
Pretty URL cam4-static-test.xcdnpro.com/web/js/cam4-runnable_670a275b.js IP 64.210.135.114 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:50:15 Last Seen2024-05-03 21:39:58 Times Seen4 Hash 0a7e4169aa5850d44be718eae3231268 865b5ef8badfb921e9fb5cabb6d1842705524fbc 9a912209c49461c75a468f1ef8ffb5a7f1149973866a4738f52e2d59b913dc7c Loading...

	www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css	21 kB	2024-04-24	2024-04-24
Pretty URL www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css IP 185.94.239.81 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 10:50:15 Last Seen2024-04-24 10:50:15 Times Seen1 Hash 04f5fe191cae325abb91139d3e7fb68f ac31228ef81a88e89e2fbd6258ccbbf3eaeef8ff bf850235fc82c388c6f7eca700cb3a7231425486c49e08ce02637e65512bb783 Loading...

	cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery-1.8.2.min.js	93 kB	2023-03-07	2024-05-05
Pretty URL cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery-1.8.2.min.js IP 64.210.135.114 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:05 Last Seen2024-05-05 20:54:44 Times Seen6313 Hash 0b6ecf17e30037994d3ffee51b525914 d09d3a99ed25d0f1fbe6856de9e14ffd33557256 f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729 Loading...

	cam4-static-test.xcdnpro.com/web/js/build/bundle_dc1efe22.js	30 kB	2023-03-10	2024-05-03
Pretty URL cam4-static-test.xcdnpro.com/web/js/build/bundle_dc1efe22.js IP 64.210.135.114 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:21:14 Last Seen2024-05-03 21:39:59 Times Seen95 Hash f7cc42969087a295da221cf977805135 e1c8f649d4e40926ee3227a02d539e75b5682578 90ef79194d512cd95df4b2aa140468d08a44ed3a8538349b88f1692fc0854eb2 Loading...

	cam4-static-test.xcdnpro.com/web/js/bootstrap-merged_41d3f2c3.js	168 kB	2024-02-14	2024-05-03
Pretty URL cam4-static-test.xcdnpro.com/web/js/bootstrap-merged_41d3f2c3.js IP 64.210.135.114 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-14 10:32:21 Last Seen2024-05-03 21:39:59 Times Seen20 Hash 146364c0723a486b1f4ae2f050633506 9352e57ac70ae1290143168c37189fb00d2932a5 71cc89128b4a3df550ecbc3a3c1db402d981b335d1b43e666c5abfa662d19ccd Loading...

	cam4-static-test.xcdnpro.com/web/js/cam4-merged_a134e870.js	1.4 MB	2024-04-24	2024-04-24
Pretty URL cam4-static-test.xcdnpro.com/web/js/cam4-merged_a134e870.js IP 64.210.135.114 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:50:15 Last Seen2024-04-24 10:50:15 Times Seen1 Hash ba1b3d8208708c917cd936f50e099872 45e175aa479c1b15ee2e8e31818d3a32a25a3ff6 fbb92132868080f371b75ac95bcea074a304504d2145b9c3992de21996031199 Loading...

	www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css	496 B	2023-03-10	2024-05-03
Pretty URL www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css IP 185.94.239.81 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 00:21:14 Last Seen2024-05-03 21:39:58 Times Seen21 Hash e8094cbca9955a5a7ceb995bc36e3f5a 99d1dba2508e2bacacddb8e4528b1e3ca17f4b17 fb2f3f2947e10ba16e74ea0cfdffff98944c95f3519e69efe2c896789d8eb5c2 Loading...

	dumpster.cam4.com/v1/tracking.js	54 kB	2024-04-24	2024-05-04
Pretty URL dumpster.cam4.com/v1/tracking.js IP 185.94.239.83 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:50:15 Last Seen2024-05-04 09:53:55 Times Seen18 Hash 905f6f2a8057ad97624ff53b1267d9c3 365fc6b46fc1682019c98525110d69c898438042 813a5b2d128aad2342a85d4cc37627879c51f64313de82d1ca6390bd319dacb9 Loading...

	dumpster.cam4.com/v2/snpl_v2.js	86 kB	2023-09-09	2024-05-04
Pretty URL dumpster.cam4.com/v2/snpl_v2.js IP 185.94.239.83 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-09 21:12:30 Last Seen2024-05-04 09:53:55 Times Seen58 Hash 0d34caadb7711e9c0e69ae2c64ffc4d7 75d6164796d256d364ff222839a4d5e75c3191b3 f027b512cb6cd71f46b35e6b7e08e2e07bb1ef3d3921e948b7c9161bbb5bcc97 Loading...

	landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup	0 B	2023-03-07	2024-05-05
Pretty URL landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup IP 99.192.248.164 ASN #27589 MOJOHOST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 23:09:57 Times Seen37371101 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	77 B	2023-04-12	2024-05-03
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-12 11:32:25 Last Seen2024-05-03 21:39:58 Times Seen59 Hash 14133f3774bd8307a3118e617e5be44b d8059b618bc914dc9e50d845c1372334ffa8afc6 741236f37faaa2f6f2b845b29b5af49bdc0cd2addebdee2d22622bb2d6fb4bd4 Loading...

	dumpster.cam4.com/v2/snpl-web-vitals.js	4.7 kB	2024-02-14	2024-05-04
Pretty URL dumpster.cam4.com/v2/snpl-web-vitals.js IP 185.94.239.83 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-14 10:32:22 Last Seen2024-05-04 09:53:55 Times Seen40 Hash 896fe5a1a506ef3c5ab75c0ff8df40b4 37f66f4dd3afc021df5c1032ed6dbc53a9df6f1e ab059235d2556a3dee0d594a37effb842ee02ab4fcce3925f596e7eccc188e6b Loading...

	landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup	0 B	2023-03-07	2024-05-05
Pretty URL landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup IP 99.192.248.164 ASN #27589 MOJOHOST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 23:09:57 Times Seen37371101 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cam4-static-test.xcdnpro.com/web/js/i18n/com_cam4/jsLang.en_GB_176e290b.js	50 kB	2024-04-24	2024-05-03
Pretty URL cam4-static-test.xcdnpro.com/web/js/i18n/com_cam4/jsLang.en_GB_176e290b.js IP 64.210.135.114 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:50:16 Last Seen2024-05-03 21:39:58 Times Seen4 Hash 62c4859dd0c79c3711781db1660ee1c7 45a0e1486695d36eb889e0fc35bdd19b2dbd521a 222197a1a0f849114598ff5bfc171b1eb09139dfdaf1ed00882d1d6e49bfe112 Loading...

	cam4-static-test.xcdnpro.com/web/js/checkout_e6ec4d0a.js	63 B	2023-03-10	2024-05-03
Pretty URL cam4-static-test.xcdnpro.com/web/js/checkout_e6ec4d0a.js IP 64.210.135.114 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:21:14 Last Seen2024-05-03 21:39:58 Times Seen100 Hash ca079926a7f807133292c893d7494518 4a51eb5444729ea76a9e5aef1570c4de06ea555b e1d7cfc12f0a98c2ceacfe0989caf442e52691e3c45032bd2c4e5e6cc34e749b Loading...

