Report - track.cam4tracking.com/c96492fe-d824-4917-bd96-f5d127e7dcb7?campaignid=102525309&zoneid=6188250&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_campaign=acquisition_mar-27-2023&utm_source=341&var8=200850&var9=850_it_pop_st_dk_323&utm_medium=popunder&cost=0.010100&SUBID=812875702591295489

Report Overview

Submitted URL
track.cam4tracking.com/c96492fe-d824-4917-bd96-f5d127e7dcb7?campaignid=102525309&zoneid=6188250&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_campaign=acquisition_mar-27-2023&utm_source=341&var8=200850&var9=850_it_pop_st_dk_323&utm_medium=popunder&cost=0.010100&SUBID=812875702591295489
IP
54.230.111.64
ASN
#16509 AMAZON-02
Submitted
2024-05-10 19:21:59
Access
public
Website Title
Fragile7883-1 | Live Sex Chat Cams & More On CAM4
Final URL
landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-09	411 B	34 kB	151.101.2.137
landers.cam4.com	unknown	1999-07-28	2023-10-13	2024-04-17	10 kB	484 kB	99.192.248.164
www.cam4.com	91245	1999-07-28	2012-05-22	2024-05-07	5.3 kB	31 kB	185.94.239.81
cam4-static-test.xcdnpro.com	unknown	2017-02-03	2022-11-21	2024-05-07	6.7 kB	2.1 MB	64.210.135.118
welcome.cam4.com	unknown	1999-07-28	2023-08-07	2024-03-03	1.5 kB	1.6 kB	185.94.239.81
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-05-09	888 B	131 kB	104.18.10.207
track.cam4tracking.com	85407	2014-11-27	2015-07-26	2023-09-13	770 B	1.2 kB	54.230.111.64
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	423 B	103 kB	142.250.74.168
dumpster.cam4.com	200007	1999-07-28	2018-12-19	2024-05-07	7.8 kB	63 kB	185.94.239.83
collector.scarletwood.com	unknown	2005-04-29	2022-10-26	2024-05-07	984 B	757 B	3.232.14.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2024-02-13	medium	www.cam4.com/images/favicon.png	Internal Revenue Service
2024-02-13	medium	www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=landers.cam4.com/video/css/form.css	Internal Revenue Service
2024-02-13	medium	www.cam4.com/api/directoryCams?directoryJson=true&online=true&url=true&recommendationsForUser=guest&recommendationsRoomName=&resultsPerPage=16&gender=&recommendationEnginePayload=	Internal Revenue Service
2024-02-13	medium	www.cam4.com/rest/v1.0/options/countries?full=true	Internal Revenue Service
2024-02-13	medium	www.cam4.com/images/favicon_192x192.png	Internal Revenue Service

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	cam4-static-test.xcdnpro.com/web/js/i18n/com_cam4/jsLang.en_GB_9971a259.js	50 kB	2024-05-09	2024-05-11
Pretty URL cam4-static-test.xcdnpro.com/web/js/i18n/com_cam4/jsLang.en_GB_9971a259.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 17:17:00 Last Seen2024-05-11 22:56:24 Times Seen3 Hash d38ad19b7ebd2daafa7494598aaba6da 0ea047dda534050caab83fd2b6ac25842d9d0933 d709b7b07b154ad0e7bc79e8e80a1f42f066dae8819193286331409ff075aea5 Loading...

	cam4-static-test.xcdnpro.com/web/js/build/bundle_dc1efe22.js	30 kB	2023-03-10	2024-05-11
Pretty URL cam4-static-test.xcdnpro.com/web/js/build/bundle_dc1efe22.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:21:14 Last Seen2024-05-11 22:56:24 Times Seen101 Hash f7cc42969087a295da221cf977805135 e1c8f649d4e40926ee3227a02d539e75b5682578 90ef79194d512cd95df4b2aa140468d08a44ed3a8538349b88f1692fc0854eb2 Loading...

	cam4-static-test.xcdnpro.com/web/js/checkout_e6ec4d0a.js	63 B	2023-03-10	2024-05-11
Pretty URL cam4-static-test.xcdnpro.com/web/js/checkout_e6ec4d0a.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:21:14 Last Seen2024-05-11 22:56:24 Times Seen106 Hash ca079926a7f807133292c893d7494518 4a51eb5444729ea76a9e5aef1570c4de06ea555b e1d7cfc12f0a98c2ceacfe0989caf442e52691e3c45032bd2c4e5e6cc34e749b Loading...