	code.jquery.com/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-05-05
Pretty URL code.jquery.com/jquery-1.11.3.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2024-05-05 20:57:23 Times Seen10557 Hash 895323ed2f7258af4fae2c738c8aea49 276c87ff3e1e3155679c318938e74e5c1b76d809 ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Loading...

	www.googletagmanager.com/gtag/js?id=G-Y9E01LQ1PZ	302 kB	2024-04-24	2024-04-24
Pretty URL www.googletagmanager.com/gtag/js?id=G-Y9E01LQ1PZ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:50:16 Last Seen2024-04-24 10:50:16 Times Seen2 Hash 3cc22a1d160e97ebe89c6ce8de36ef88 da045e2e71662ebf71c3421942d61d7f5df64d2c c1ba3425cdff0082c1fba98ededfa3012188d6de4e29d82f37d2aeb10b394cc5 Loading...

	cam4-static-test.xcdnpro.com/web/js/cam4-vidyo-connector_6c3a4f55.js	3.9 kB	2024-02-14	2024-05-03
Pretty URL cam4-static-test.xcdnpro.com/web/js/cam4-vidyo-connector_6c3a4f55.js IP 64.210.135.114 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-14 10:32:22 Last Seen2024-05-03 21:39:58 Times Seen11 Hash 8a8ff6979ae035fbbad9c8fc9fb0b7fb 29c61903f5bf4dd68c6fff753d2e2f323b407104 9162912035ca5bbfa3e59d58ea7f6d602215f58dead98695df5f0b5196b14031 Loading...

	cam4-static-test.xcdnpro.com/web/js/cam4-ads_3badabeb.js	8.1 kB	2024-02-14	2024-05-03
Pretty URL cam4-static-test.xcdnpro.com/web/js/cam4-ads_3badabeb.js IP 64.210.135.114 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-14 10:32:22 Last Seen2024-05-03 21:39:58 Times Seen11 Hash 001ceaf457c8f9c4178e422bf53aace8 f38823569434623a17708fc37c11da4db4573f1c e1a0fac65c7c454e0ce985044cc3ce0d1c8d1fe12db630216fe3adb14de72442 Loading...

	cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.js	113 kB	2023-03-10	2024-05-03
Pretty URL cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.js IP 64.210.135.114 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:21:14 Last Seen2024-05-03 21:39:59 Times Seen101 Hash ddabc6e77acfae444e9169c8bbae550d 0aadbf40969629561f3f9a7297f58a32d240d1f4 738a09f335c53353116cbde58185f0e59167278374aa1f49d77f53cb7956820b Loading...

	dumpster.cam4.com/v2/fp1.js	34 kB	2023-05-06	2024-05-04
Pretty URL dumpster.cam4.com/v2/fp1.js IP 185.94.239.83 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 00:04:42 Last Seen2024-05-04 09:53:56 Times Seen54 Hash 6c8689234a1c0bbbd2711ba685157ecd a71b00334f871425ba408adc5bee9f859aa0329c 5a4ce9720e3a1bceae6e699ccba89f9f002ece6b563758092d144cdf4d0928f4 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js	29 kB	2023-03-07	2024-05-05
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-05 20:54:44 Times Seen10000 Hash ba847811448ef90d98d272aeccef2a95 5814e91bb6276f4de8b7951c965f2f190a03978d 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1 Loading...

HTTP Transactions (46)

URL IP Response Size

track.cam4tracking.com/7d2d6bd6-e3b3-4194-a540-cc2205f599bf?campaignid=102485608&zoneid=6923351&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_campaign=acquisition_mar-20-2023&utm_source=341&var8=200850&var9=850_it_pop_st_mwf_323&utm_medium=popunder&cost=0.009200&SUBID=806896109229191168

18.192.108.151

302 Found

0 B

URL User Request GET HTTP/2
track.cam4tracking.com/7d2d6bd6-e3b3-4194-a540-cc2205f599bf?campaignid=102485608&zoneid=6923351&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_campaign=acquisition_mar-20-2023&utm_source=341&var8=200850&var9=850_it_pop_st_mwf_323&utm_medium=popunder&cost=0.009200&SUBID=806896109229191168
IP
18.192.108.151:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjecttrack.cam4tracking.com
Fingerprint7C:19:BA:3B:36:40:A6:B4:C0:2F:64:15:CC:CE:A6:8C:58:20:AC:C8
ValidityTue, 12 Mar 2024 07:09:08 GMT - Mon, 10 Jun 2024 07:09:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /7d2d6bd6-e3b3-4194-a540-cc2205f599bf?campaignid=102485608&zoneid=6923351&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_campaign=acquisition_mar-20-2023&utm_source=341&var8=200850&var9=850_it_pop_st_mwf_323&utm_medium=popunder&cost=0.009200&SUBID=806896109229191168 HTTP/1.1
Host: track.cam4tracking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Wed, 24 Apr 2024 08:49:43 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
pragma: no-cache
set-cookie: 7d2d6bd6-e3b3-4194-a540-cc2205f599bf-v4=d7wV0YxSf22E7DtXvdsOdEihqUyS0pZM_Aw5E8Pu2cA; Max-Age=86400; Expires=Thu, 25-Apr-2024 08:49:43 GMT; Domain=track.cam4tracking.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=YkKcwYdBSE3G30T4iwKsmJJixiAsBgPGRAURSgJNXSi8ZUD6ZUl%2FVBCpUISlhCmFYv8DZPgehfxnOWTWjSQapK6kIobEkQ1%2BeN%2FDhA7xD4rzyPbQG8YbzAeRpyHbppZ7gMLxTG6Rhu7QnCrifyIcIg%3D%3D; Max-Age=31536000; Expires=Thu, 24-Apr-2025 08:49:43 GMT; Domain=track.cam4tracking.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

landers.cam4.com/video/css/video.css

99.192.248.164

200 OK

558 B

URL GET HTTP/2
landers.cam4.com/video/css/video.css
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
HTML document, ASCII text
Size
558 B (558 bytes)
Hash
f51ec611041cd84b64318182a056bd37
ff9afb1f33fc35e76f506f412cd3a4f80d157d12
084cbc1974065f43d82288ecd7814da0420470f06567edce7ead452a645d1d92

HTTP Headers

GET /video/css/video.css HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Cookie: PHPSESSID=krvu2fdg6pb010uk2bt1jqannf; cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:44 GMT
server: Apache
last-modified: Tue, 24 Oct 2023 11:42:00 GMT
etag: "22e-60874d3a826ba"
accept-ranges: bytes
content-length: 558
content-type: text/css
X-Firefox-Spdy: h2

landers.cam4.com/video/css/en.css

99.192.248.164

200 OK

3.6 kB

URL GET HTTP/2
landers.cam4.com/video/css/en.css
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
assembler source, ASCII text
Size
3.6 kB (3597 bytes)
Hash
f63955402f846fd2269f03fa95594327
3feec4229af8bb70e8f566153fcbebf493ff52fb
e90b393ba3656b3fa7f4e73f555d9615453c1d0e83e4996d940acbc10560842f