	www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css	1.5 kB	2023-03-10	2024-05-11
Pretty URL www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css IP 185.94.239.81 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 00:21:14 Last Seen2024-05-11 22:56:24 Times Seen24 Hash 4ff0ea193489619a8a9e34419cf45001 246b2d135edfc894a92662d2f9ffdbd63b84bd40 587eec424d9a400e7794199bcbe8b185f1b5440097e5aa453007d0436a328670 Loading...

	dumpster.cam4.com/v2/fp1.js	34 kB	2023-05-06	2024-05-19
Pretty URL dumpster.cam4.com/v2/fp1.js IP 185.94.239.83 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 00:04:42 Last Seen2024-05-19 09:11:50 Times Seen70 Hash 6c8689234a1c0bbbd2711ba685157ecd a71b00334f871425ba408adc5bee9f859aa0329c 5a4ce9720e3a1bceae6e699ccba89f9f002ece6b563758092d144cdf4d0928f4 Loading...

	www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css	20 kB	2024-05-10	2024-05-10
Pretty URL www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css IP 185.94.239.81 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 21:22:01 Last Seen2024-05-10 21:22:01 Times Seen1 Hash d3d206c71b68714fbd5e1017e55c792b c2dbf892e0abd188dea02217137867efb71583b1 fb2093a941a8fa3b36d8d0850ce9e6c07de40a75175e79dd46e8ca2b962d34c7 Loading...

	cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery-1.8.2.min.js	93 kB	2023-03-07	2024-05-23
Pretty URL cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery-1.8.2.min.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:05 Last Seen2024-05-23 02:10:23 Times Seen6416 Hash 0b6ecf17e30037994d3ffee51b525914 d09d3a99ed25d0f1fbe6856de9e14ffd33557256 f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729 Loading...

	www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css	496 B	2023-03-10	2024-05-11
Pretty URL www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css IP 185.94.239.81 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 00:21:14 Last Seen2024-05-11 22:56:24 Times Seen24 Hash e8094cbca9955a5a7ceb995bc36e3f5a 99d1dba2508e2bacacddb8e4528b1e3ca17f4b17 fb2f3f2947e10ba16e74ea0cfdffff98944c95f3519e69efe2c896789d8eb5c2 Loading...

	cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.js	113 kB	2023-03-10	2024-05-11
Pretty URL cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:21:14 Last Seen2024-05-11 22:56:24 Times Seen107 Hash ddabc6e77acfae444e9169c8bbae550d 0aadbf40969629561f3f9a7297f58a32d240d1f4 738a09f335c53353116cbde58185f0e59167278374aa1f49d77f53cb7956820b Loading...

	cam4-static-test.xcdnpro.com/web/js/cam4-runnable_670a275b.js	114 kB	2024-04-24	2024-05-11
Pretty URL cam4-static-test.xcdnpro.com/web/js/cam4-runnable_670a275b.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:50:15 Last Seen2024-05-11 22:56:24 Times Seen7 Hash 0a7e4169aa5850d44be718eae3231268 865b5ef8badfb921e9fb5cabb6d1842705524fbc 9a912209c49461c75a468f1ef8ffb5a7f1149973866a4738f52e2d59b913dc7c Loading...

	dumpster.cam4.com/v1/tracking.js	54 kB	2024-04-24	2024-05-19
Pretty URL dumpster.cam4.com/v1/tracking.js IP 185.94.239.83 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:50:15 Last Seen2024-05-19 09:11:49 Times Seen34 Hash 905f6f2a8057ad97624ff53b1267d9c3 365fc6b46fc1682019c98525110d69c898438042 813a5b2d128aad2342a85d4cc37627879c51f64313de82d1ca6390bd319dacb9 Loading...

	dumpster.cam4.com/v2/snpl-web-vitals.js	4.7 kB	2024-02-14	2024-05-19
Pretty URL dumpster.cam4.com/v2/snpl-web-vitals.js IP 185.94.239.83 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-14 10:32:22 Last Seen2024-05-19 09:11:48 Times Seen55 Hash 896fe5a1a506ef3c5ab75c0ff8df40b4 37f66f4dd3afc021df5c1032ed6dbc53a9df6f1e ab059235d2556a3dee0d594a37effb842ee02ab4fcce3925f596e7eccc188e6b Loading...

	code.jquery.com/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-05-22
Pretty URL code.jquery.com/jquery-1.11.3.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2024-05-22 18:57:02 Times Seen11038 Hash 895323ed2f7258af4fae2c738c8aea49 276c87ff3e1e3155679c318938e74e5c1b76d809 ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Loading...

	landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup	0 B	2023-03-07	2024-05-23
Pretty URL landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup IP 99.192.248.164 ASN #27589 MOJOHOST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-23 05:06:31 Times Seen37995133 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cam4-static-test.xcdnpro.com/web/js/cam4-merged_4872de44.js	1.4 MB	2024-04-26	2024-05-11
Pretty URL cam4-static-test.xcdnpro.com/web/js/cam4-merged_4872de44.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 23:08:39 Last Seen2024-05-11 22:56:23 Times Seen6 Hash c6b65c814fb2ab1982c799ceff242e3b 7e7bbf4f9f410484a378ab9b6c98b6a17300807f e04ae76098cf94a22cf9585e4126ed87c63db37043bcfd064b9cf340c29eb553 Loading...

	dumpster.cam4.com/v2/snpl_v2.js	86 kB	2023-09-09	2024-05-19
Pretty URL dumpster.cam4.com/v2/snpl_v2.js IP 185.94.239.83 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-09 21:12:30 Last Seen2024-05-19 09:11:49 Times Seen74 Hash 0d34caadb7711e9c0e69ae2c64ffc4d7 75d6164796d256d364ff222839a4d5e75c3191b3 f027b512cb6cd71f46b35e6b7e08e2e07bb1ef3d3921e948b7c9161bbb5bcc97 Loading...

	unknown	77 B	2023-04-12	2024-05-11
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-12 11:32:25 Last Seen2024-05-11 22:56:23 Times Seen62 Hash 14133f3774bd8307a3118e617e5be44b d8059b618bc914dc9e50d845c1372334ffa8afc6 741236f37faaa2f6f2b845b29b5af49bdc0cd2addebdee2d22622bb2d6fb4bd4 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js	29 kB	2023-03-07	2024-05-23
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-23 04:15:39 Times Seen10718 Hash ba847811448ef90d98d272aeccef2a95 5814e91bb6276f4de8b7951c965f2f190a03978d 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1 Loading...

	www.googletagmanager.com/gtag/js?id=G-Y9E01LQ1PZ	309 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-Y9E01LQ1PZ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 21:22:01 Last Seen2024-05-10 21:22:01 Times Seen2 Hash 1ec2f2987885b5391d12b855af12ead7 cf18a4415d711224b0813107f4bd9d1129f7813b a95895675a2c5e51776d0e2b270ba091293367c34dfa989af88cc404eef2b218 Loading...

	cam4-static-test.xcdnpro.com/web/js/bootstrap-merged_41d3f2c3.js	168 kB	2024-02-14	2024-05-11
Pretty URL cam4-static-test.xcdnpro.com/web/js/bootstrap-merged_41d3f2c3.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-14 10:32:21 Last Seen2024-05-11 22:56:24 Times Seen26 Hash 146364c0723a486b1f4ae2f050633506 9352e57ac70ae1290143168c37189fb00d2932a5 71cc89128b4a3df550ecbc3a3c1db402d981b335d1b43e666c5abfa662d19ccd Loading...

	cam4-static-test.xcdnpro.com/web/js/cam4-vidyo-connector_6c3a4f55.js	3.9 kB	2024-02-14	2024-05-11
Pretty URL cam4-static-test.xcdnpro.com/web/js/cam4-vidyo-connector_6c3a4f55.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-14 10:32:22 Last Seen2024-05-11 22:56:23 Times Seen14 Hash 8a8ff6979ae035fbbad9c8fc9fb0b7fb 29c61903f5bf4dd68c6fff753d2e2f323b407104 9162912035ca5bbfa3e59d58ea7f6d602215f58dead98695df5f0b5196b14031 Loading...

	cam4-static-test.xcdnpro.com/web/js/cam4-ads_3badabeb.js	8.1 kB	2024-02-14	2024-05-11
Pretty URL cam4-static-test.xcdnpro.com/web/js/cam4-ads_3badabeb.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-14 10:32:22 Last Seen2024-05-11 22:56:24 Times Seen14 Hash 001ceaf457c8f9c4178e422bf53aace8 f38823569434623a17708fc37c11da4db4573f1c e1a0fac65c7c454e0ce985044cc3ce0d1c8d1fe12db630216fe3adb14de72442 Loading...