HTTP Headers

GET /video/css/en.css HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Cookie: PHPSESSID=krvu2fdg6pb010uk2bt1jqannf; cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:44 GMT
server: Apache
last-modified: Thu, 05 Oct 2023 05:16:43 GMT
etag: "e0d-606f13acde1e4"
accept-ranges: bytes
content-length: 3597
content-type: text/css
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.11.3.min.js

151.101.194.137

200 OK

33 kB

URL GET HTTP/2
code.jquery.com/jquery-1.11.3.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32038)
Size
33 kB (33261 bytes)
Hash
895323ed2f7258af4fae2c738c8aea49
276c87ff3e1e3155679c318938e74e5c1b76d809
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

HTTP Headers

GET /jquery-1.11.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-176d5"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 24 Apr 2024 08:49:44 GMT
age: 19147947
x-served-by: cache-lga21975-LGA, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 117, 2420
x-timer: S1713948585.664316,VS0,VE0
vary: Accept-Encoding
content-length: 33261
X-Firefox-Spdy: h2

landers.cam4.com/assets/images/logo/440x122.png

99.192.248.164

200 OK

4.6 kB

URL GET HTTP/2
landers.cam4.com/assets/images/logo/440x122.png
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
PNG image data, 440 x 122, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4610 bytes)
Hash
35342d076a55da8840c4f980e95cf88f
b065ffe23fcfdd8cde7db06c5328520090d77f33
298c4d07b0c82fb367d3ac3e3e09995ccc46f6521e906730fe3ce191f6549853

HTTP Headers

GET /assets/images/logo/440x122.png HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Cookie: PHPSESSID=krvu2fdg6pb010uk2bt1jqannf; cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:44 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 22:35:02 GMT
etag: "1202-606eb9e467cef"
accept-ranges: bytes
content-length: 4610
content-type: image/png
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-Y9E01LQ1PZ

142.250.74.168

200 OK

101 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-Y9E01LQ1PZ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
101 kB (100657 bytes)
Hash
3cc22a1d160e97ebe89c6ce8de36ef88
da045e2e71662ebf71c3421942d61d7f5df64d2c
c1ba3425cdff0082c1fba98ededfa3012188d6de4e29d82f37d2aeb10b394cc5

HTTP Headers

GET /gtag/js?id=G-Y9E01LQ1PZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 08:49:44 GMT
expires: Wed, 24 Apr 2024 08:49:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100657
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

landers.cam4.com/video/thumbnails/stella_moaning.jpg

99.192.248.164

200 OK

15 kB

URL GET HTTP/2
landers.cam4.com/video/thumbnails/stella_moaning.jpg
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
data
Size
15 kB (14766 bytes)
Hash
fac60e68da77c9ffe16875b53ff98871
8d23a0058437a58e698cef8f803ebe1d075f6f0c
f7e0f6f55c98fafea075b6c045f7def86031954e22a48ea16410068485e02a9a

HTTP Headers

GET /video/thumbnails/stella_moaning.jpg HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Cookie: PHPSESSID=krvu2fdg6pb010uk2bt1jqannf; cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:44 GMT
server: Apache
x-powered-by: PHP/7.4.15
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

landers.cam4.com/video/thumbnails/stella_moaning.jpg

99.192.248.164

200 OK

6.2 kB

URL GET HTTP/2
landers.cam4.com/video/thumbnails/stella_moaning.jpg
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
data
Size
6.2 kB (6249 bytes)
Hash
a1ac99a6448e1853c4fe6eae9361dff9
427bb256e32e593dda7a8b8e6fd654710ad9dccb
e4c898a9312470e851411b625ed8166f21aa8798f4fbe1e487806cf1fc6e5fd9

HTTP Headers

GET /video/thumbnails/stella_moaning.jpg HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Cookie: PHPSESSID=krvu2fdg6pb010uk2bt1jqannf; cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:44 GMT
server: Apache
x-powered-by: PHP/7.4.15
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css

104.18.11.207

200 OK

18 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65366)
Size
18 kB (18141 bytes)
Hash
8a7442ca6bedd62cec4881040b9a9e83
e2d2b846e9ea72a1985458a3748aab4e01a8fb3a
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

HTTP Headers

GET /bootstrap/3.1.1/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:44 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"8a7442ca6bedd62cec4881040b9a9e83"
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 08/25/2022 04:46:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 54f6bfd9ba83debd3c2b023913b6f901
cdn-cache: HIT
cf-cache-status: HIT
age: 13053550
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794d77d99f1b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.cam4.com/images/favicon_192x192.png

185.94.239.81

200

8.0 kB

URL GET HTTP/1.1
www.cam4.com/images/favicon_192x192.png
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
8.0 kB (8029 bytes)
Hash
5bae50159117d9b136d1f5fa5fe6535e
361978b9edf4e9eaada77fc2618767ef0fefe2c0
04f23efc7857dbb7cf6d3dedffa83890888f3176bd3bd1093412b864f193bf74

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Internal Revenue Service

HTTP Headers

GET /images/favicon_192x192.png HTTP/1.1
Host: www.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Cookie: cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D; INGRESSCOOKIE=f5befaeaa335508b0c23d472b5798796|d6a68dccd9919960ff135dee3820d14b; JSESSIONID=3C45CD2C663970332084A53B27FD1EC2; cam4-AF-params=remoteAction=register; _ga_Y9E01LQ1PZ=GS1.1.1713948584.1.0.1713948584.0.0.0; _ga=GA1.1.1354157132.1713948585
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Wed, 24 Apr 2024 08:49:45 GMT
Content-Type: image/png
Content-Length: 8029
Connection: keep-alive
cache-control: max-age=432000
content-security-policy: frame-ancestors 'self' ;
accept-ranges: bytes
last-modified: Thu, 01 Jan 1970 00:00:01 GMT

www.cam4.com/images/favicon.png

185.94.239.81

200

2.6 kB

URL GET HTTP/1.1
www.cam4.com/images/favicon.png
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2589 bytes)
Hash
735f225bd9c640221609aad2f5dffaed
8eb8042cfe99060bd8c9b6cec6d427d24019ed64
d8a5cda1543985b9810f2d417201e3eb367f867f3522c7dbb64bced763260bfd