HTTP Transactions (47)

URL IP Response Size

track.cam4tracking.com/c96492fe-d824-4917-bd96-f5d127e7dcb7?campaignid=102525309&zoneid=6188250&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_campaign=acquisition_mar-27-2023&utm_source=341&var8=200850&var9=850_it_pop_st_dk_323&utm_medium=popunder&cost=0.010100&SUBID=812875702591295489

54.230.111.64

302 Found

0 B

URL User Request GET HTTP/2
track.cam4tracking.com/c96492fe-d824-4917-bd96-f5d127e7dcb7?campaignid=102525309&zoneid=6188250&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_campaign=acquisition_mar-27-2023&utm_source=341&var8=200850&var9=850_it_pop_st_dk_323&utm_medium=popunder&cost=0.010100&SUBID=812875702591295489
IP
54.230.111.64:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjecttrack.cam4tracking.com
Fingerprint79:21:B5:A7:05:67:E5:20:C4:A0:9B:99:BA:02:37:26:51:74:87:62
ValidityTue, 23 Apr 2024 00:00:00 GMT - Thu, 22 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c96492fe-d824-4917-bd96-f5d127e7dcb7?campaignid=102525309&zoneid=6188250&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_campaign=acquisition_mar-27-2023&utm_source=341&var8=200850&var9=850_it_pop_st_dk_323&utm_medium=popunder&cost=0.010100&SUBID=812875702591295489 HTTP/1.1
Host: track.cam4tracking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
location: https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
date: Fri, 10 May 2024 19:21:30 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: c96492fe-d824-4917-bd96-f5d127e7dcb7-v4=NNV_9I2Ci1SNR813XgqnT_GG4Kq1sH5Ucv1NNPwTPgc; Max-Age=86400; Expires=Sat, 11-May-2024 19:21:30 GMT; Domain=track.cam4tracking.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22wq1s2sr5nvak3r613ut412ee%22%2C%22caid%22%3A%22c96492fe-d824-4917-bd96-f5d127e7dcb7%22%7D; Max-Age=31536000; Expires=Sat, 10-May-2025 19:21:30 GMT; Domain=track.cam4tracking.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Q3f3dPfkQABcioYup_ZeF0eZEMn2KIsayhsM0o-JIyh_q4FPHJXczA==
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.11.3.min.js

151.101.2.137

200 OK

33 kB

URL GET HTTP/2
code.jquery.com/jquery-1.11.3.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32038)
Size
33 kB (33261 bytes)
Hash
895323ed2f7258af4fae2c738c8aea49
276c87ff3e1e3155679c318938e74e5c1b76d809
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

HTTP Headers

GET /jquery-1.11.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-176d5"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 10 May 2024 19:21:31 GMT
age: 20568254
x-served-by: cache-lga21975-LGA, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 117, 69510
x-timer: S1715368892.872997,VS0,VE0
vary: Accept-Encoding
content-length: 33261
X-Firefox-Spdy: h2

landers.cam4.com/video/css/en.css

99.192.248.164

200 OK

3.6 kB

URL GET HTTP/2
landers.cam4.com/video/css/en.css
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
assembler source, ASCII text
Size
3.6 kB (3597 bytes)
Hash
f63955402f846fd2269f03fa95594327
3feec4229af8bb70e8f566153fcbebf493ff52fb
e90b393ba3656b3fa7f4e73f555d9615453c1d0e83e4996d940acbc10560842f

HTTP Headers

GET /video/css/en.css HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Cookie: PHPSESSID=9dkin48lu9arh5scbk03nrqv99; cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:31 GMT
server: Apache
last-modified: Thu, 05 Oct 2023 05:16:43 GMT
etag: "e0d-606f13acde1e4"
accept-ranges: bytes
content-length: 3597
content-type: text/css
X-Firefox-Spdy: h2

landers.cam4.com/video/css/video.css

99.192.248.164

200 OK

558 B

URL GET HTTP/2
landers.cam4.com/video/css/video.css
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
HTML document, ASCII text
Size
558 B (558 bytes)
Hash
f51ec611041cd84b64318182a056bd37
ff9afb1f33fc35e76f506f412cd3a4f80d157d12
084cbc1974065f43d82288ecd7814da0420470f06567edce7ead452a645d1d92

HTTP Headers

GET /video/css/video.css HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Cookie: PHPSESSID=9dkin48lu9arh5scbk03nrqv99; cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:31 GMT
server: Apache
last-modified: Tue, 24 Oct 2023 11:42:00 GMT
etag: "22e-60874d3a826ba"
accept-ranges: bytes
content-length: 558
content-type: text/css
X-Firefox-Spdy: h2

landers.cam4.com/assets/images/logo/440x122.png

99.192.248.164

200 OK

4.6 kB

URL GET HTTP/2
landers.cam4.com/assets/images/logo/440x122.png
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
PNG image data, 440 x 122, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4610 bytes)
Hash
35342d076a55da8840c4f980e95cf88f
b065ffe23fcfdd8cde7db06c5328520090d77f33
298c4d07b0c82fb367d3ac3e3e09995ccc46f6521e906730fe3ce191f6549853

HTTP Headers

GET /assets/images/logo/440x122.png HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Cookie: PHPSESSID=9dkin48lu9arh5scbk03nrqv99; cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:31 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 22:35:02 GMT
etag: "1202-606eb9e467cef"
accept-ranges: bytes
content-length: 4610
content-type: image/png
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-Y9E01LQ1PZ

142.250.74.168

200 OK

102 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-Y9E01LQ1PZ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (102250 bytes)
Hash
1ec2f2987885b5391d12b855af12ead7
cf18a4415d711224b0813107f4bd9d1129f7813b
a95895675a2c5e51776d0e2b270ba091293367c34dfa989af88cc404eef2b218

HTTP Headers

GET /gtag/js?id=G-Y9E01LQ1PZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 19:21:32 GMT
expires: Fri, 10 May 2024 19:21:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

landers.cam4.com/video/thumbnails/fragile7883-1.jpg

99.192.248.164

200 OK

119 kB

URL GET HTTP/2
landers.cam4.com/video/thumbnails/fragile7883-1.jpg
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 950x536, components 3
Size
119 kB (118629 bytes)
Hash
3b200831d4067339c0d6f5432a7baa37
51ffae4cbee9898856d8d09e1e2e088470843396
21aa9bc5603ed65a0143304c9e94a07d1e25af3ddcc96398d12dce46a2159a32

HTTP Headers

GET /video/thumbnails/fragile7883-1.jpg HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Cookie: PHPSESSID=9dkin48lu9arh5scbk03nrqv99; cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:31 GMT
server: Apache
last-modified: Thu, 09 Jun 2022 21:06:09 GMT
etag: "1cf65-5e10a30df5769"
accept-ranges: bytes
content-length: 118629
content-type: image/jpeg
X-Firefox-Spdy: h2

landers.cam4.com/video/videos/straight/fragile7883-1.mp4

99.192.248.164

206 Partial Content

12 kB

URL GET HTTP/2
landers.cam4.com/video/videos/straight/fragile7883-1.mp4
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
data
Size
12 kB (11570 bytes)
Hash
bf89dd024a817cb9dd7e08b79f4e87d9
f343e2875c8b78c4b7f49ea6e39ce67b880804c4
ea852f4db1ca7f363ccf62b043b7d91f93b5753dfab953e792529a966c0dc597

HTTP Headers

GET /video/videos/straight/fragile7883-1.mp4 HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=3375104-
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Cookie: PHPSESSID=9dkin48lu9arh5scbk03nrqv99; cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 10 May 2024 19:21:32 GMT
server: Apache
last-modified: Thu, 09 Jun 2022 20:15:58 GMT
etag: "33ad32-5e1097d6c61a9"
accept-ranges: bytes
content-length: 11570
content-range: bytes 3375104-3386673/3386674
content-type: video/mp4
X-Firefox-Spdy: h2

landers.cam4.com/video/videos/straight/fragile7883-1.mp4

99.192.248.164

206 Partial Content

88 kB

URL GET HTTP/2
landers.cam4.com/video/videos/straight/fragile7883-1.mp4
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
88 kB (88071 bytes)
Hash
2a927604b20d3bb9aeab7159c02e2930
aa2d5ef17bfa5a944552774512833dedaa3e745e
0f843ce885955d6072d235f03229ea406084d0e8bf3050e4900e4a2fbb14d5f5

HTTP Headers

GET /video/videos/straight/fragile7883-1.mp4 HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Cookie: PHPSESSID=9dkin48lu9arh5scbk03nrqv99; cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 10 May 2024 19:21:32 GMT
server: Apache
last-modified: Thu, 09 Jun 2022 20:15:58 GMT
etag: "33ad32-5e1097d6c61a9"
accept-ranges: bytes
content-length: 3386674
content-range: bytes 0-3386673/3386674
content-type: video/mp4
X-Firefox-Spdy: h2

www.cam4.com/images/favicon.png

185.94.239.81

200

2.6 kB

URL GET HTTP/1.1
www.cam4.com/images/favicon.png
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2589 bytes)
Hash
735f225bd9c640221609aad2f5dffaed
8eb8042cfe99060bd8c9b6cec6d427d24019ed64
d8a5cda1543985b9810f2d417201e3eb367f867f3522c7dbb64bced763260bfd