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Internal Revenue Service

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: www.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Cookie: cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D; INGRESSCOOKIE=f5befaeaa335508b0c23d472b5798796|d6a68dccd9919960ff135dee3820d14b; JSESSIONID=3C45CD2C663970332084A53B27FD1EC2; cam4-AF-params=remoteAction=register; _ga_Y9E01LQ1PZ=GS1.1.1713948584.1.0.1713948584.0.0.0; _ga=GA1.1.1354157132.1713948585
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Wed, 24 Apr 2024 08:49:45 GMT
Content-Type: image/png
Content-Length: 2589
Connection: keep-alive
cache-control: max-age=432000
content-security-policy: frame-ancestors 'self' ;
accept-ranges: bytes
last-modified: Thu, 01 Jan 1970 00:00:01 GMT

dumpster.cam4.com/v1/tracking.js

185.94.239.83

200 OK

16 kB

URL GET HTTP/1.1
dumpster.cam4.com/v1/tracking.js
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JavaScript source, ASCII text, with very long lines (53875), with no line terminators
Size
16 kB (15526 bytes)
Hash
905f6f2a8057ad97624ff53b1267d9c3
365fc6b46fc1682019c98525110d69c898438042
813a5b2d128aad2342a85d4cc37627879c51f64313de82d1ca6390bd319dacb9

HTTP Headers

GET /v1/tracking.js HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Cookie: cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D; cam4-AF-params=remoteAction=register; _ga_Y9E01LQ1PZ=GS1.1.1713948584.1.0.1713948584.0.0.0; _ga=GA1.1.1354157132.1713948585
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:49:45 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: smart-agents-ws-cookie=1713948585.195.359.714106; Expires=Fri, 26-Apr-24 08:49:45 GMT; Max-Age=172800; Path=/; HttpOnly
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
nel: {"max_age":0}
cache-control: public, max-age=60
etag: W/"d273-Nl/GtG/BaCAZyYUlEQ1pyJhDgEI"
content-encoding: gzip

landers.cam4.com/video/css/form.css

99.192.248.164

200 OK

3.8 kB

URL GET HTTP/2
landers.cam4.com/video/css/form.css
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
ASCII text, with very long lines (589)
Size
3.8 kB (3792 bytes)
Hash
7357b28b8103ca99020c1f27e5c84088
6f4daf201c5db6f903db8ccf1ce9fdb78c8735c2
308fcc950dd4c48dfd3c5efafbd3624091da6e4f6e207cda998542d2239d2d4b

HTTP Headers

GET /video/css/form.css HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Cookie: PHPSESSID=krvu2fdg6pb010uk2bt1jqannf; cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D; cam4-AF-params=remoteAction=register; _ga_Y9E01LQ1PZ=GS1.1.1713948584.1.0.1713948584.0.0.0; _ga=GA1.1.1354157132.1713948585
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:45 GMT
server: Apache
last-modified: Thu, 05 Oct 2023 05:28:13 GMT
etag: "ed0-606f163e4d9d3"
accept-ranges: bytes
content-length: 3792
content-type: text/css
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/checkout_e6ec4d0a.js

64.210.135.114

200 OK

63 B

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/checkout_e6ec4d0a.js
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
ca079926a7f807133292c893d7494518
4a51eb5444729ea76a9e5aef1570c4de06ea555b
e1d7cfc12f0a98c2ceacfe0989caf442e52691e3c45032bd2c4e5e6cc34e749b

HTTP Headers

GET /web/js/checkout_e6ec4d0a.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:45 GMT
content-type: application/javascript
content-length: 63
last-modified: Thu, 25 Jan 2024 12:24:16 GMT
etag: "20ea2715a-3f-60fc442069c00"
expires: Tue, 28 May 2024 01:37:46 GMT
cache-control: max-age=10572461
access-control-allow-origin: *
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-3-55284-h-0-0---;7846-22-50420----0-0-1
X-Firefox-Spdy: h2

landers.cam4.com/video/videos/straight/stella_moaning.mp4

99.192.248.164

206 Partial Content

8.0 MB

URL GET HTTP/2
landers.cam4.com/video/videos/straight/stella_moaning.mp4
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
8.0 MB (7961267 bytes)
Hash
6363a094fb27e18ea9bf89c8c1e0ec04
476bb0e5909f1643e3fa11b4d1c1ecd76a24e2e2
328452b1798f367d2ea43514c17b958426180f24d2a3b29d8786608a11bc0d37

HTTP Headers

GET /video/videos/straight/stella_moaning.mp4 HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Cookie: PHPSESSID=krvu2fdg6pb010uk2bt1jqannf; cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Wed, 24 Apr 2024 08:49:44 GMT
server: Apache
last-modified: Mon, 31 Oct 2022 18:03:39 GMT
etag: "797ab3-5ec586d5b25f1"
accept-ranges: bytes
content-length: 7961267
content-range: bytes 0-7961266/7961267
content-type: video/mp4
X-Firefox-Spdy: h2

dumpster.cam4.com/v2/snpl_v2.js

185.94.239.83

200 OK

27 kB

URL GET HTTP/1.1
dumpster.cam4.com/v2/snpl_v2.js
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65378)
Size
27 kB (26834 bytes)
Hash
0d34caadb7711e9c0e69ae2c64ffc4d7
75d6164796d256d364ff222839a4d5e75c3191b3
f027b512cb6cd71f46b35e6b7e08e2e07bb1ef3d3921e948b7c9161bbb5bcc97

HTTP Headers

GET /v2/snpl_v2.js HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Cookie: cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D; cam4-AF-params=remoteAction=register; _ga_Y9E01LQ1PZ=GS1.1.1713948584.1.0.1713948584.0.0.0; _ga=GA1.1.1354157132.1713948585; smart-agents-ws-cookie=1713948585.195.359.714106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:49:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=864000
etag: W/"15132-ddYWR5bSVtNk/yIoOaTV51wxkbM"
content-encoding: gzip

cam4-static-test.xcdnpro.com/web/images/new_design/ajax-loader_sml.gif

64.210.135.114

200 OK

2.2 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/images/new_design/ajax-loader_sml.gif
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
GIF image data, version 89a, 56 x 21
Size
2.2 kB (2161 bytes)
Hash
d11eb3c4443b906c93dc94cf294782d1
90882e0ce9a6984b13f3cea272a71274ac7f3d52
77f0207894fe999f9ef04649f1a56d1f4d5771d51fc57f5b6b2db6ba556526af

HTTP Headers

GET /web/images/new_design/ajax-loader_sml.gif HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:46 GMT
content-type: image/gif
content-length: 2161
last-modified: Tue, 30 Jan 2024 20:50:50 GMT
etag: "20e719653-871-6102feadb1e80"
expires: Sat, 01 Jun 2024 13:01:26 GMT
cache-control: max-age=10561941
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: Origin
accept-ranges: bytes
x-cdn-diag: ams5-6139-3-44372-h-0-0---;7846-17-50420----0-0-0
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/images/loader.gif

64.210.135.114

200 OK

4.7 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/images/loader.gif
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
GIF image data, version 89a, 25 x 25
Size
4.7 kB (4716 bytes)
Hash
a2a03d86d45eaf30e24b3b0eb2a509f3
147f2e46383896ed097d28dec572e24aff074525
54ebdff8b3030f5b870ded09d7789bc798b11ab64bb743ac895d66b55b24bfa5

HTTP Headers

GET /web/images/loader.gif HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:46 GMT
content-type: image/gif
content-length: 4716
last-modified: Thu, 25 Jan 2024 12:20:22 GMT
etag: "20f3e119d-126c-60fc434140d80"
expires: Thu, 30 May 2024 01:00:13 GMT
cache-control: max-age=10759726
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: Origin
accept-ranges: bytes
x-cdn-diag: ams5-6141-1-24782-h-0-0---;7846-17-50420----0-0-0
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/images/ajax-loader.gif

64.210.135.114

200 OK

1.7 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/images/ajax-loader.gif
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
GIF image data, version 89a, 16 x 16
Size
1.7 kB (1720 bytes)
Hash
c56adf6af9aee1bb3837c6f6a06ab817
fd5ab5cef5b992f5445bef2b9ae430593480ff9f
0ce063266ba4833d228b766bf8ba6e730b611ae1006c299a6efb44a5cfa9f34d

HTTP Headers

GET /web/images/ajax-loader.gif HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:46 GMT
content-type: image/gif
content-length: 1720
last-modified: Fri, 19 Jan 2024 11:34:18 GMT
etag: "20db96c84-6b8-60f4adc488280"
expires: Thu, 23 May 2024 23:47:29 GMT
cache-control: max-age=10798931
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: Origin
accept-ranges: bytes
x-cdn-diag: ams5-6140-3-19621-h-0-0---;7846-17-50420----0-0-0
X-Firefox-Spdy: h2

www.cam4.com/rest/v1.0/options/countries?full=true

185.94.239.81

200

2.9 kB

URL GET HTTP/1.1
www.cam4.com/rest/v1.0/options/countries?full=true
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JSON text data
Size
2.9 kB (2942 bytes)
Hash
2b6586f99e5b6b0228734b04a8da30c4
8c759da64cf096269f9f49b98f53720424ca72b1
a85d8b5bd1f02c1692907d9c7359128ecb9b23b3fcde799d3e58eb7d0081c8de

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Internal Revenue Service

HTTP Headers

GET /rest/v1.0/options/countries?full=true HTTP/1.1
Host: www.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Cookie: cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D; INGRESSCOOKIE=f5befaeaa335508b0c23d472b5798796|d6a68dccd9919960ff135dee3820d14b; JSESSIONID=3C45CD2C663970332084A53B27FD1EC2; cam4-AF-params=remoteAction=register; _ga_Y9E01LQ1PZ=GS1.1.1713948584.1.0.1713948584.0.0.0; _ga=GA1.1.1354157132.1713948585
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Wed, 24 Apr 2024 08:49:46 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
content-security-policy: frame-ancestors 'self' ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, x-b3-traceid, x-b3-spanid, x-b3-parentspanid, x-b3-sampled, x-b3-flags, x-zipkin-extension, x-process-id, x-span-name, x-span-export, Content-Disposition, Access-Hash, Username, Last-Cash-Out-Authorization, X-Redirect-To
access-control-allow-methods: GET, POST, PATCH , DELETE, PUT, OPTIONS, HEAD
access-control-expose-headers: totalCount
cache-control: max-age=86400
Content-Encoding: gzip

www.cam4.com/api/directoryCams?directoryJson=true&online=true&url=true&recommendationsForUser=guest&recommendationsRoomName=&resultsPerPage=16&gender=&recommendationEnginePayload=

185.94.239.81

200

4.5 kB

URL GET HTTP/1.1
www.cam4.com/api/directoryCams?directoryJson=true&online=true&url=true&recommendationsForUser=guest&recommendationsRoomName=&resultsPerPage=16&gender=&recommendationEnginePayload=
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JSON text data
Size
4.5 kB (4468 bytes)
Hash
4dc1c89eee45f77d3d31edfdb586f33d
5d55df5dc24f8d290c24702e6bb63765d34d67ba
81af57cfd14a7fa1fa3c14730329963d7024c5400087c770ce86fd3fa028c817

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Internal Revenue Service

HTTP Headers

GET /api/directoryCams?directoryJson=true&online=true&url=true&recommendationsForUser=guest&recommendationsRoomName=&resultsPerPage=16&gender=&recommendationEnginePayload= HTTP/1.1
Host: www.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Cookie: cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D; INGRESSCOOKIE=f5befaeaa335508b0c23d472b5798796|d6a68dccd9919960ff135dee3820d14b; JSESSIONID=3C45CD2C663970332084A53B27FD1EC2; cam4-AF-params=remoteAction=register; _ga_Y9E01LQ1PZ=GS1.1.1713948584.1.0.1713948584.0.0.0; _ga=GA1.1.1354157132.1713948585
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Wed, 24 Apr 2024 08:49:46 GMT
Content-Type: application/json;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Username, Access-Hash
content-security-policy: frame-ancestors 'self' ;
Content-Encoding: gzip

dumpster.cam4.com/v2/snpl-web-vitals.js

185.94.239.83

200 OK

2.0 kB

URL GET HTTP/1.1
dumpster.cam4.com/v2/snpl-web-vitals.js
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JavaScript source, ASCII text, with very long lines (4457)
Size
2.0 kB (2035 bytes)
Hash
896fe5a1a506ef3c5ab75c0ff8df40b4
37f66f4dd3afc021df5c1032ed6dbc53a9df6f1e
ab059235d2556a3dee0d594a37effb842ee02ab4fcce3925f596e7eccc188e6b

HTTP Headers

GET /v2/snpl-web-vitals.js HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Cookie: cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D; cam4-AF-params=remoteAction=register; _ga_Y9E01LQ1PZ=GS1.1.1713948584.1.0.1713948584.0.0.0; _ga=GA1.1.1354157132.1713948585; smart-agents-ws-cookie=1713948585.195.359.714106; _sp_ses.dd07=*; _sp_id.dd07=4aea4f54-fbf1-4b49-8de6-bfde73fa595f.1713948587.1.1713948587..5395b71f-47d3-4f94-9723-7880b8a08615....0; cam4rt8=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:49:47 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=86400
etag: W/"128c-N/ZvTdOvwCHfXBAy7W28U6nfbx4"
content-encoding: gzip

dumpster.cam4.com/v2/chat/config.json

185.94.239.83

200 OK

96 B

URL GET HTTP/1.1
dumpster.cam4.com/v2/chat/config.json
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JSON text data
Size
96 B (96 bytes)
Hash
f880f4b2c5db062eda95bf308932d121
615841bf67bb2d9690a1efb3051fbf78a55ab7f7
57f8b9891a622f92b0eccc979c4bda741ea1c442feb893b7d2f729c16dc58630

HTTP Headers

GET /v2/chat/config.json HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cam4.com/
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:49:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 96
Connection: keep-alive
set-cookie: smart-agents-ws-cookie=1713948587.894.13135.639882; Expires=Fri, 26-Apr-24 08:49:47 GMT; Max-Age=172800; Path=/; HttpOnly
access-control-allow-origin: https://www.cam4.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=60
etag: W/"60-YVhBv2e7LZaQoe+zBR+/eKVat/c"

welcome.cam4.com/graph/?