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Internal Revenue Service

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: www.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Cookie: cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Fri, 10 May 2024 19:21:32 GMT
Content-Type: image/png
Content-Length: 2589
Connection: keep-alive
Set-Cookie: INGRESSCOOKIE=3ddf3437fe01330e2ad50ac10a36bfed|d6a68dccd9919960ff135dee3820d14b; Path=/; HttpOnly
JSESSIONID=DF4B884C2824FE36DA0254CC36809F1A; Path=/; Secure; HttpOnly
cam4-AH=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=cam4.com; Path=/; HttpOnly
cam4-PAY=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=cam4.com; Path=/
cache-control: max-age=432000
content-security-policy: frame-ancestors 'self' ;
accept-ranges: bytes
last-modified: Thu, 01 Jan 1970 00:00:01 GMT

www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css

185.94.239.81

200

9.6 kB

URL GET HTTP/1.1
www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JavaScript source, ASCII text, with very long lines (21875)
Size
9.6 kB (9581 bytes)
Hash
d136bb53ddf588ab9973d425a094ac15
16b3362e0983d4257ce94c7d8bc94caec1046680
a75343289c82404479043b4b180811b287030ced1495ca4022b7c56f430c2cbe

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Internal Revenue Service

HTTP Headers

GET /remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css HTTP/1.1
Host: www.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Cookie: cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Fri, 10 May 2024 19:21:34 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: INGRESSCOOKIE=b7252deaaa95d520a86b7a4d4aae5996|d6a68dccd9919960ff135dee3820d14b; Path=/; HttpOnly
JSESSIONID=5A2B94A3485F12837CB778963E237EC7; Path=/; Secure; HttpOnly
cam4-AH=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=cam4.com; Path=/; HttpOnly
cam4-PAY=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=cam4.com; Path=/
cam4-AF-params=act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css; Max-Age=2592000; Expires=Sun, 09 Jun 2024 19:21:34 GMT; Domain=cam4.com; Path=/
cam4-AF-params=remoteAction=register; Max-Age=2592000; Expires=Sun, 09 Jun 2024 19:21:34 GMT; Domain=cam4.com; Path=/
cam4-AF-params=remoteAction=register; Max-Age=2592000; Expires=Sun, 09 Jun 2024 19:21:34 GMT; Domain=cam4.com; Path=/
cam4-AF-params=remoteAction=register; Max-Age=2592000; Expires=Sun, 09 Jun 2024 19:21:34 GMT; Domain=cam4.com; Path=/
Content-Encoding: gzip

landers.cam4.com/video/videos/straight/fragile7883-1.mp4

99.192.248.164

206 Partial Content

246 kB

URL GET HTTP/2
landers.cam4.com/video/videos/straight/fragile7883-1.mp4
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
data
Size
246 kB (245688 bytes)
Hash
9654b0cea38295ca86b423856e790296
252c008b4f6fc65654eab7b2d271c8a5c5cca2e9
0e4b56c8efeb9f97a5b8f9af767419c5a084610c7650522840e2b97ecd27fd87

HTTP Headers

GET /video/videos/straight/fragile7883-1.mp4 HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=65536-
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Cookie: PHPSESSID=9dkin48lu9arh5scbk03nrqv99; cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 10 May 2024 19:21:32 GMT
server: Apache
last-modified: Thu, 09 Jun 2022 20:15:58 GMT
etag: "33ad32-5e1097d6c61a9"
accept-ranges: bytes
content-length: 3321138
content-range: bytes 65536-3386673/3386674
content-type: video/mp4
X-Firefox-Spdy: h2

dumpster.cam4.com/v1/tracking.js

185.94.239.83

200 OK

16 kB

URL GET HTTP/1.1
dumpster.cam4.com/v1/tracking.js
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JavaScript source, ASCII text, with very long lines (53875), with no line terminators
Size
16 kB (15526 bytes)
Hash
905f6f2a8057ad97624ff53b1267d9c3
365fc6b46fc1682019c98525110d69c898438042
813a5b2d128aad2342a85d4cc37627879c51f64313de82d1ca6390bd319dacb9

HTTP Headers

GET /v1/tracking.js HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Cookie: cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892; cam4-AF-params=remoteAction=register
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:21:34 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: smart-agents-ws-cookie=1715368894.477.1344.773316; Expires=Sun, 12-May-24 19:21:34 GMT; Max-Age=172800; Path=/; HttpOnly
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
nel: {"max_age":0}
cache-control: public, max-age=60
etag: W/"d273-Nl/GtG/BaCAZyYUlEQ1pyJhDgEI"
content-encoding: gzip

landers.cam4.com/video/css/form.css

99.192.248.164

200 OK

3.8 kB

URL GET HTTP/2
landers.cam4.com/video/css/form.css
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
ASCII text, with very long lines (589)
Size
3.8 kB (3792 bytes)
Hash
7357b28b8103ca99020c1f27e5c84088
6f4daf201c5db6f903db8ccf1ce9fdb78c8735c2
308fcc950dd4c48dfd3c5efafbd3624091da6e4f6e207cda998542d2239d2d4b

HTTP Headers

GET /video/css/form.css HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Cookie: PHPSESSID=9dkin48lu9arh5scbk03nrqv99; cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892; cam4-AF-params=remoteAction=register
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:34 GMT
server: Apache
last-modified: Thu, 05 Oct 2023 05:28:13 GMT
etag: "ed0-606f163e4d9d3"
accept-ranges: bytes
content-length: 3792
content-type: text/css
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/images/new_design/ajax-loader_sml.gif

64.210.135.118

200 OK

2.2 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/images/new_design/ajax-loader_sml.gif
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
GIF image data, version 89a, 56 x 21
Size
2.2 kB (2161 bytes)
Hash
d11eb3c4443b906c93dc94cf294782d1
90882e0ce9a6984b13f3cea272a71274ac7f3d52
77f0207894fe999f9ef04649f1a56d1f4d5771d51fc57f5b6b2db6ba556526af

HTTP Headers

GET /web/images/new_design/ajax-loader_sml.gif HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:35 GMT
content-type: image/gif
content-length: 2161
last-modified: Tue, 30 Jan 2024 20:50:50 GMT
etag: "20e719653-871-6102feadb1e80"
expires: Sat, 01 Jun 2024 13:01:26 GMT
cache-control: max-age=10561941
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: Origin
accept-ranges: bytes
x-cdn-diag: ams5-6139-3-6044-h-0-0---;6249-23-22641----0-0-1
X-Firefox-Spdy: h2

dumpster.cam4.com/v2/snpl_v2.js

185.94.239.83

200 OK

27 kB

URL GET HTTP/1.1
dumpster.cam4.com/v2/snpl_v2.js
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65378)
Size
27 kB (26834 bytes)
Hash
0d34caadb7711e9c0e69ae2c64ffc4d7
75d6164796d256d364ff222839a4d5e75c3191b3
f027b512cb6cd71f46b35e6b7e08e2e07bb1ef3d3921e948b7c9161bbb5bcc97

HTTP Headers

GET /v2/snpl_v2.js HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Cookie: cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892; cam4-AF-params=remoteAction=register; smart-agents-ws-cookie=1715368894.477.1344.773316
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:21:34 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=864000
etag: W/"15132-ddYWR5bSVtNk/yIoOaTV51wxkbM"
content-encoding: gzip

cam4-static-test.xcdnpro.com/web/images/loader.gif

64.210.135.118

200 OK

4.7 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/images/loader.gif
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
GIF image data, version 89a, 25 x 25
Size
4.7 kB (4716 bytes)
Hash
a2a03d86d45eaf30e24b3b0eb2a509f3
147f2e46383896ed097d28dec572e24aff074525
54ebdff8b3030f5b870ded09d7789bc798b11ab64bb743ac895d66b55b24bfa5

HTTP Headers

GET /web/images/loader.gif HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:35 GMT
content-type: image/gif
content-length: 4716
last-modified: Thu, 25 Jan 2024 12:20:22 GMT
etag: "20f3e119d-126c-60fc434140d80"
expires: Thu, 30 May 2024 01:00:13 GMT
cache-control: max-age=10759726
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: Origin
accept-ranges: bytes
x-cdn-diag: ams5-6141-1-18624-h-0-0---;6249-23-22641----0-0-2
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/images/ajax-loader.gif

64.210.135.118

200 OK

1.7 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/images/ajax-loader.gif
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
GIF image data, version 89a, 16 x 16
Size
1.7 kB (1720 bytes)
Hash
c56adf6af9aee1bb3837c6f6a06ab817
fd5ab5cef5b992f5445bef2b9ae430593480ff9f
0ce063266ba4833d228b766bf8ba6e730b611ae1006c299a6efb44a5cfa9f34d

HTTP Headers

GET /web/images/ajax-loader.gif HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:35 GMT
content-type: image/gif
content-length: 1720
last-modified: Fri, 19 Jan 2024 11:34:18 GMT
etag: "20db96c84-6b8-60f4adc488280"
expires: Thu, 23 May 2024 23:47:29 GMT
cache-control: max-age=10798931
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: Origin
accept-ranges: bytes
x-cdn-diag: ams5-6140-3-2572-h-0-0---;6249-22-22641----0-0-1
X-Firefox-Spdy: h2

dumpster.cam4.com/v2/chat/config.json

185.94.239.83

200 OK

96 B

URL GET HTTP/1.1
dumpster.cam4.com/v2/chat/config.json
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JSON text data
Size
96 B (96 bytes)
Hash
f880f4b2c5db062eda95bf308932d121
615841bf67bb2d9690a1efb3051fbf78a55ab7f7
57f8b9891a622f92b0eccc979c4bda741ea1c442feb893b7d2f729c16dc58630