185.94.239.81

200 OK

0 B

URL POST HTTP/1.1
welcome.cam4.com/graph/?
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /graph/? HTTP/1.1
Host: welcome.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cam4.com/
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 24 Apr 2024 08:49:47 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://www.cam4.com
Vary: Origin, Access-Control-Request-Headers
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Headers: content-type

dumpster.cam4.com/me

185.94.239.83

200 OK

150 B

URL GET HTTP/1.1
dumpster.cam4.com/me
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JSON text data
Size
150 B (150 bytes)
Hash
939fe5924e865a672f4c6dd2c5db2b87
b1137d1b59feed7962b4bda5f7fb7580ae1cf545
9389aa343989bf8fa405b5df348d8e0ea89048831f2abd61a02b7ba71db94974

HTTP Headers

GET /me HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cam4.com/
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:49:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 150
Connection: keep-alive
set-cookie: smart-agents-ws-cookie=1713948587.936.12793.168863; Expires=Fri, 26-Apr-24 08:49:47 GMT; Max-Age=172800; Path=/; HttpOnly
access-control-allow-origin: https://www.cam4.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
etag: W/"96-sRN9G1n+7XlitL2l9/t1gK4c9UU"

dumpster.cam4.com/v2/chat/config.json

185.94.239.83

200 OK

96 B

URL GET HTTP/1.1
dumpster.cam4.com/v2/chat/config.json
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JSON text data
Size
96 B (96 bytes)
Hash
f880f4b2c5db062eda95bf308932d121
615841bf67bb2d9690a1efb3051fbf78a55ab7f7
57f8b9891a622f92b0eccc979c4bda741ea1c442feb893b7d2f729c16dc58630

HTTP Headers

GET /v2/chat/config.json HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cam4.com/
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:49:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 96
Connection: keep-alive
set-cookie: smart-agents-ws-cookie=1713948587.941.1345.71736; Expires=Fri, 26-Apr-24 08:49:47 GMT; Max-Age=172800; Path=/; HttpOnly
access-control-allow-origin: https://www.cam4.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=60
etag: W/"60-YVhBv2e7LZaQoe+zBR+/eKVat/c"

welcome.cam4.com/graph/?

185.94.239.81

200 OK

650 B

URL POST HTTP/1.1
welcome.cam4.com/graph/?
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JSON text data
Size
650 B (650 bytes)
Hash
65c39fb4d79177ec5f9fb09ceea9261b
9a2c04855ad99a8c8cefe048ccb5abc70769260a
c41eb70abf4c2f2f79e8e030b11e470ffaf246627a7db5aba7fc26e629e2181e

HTTP Headers

POST /graph/? HTTP/1.1
Host: welcome.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cam4.com/
content-type: application/json
Content-Length: 136
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Cookie: cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D; cam4-AF-params=remoteAction=register; _ga_Y9E01LQ1PZ=GS1.1.1713948584.1.0.1713948584.0.0.0; _ga=GA1.1.1354157132.1713948585
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:49:48 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://www.cam4.com
Vary: Origin
Access-Control-Allow-Credentials: true
NEL: {"report_to":"default","max_age":31536000,"include_subdomains":true,"failure_fraction":0.5,"success_fraction":0.001}
Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://collector.net-logger.com/report"}]}
ETag: W/"9b0-miwEhVrZmoyM7+BIzLWrxwdpJgo"
Content-Encoding: gzip

dumpster.cam4.com/ws/

185.94.239.83

0 B

URL
dumpster.cam4.com/ws/
IP
185.94.239.83:0
ASN
#42567 Mojohost B.v.

Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ws/ HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.cam4.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8At3GNxN78UFwafepCOF2g==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D; cam4-AF-params=remoteAction=register; _ga_Y9E01LQ1PZ=GS1.1.1713948584.1.0.1713948584.0.0.0; _ga=GA1.1.1354157132.1713948585; smart-agents-ws-cookie=1713948585.195.359.714106; _sp_ses.dd07=*; _sp_id.dd07=4aea4f54-fbf1-4b49-8de6-bfde73fa595f.1713948587.1.1713948587..5395b71f-47d3-4f94-9723-7880b8a08615....0; cam4rt8=true
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Wed, 24 Apr 2024 08:49:48 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: 9y4O+n/2EoeIPSXZN28E7Mwzl58=
set-cookie: SESSIONIDv2=3c836475dee45401d9289c9d2759c01b41bb8768; Domain=.cam4.com; Path=/; SameSite=Lax; Secure; HttpOnly

dumpster.cam4.com/v2/fp1.js

185.94.239.83

200 OK

14 kB

URL GET HTTP/1.1
dumpster.cam4.com/v2/fp1.js
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33906)
Size
14 kB (14338 bytes)
Hash
6c8689234a1c0bbbd2711ba685157ecd
a71b00334f871425ba408adc5bee9f859aa0329c
5a4ce9720e3a1bceae6e699ccba89f9f002ece6b563758092d144cdf4d0928f4

HTTP Headers

GET /v2/fp1.js HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Cookie: cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D; cam4-AF-params=remoteAction=register; _ga_Y9E01LQ1PZ=GS1.1.1713948584.1.0.1713948584.0.0.0; _ga=GA1.1.1354157132.1713948585; smart-agents-ws-cookie=1713948585.195.359.714106; _sp_ses.dd07=*; _sp_id.dd07=4aea4f54-fbf1-4b49-8de6-bfde73fa595f.1713948587.1.1713948587..5395b71f-47d3-4f94-9723-7880b8a08615....0; cam4rt8=true; ds_recsys_alloc_DS0002b=true; SESSIONIDv2=3c836475dee45401d9289c9d2759c01b41bb8768
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:49:56 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=864000
etag: W/"85bf-pxsAM0+HFCW6QIrcW+6fhZqgMpw"
content-encoding: gzip

collector.scarletwood.com/com.snowplowanalytics.snowplow/tp2

3.234.27.130

200 OK

0 B

URL POST HTTP/2
collector.scarletwood.com/com.snowplowanalytics.snowplow/tp2
IP
3.234.27.130:443
ASN
#14618 AMAZON-AES

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerAmazon
Subjectcollector.scarletwood.com
Fingerprint91:D1:88:82:A6:F0:8E:05:1A:00:10:BE:2B:DD:16:D2:07:A3:22:67
ValidityTue, 26 Sep 2023 00:00:00 GMT - Thu, 24 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: collector.scarletwood.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cam4.com/
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:58 GMT
content-length: 0
access-control-allow-origin: https://www.cam4.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 86400
server: akka-http/10.2.7
X-Firefox-Spdy: h2

collector.scarletwood.com/com.snowplowanalytics.snowplow/tp2

3.234.27.130

200 OK

2 B

URL POST HTTP/2
collector.scarletwood.com/com.snowplowanalytics.snowplow/tp2
IP
3.234.27.130:443
ASN
#14618 AMAZON-AES