HTTP Headers

GET /v2/chat/config.json HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cam4.com/
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:21:35 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 96
Connection: keep-alive
set-cookie: smart-agents-ws-cookie=1715368895.062.13133.338088; Expires=Sun, 12-May-24 19:21:35 GMT; Max-Age=172800; Path=/; HttpOnly
access-control-allow-origin: https://www.cam4.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=60
etag: W/"60-YVhBv2e7LZaQoe+zBR+/eKVat/c"

dumpster.cam4.com/me

185.94.239.83

200 OK

150 B

URL GET HTTP/1.1
dumpster.cam4.com/me
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JSON text data
Size
150 B (150 bytes)
Hash
939fe5924e865a672f4c6dd2c5db2b87
b1137d1b59feed7962b4bda5f7fb7580ae1cf545
9389aa343989bf8fa405b5df348d8e0ea89048831f2abd61a02b7ba71db94974

HTTP Headers

GET /me HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cam4.com/
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:21:35 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 150
Connection: keep-alive
set-cookie: smart-agents-ws-cookie=1715368895.068.12787.675930; Expires=Sun, 12-May-24 19:21:35 GMT; Max-Age=172800; Path=/; HttpOnly
access-control-allow-origin: https://www.cam4.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
etag: W/"96-sRN9G1n+7XlitL2l9/t1gK4c9UU"

welcome.cam4.com/graph/?

185.94.239.81

204 No Content

0 B

URL OPTIONS HTTP/1.1
welcome.cam4.com/graph/?
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /graph/? HTTP/1.1
Host: welcome.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cam4.com/
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 10 May 2024 19:21:35 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://www.cam4.com
Vary: Origin, Access-Control-Request-Headers
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Headers: content-type

dumpster.cam4.com/v2/snpl-web-vitals.js

185.94.239.83

200 OK

2.0 kB

URL GET HTTP/1.1
dumpster.cam4.com/v2/snpl-web-vitals.js
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JavaScript source, ASCII text, with very long lines (4457)
Size
2.0 kB (2035 bytes)
Hash
896fe5a1a506ef3c5ab75c0ff8df40b4
37f66f4dd3afc021df5c1032ed6dbc53a9df6f1e
ab059235d2556a3dee0d594a37effb842ee02ab4fcce3925f596e7eccc188e6b

HTTP Headers

GET /v2/snpl-web-vitals.js HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Cookie: cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892; cam4-AF-params=remoteAction=register; smart-agents-ws-cookie=1715368894.477.1344.773316; _sp_ses.dd07=*; _sp_id.dd07=0e7589c2-aece-4fcd-b17a-0aaa7b8ea00b.1715368895.1.1715368895..ab992c58-2d26-422e-8219-5b81740e81bb....0; cam4rt8=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:21:35 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=86400
etag: W/"128c-N/ZvTdOvwCHfXBAy7W28U6nfbx4"
content-encoding: gzip

dumpster.cam4.com/v2/chat/config.json

185.94.239.83

200 OK

96 B

URL GET HTTP/1.1
dumpster.cam4.com/v2/chat/config.json
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JSON text data
Size
96 B (96 bytes)
Hash
f880f4b2c5db062eda95bf308932d121
615841bf67bb2d9690a1efb3051fbf78a55ab7f7
57f8b9891a622f92b0eccc979c4bda741ea1c442feb893b7d2f729c16dc58630

HTTP Headers

GET /v2/chat/config.json HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cam4.com/
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:21:35 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 96
Connection: keep-alive
set-cookie: smart-agents-ws-cookie=1715368895.188.363.266326; Expires=Sun, 12-May-24 19:21:35 GMT; Max-Age=172800; Path=/; HttpOnly
access-control-allow-origin: https://www.cam4.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=60
etag: W/"60-YVhBv2e7LZaQoe+zBR+/eKVat/c"

welcome.cam4.com/graph/?

185.94.239.81

204 No Content

635 B

URL OPTIONS HTTP/1.1
welcome.cam4.com/graph/?
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JSON text data
Size
635 B (635 bytes)
Hash
7b189d701988d16378166047dd16c74a
5516749b5419a9af1f405ac9a5b8d774c142fb53
012d5411bcb831124ff10b89590d0f5f0501d2c5629523e1988a936521d127c9

HTTP Headers

POST /graph/? HTTP/1.1
Host: welcome.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cam4.com/
content-type: application/json
Content-Length: 136
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Cookie: cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892; cam4-AF-params=remoteAction=register