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerAmazon
Subjectcollector.scarletwood.com
Fingerprint91:D1:88:82:A6:F0:8E:05:1A:00:10:BE:2B:DD:16:D2:07:A3:22:67
ValidityTue, 26 Sep 2023 00:00:00 GMT - Thu, 24 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: collector.scarletwood.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2619
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
set-cookie: sp=4297ab46-2dc0-4c35-a834-9f712019a5da; Expires=Thu, 24 Apr 2025 08:49:58 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.cam4.com
access-control-allow-credentials: true
server: akka-http/10.2.7
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.css

64.210.135.114

200 OK

73 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.css
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
ASCII text, with very long lines (65378)
Size
73 kB (72903 bytes)
Hash
00dc711bd524c5bf796b3bb24ce5b43c
8ac4dbb14a86fe21784e9d25b1f8f987fe1ae510
738dd9d2c66db07508d0aab9736e88c4c0a01760c2b618e64e8a65c7b028a0b7

HTTP Headers

GET /web/js/jquery-mobile/jquery.mobile-1.2.0.min.css HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:45 GMT
content-type: text/css
vary: Origin
last-modified: Thu, 01 Feb 2024 11:45:12 GMT
etag: W/"2102e1155-11cc7-610508733a200"
expires: Sat, 01 Jun 2024 13:33:57 GMT
cache-control: max-age=10413137
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6249-1-14735-h-0-0---;7846-22-50420----0-0-1
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/build/bundle_dc1efe22.js

64.210.135.114

200 OK

30 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/build/bundle_dc1efe22.js
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
JavaScript source, ASCII text, with very long lines (18835)
Size
30 kB (29994 bytes)
Hash
f7cc42969087a295da221cf977805135
e1c8f649d4e40926ee3227a02d539e75b5682578
90ef79194d512cd95df4b2aa140468d08a44ed3a8538349b88f1692fc0854eb2

HTTP Headers

GET /web/js/build/bundle_dc1efe22.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:45 GMT
content-type: application/javascript
vary: Origin
last-modified: Thu, 25 Jan 2024 12:28:24 GMT
etag: W/"20d66b813-752a-60fc450ceca00"
expires: Tue, 28 May 2024 08:01:17 GMT
cache-control: max-age=10436311
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-3-60186-h-0-0---;7846-21-50420----0-0-0
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.js

64.210.135.114

200 OK

113 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.js
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65377)
Size
113 kB (113181 bytes)
Hash
ddabc6e77acfae444e9169c8bbae550d
0aadbf40969629561f3f9a7297f58a32d240d1f4
738a09f335c53353116cbde58185f0e59167278374aa1f49d77f53cb7956820b

HTTP Headers

GET /web/js/jquery-mobile/jquery.mobile-1.2.0.min.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:45 GMT
content-type: application/javascript
vary: Origin
last-modified: Tue, 12 Dec 2023 14:26:12 GMT
etag: W/"207010982-1ba1d-60c50d5136900"
expires: Fri, 12 Apr 2024 14:31:14 GMT
cache-control: max-age=10501546
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6140-1-19330-h-0-0---;7846-22-50420----0-0-0
X-Firefox-Spdy: h2

www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css

185.94.239.81

200

28 kB

URL GET HTTP/1.1
www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JavaScript source, ASCII text, with very long lines (21959)
Size
28 kB (28106 bytes)
Hash
1005c22979f37667a029c3ad435239cc
26c0ed7baa16a0b2bc193846d74381f746bdb4a8
b09d513300b83f99e5e867c902f3b7354b96dc9712a8ddfcd46740f2709bd580

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Internal Revenue Service

HTTP Headers

GET /remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css HTTP/1.1
Host: www.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Cookie: cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Wed, 24 Apr 2024 08:49:44 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: INGRESSCOOKIE=f5befaeaa335508b0c23d472b5798796|d6a68dccd9919960ff135dee3820d14b; Path=/; HttpOnly
JSESSIONID=3C45CD2C663970332084A53B27FD1EC2; Path=/; Secure; HttpOnly
cam4-AH=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=cam4.com; Path=/; HttpOnly
cam4-PAY=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=cam4.com; Path=/
cam4-AF-params=act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css; Max-Age=2592000; Expires=Fri, 24 May 2024 08:49:44 GMT; Domain=cam4.com; Path=/
cam4-AF-params=remoteAction=register; Max-Age=2592000; Expires=Fri, 24 May 2024 08:49:44 GMT; Domain=cam4.com; Path=/
cam4-AF-params=remoteAction=register; Max-Age=2592000; Expires=Fri, 24 May 2024 08:49:44 GMT; Domain=cam4.com; Path=/
cam4-AF-params=remoteAction=register; Max-Age=2592000; Expires=Fri, 24 May 2024 08:49:44 GMT; Domain=cam4.com; Path=/
Content-Encoding: gzip

maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js

104.18.11.207

200 OK

29 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (28941)
Size
29 kB (29110 bytes)
Hash
ba847811448ef90d98d272aeccef2a95
5814e91bb6276f4de8b7951c965f2f190a03978d
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

HTTP Headers

GET /bootstrap/3.1.1/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:44 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ba847811448ef90d98d272aeccef2a95"
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 12/24/2022 09:42:47
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 309a35b9541e54d726e806d52cb277ef
cdn-cache: HIT
cf-cache-status: HIT
age: 13226528
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794d77d99f2b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/css/VidyoClient.css

64.210.135.114

200 OK

8.6 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/css/VidyoClient.css
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
ASCII text, with very long lines (8656), with no line terminators
Size
8.6 kB (8590 bytes)
Hash
54ac943756c592c7c5bb492335cbdb93
ddabe48f54aa6ecacaa5fb6a801271584743c2ff
744949b6c1913be4c29a42700a05732b0809eb58809e5c2bb6ae221b82781a54

HTTP Headers

GET /web/css/VidyoClient.css HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:45 GMT
content-type: text/css
vary: Origin
last-modified: Tue, 30 Jan 2024 21:02:20 GMT
etag: W/"20f8d2db5-218e-6103013fbaf00"
expires: Thu, 30 May 2024 05:12:43 GMT
cache-control: max-age=10394654
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-2-59923-h-0-0---;7846-22-50420----0-0-0
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/cam4-merged_a134e870.js

64.210.135.114

200 OK

1.4 MB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/cam4-merged_a134e870.js
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type

Size
1.4 MB (1442771 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web/js/cam4-merged_a134e870.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:45 GMT
content-type: application/javascript
vary: Origin
last-modified: Mon, 01 Apr 2024 13:16:14 GMT
etag: W/"217853b73-1603d3-61508cb3da380"
expires: Fri, 02 Aug 2024 12:04:19 GMT
cache-control: max-age=10472102
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6140-2-19530-h-0-0---;7846-22-50420----0-0-0
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/i18n/com_cam4/jsLang.en_GB_176e290b.js

64.210.135.114

200 OK

50 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/i18n/com_cam4/jsLang.en_GB_176e290b.js
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type

Size
50 kB (50200 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web/js/i18n/com_cam4/jsLang.en_GB_176e290b.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:45 GMT
content-type: application/javascript
vary: Origin
last-modified: Fri, 22 Mar 2024 21:49:30 GMT
etag: W/"216325619-c418-61446cc698e80"
expires: Tue, 23 Jul 2024 21:53:48 GMT
cache-control: max-age=10625671
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6140-1-19330-h-0-0---;7846-22-50420----0-0-0
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/cam4-runnable_670a275b.js

64.210.135.114

200 OK

114 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/cam4-runnable_670a275b.js
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type

Size
114 kB (114507 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web/js/cam4-runnable_670a275b.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:45 GMT
content-type: application/javascript
vary: Origin
last-modified: Mon, 01 Apr 2024 13:20:54 GMT
etag: W/"217f25700-1bf4b-61508dbee1980"
expires: Fri, 02 Aug 2024 12:04:19 GMT
cache-control: max-age=10472102
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-1-59860-h-0-0---;7846-22-50420----0-0-1
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/cam4-vidyo-connector_6c3a4f55.js

64.210.135.114

200 OK

3.9 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/cam4-vidyo-connector_6c3a4f55.js
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
JavaScript source, ASCII text, with very long lines (4067), with no line terminators
Size
3.9 kB (3922 bytes)
Hash
1fbde34b5140e7da6462ccd1045ba06d
ccdbb436f9304bf402ef65fb0135ef57cf01109a
bcc48c0bee144a0167cece6c2895fa22b637e7ee78b24e0b61a3890679db1c1d

HTTP Headers

GET /web/js/cam4-vidyo-connector_6c3a4f55.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:45 GMT
content-type: application/javascript
vary: Origin
last-modified: Wed, 10 Apr 2024 14:55:00 GMT
etag: W/"218b18ea2-f52-615bf39079900"
expires: Tue, 13 Aug 2024 14:29:39 GMT
cache-control: max-age=10777321
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6139-3-44373-h-0-0---;7846-22-50420----0-0-0
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/cam4-ads_3badabeb.js

64.210.135.114

200 OK

8.1 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/cam4-ads_3badabeb.js
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
JavaScript source, ASCII text, with very long lines (8349), with no line terminators
Size
8.1 kB (8071 bytes)
Hash
b91baf9c9a3f0de96db3c88009a03184
1cf8f2234008e41d0bdc2d7d3c47410d729d0224
80f9b192d44a5dd9bcb254885052265d564376ab147d7bd69be31f7bce0da460

HTTP Headers

GET /web/js/cam4-ads_3badabeb.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:45 GMT
content-type: application/javascript
vary: Origin
last-modified: Mon, 25 Mar 2024 14:59:30 GMT
etag: W/"21760042e-1f87-6147d6ba97880"
expires: Wed, 24 Jul 2024 09:06:25 GMT
cache-control: max-age=10425807
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6141-3-25062-h-0-0---;7846-22-50420----0-0-0
X-Firefox-Spdy: h2

landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup

99.192.248.164

200 OK

5.7 kB

URL User Request GET HTTP/2
landers.cam4.com/video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
JavaScript source, ASCII text, with very long lines (6101), with no line terminators
Size
5.7 kB (5718 bytes)
Hash
899538f663fd8defafc8511bc056354b
6b6edf983d9278a48b8aba597287c0b0ba26b73e
96dd309a80ba3c326605b3fef805465649a4758d070653d2a54817bc299df79b

HTTP Headers

GET /video/female?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&utm_keyword=102485608&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-20-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_mobile_italian&utm_term=lander-female_nsfw_signup HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:44 GMT
server: Apache
x-powered-by: PHP/7.4.15
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=krvu2fdg6pb010uk2bt1jqannf; path=/
cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; expires=Fri, 24-May-2024 08:49:44 GMT; Max-Age=2592000; path=/; domain=.cam4.com
cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D; expires=Fri, 24-May-2024 08:49:44 GMT; Max-Age=2592000; path=/; domain=.cam4.com
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery-1.8.2.min.js

64.210.135.114

200 OK

93 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery-1.8.2.min.js
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type

Size
93 kB (93435 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web/js/jquery-mobile/jquery-1.8.2.min.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:45 GMT
content-type: application/javascript
vary: Origin
last-modified: Tue, 30 Jan 2024 16:08:36 GMT
etag: W/"20f0e9b5e-16cfb-6102bf982c900"
expires: Mon, 03 Jun 2024 16:26:59 GMT
cache-control: max-age=10794091
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6140-1-19330-h-0-0---;7846-22-50420----0-0-0
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/bootstrap-merged_41d3f2c3.js

64.210.135.114

200 OK

168 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/bootstrap-merged_41d3f2c3.js
IP
64.210.135.114:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
JavaScript source, ASCII text, with very long lines (58715)
Size
168 kB (167474 bytes)
Hash
146364c0723a486b1f4ae2f050633506
9352e57ac70ae1290143168c37189fb00d2932a5
71cc89128b4a3df550ecbc3a3c1db402d981b335d1b43e666c5abfa662d19ccd

HTTP Headers

GET /web/js/bootstrap-merged_41d3f2c3.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:49:45 GMT
content-type: application/javascript
vary: Origin
last-modified: Fri, 29 Mar 2024 07:46:34 GMT
etag: W/"215e1db92-28e32-614c7d6bcaa80"
expires: Sat, 03 Aug 2024 13:51:05 GMT
cache-control: max-age=10774584
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7846-3-55282-h-0-0---;7846-22-50420----0-0-0
X-Firefox-Spdy: h2

dumpster.cam4.com/ws/

185.94.239.83

101 Switching Protocols

0 B

URL GET HTTP/1.1
dumpster.cam4.com/ws/
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ws/ HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.cam4.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8At3GNxN78UFwafepCOF2g==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: cam4-AF="voluum_wi2aeq3cmj6fdgq0jouelqa8_200850:850_it_pop_st_mwf_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-20-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_mobile_italian%22%7D; cam4-AF-params=remoteAction=register; _ga_Y9E01LQ1PZ=GS1.1.1713948584.1.0.1713948584.0.0.0; _ga=GA1.1.1354157132.1713948585; smart-agents-ws-cookie=1713948585.195.359.714106; _sp_ses.dd07=*; _sp_id.dd07=4aea4f54-fbf1-4b49-8de6-bfde73fa595f.1713948587.1.1713948587..5395b71f-47d3-4f94-9723-7880b8a08615....0; cam4rt8=true
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Wed, 24 Apr 2024 08:49:48 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: 9y4O+n/2EoeIPSXZN28E7Mwzl58=
set-cookie: SESSIONIDv2=3c836475dee45401d9289c9d2759c01b41bb8768; Domain=.cam4.com; Path=/; SameSite=Lax; Secure; HttpOnly

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML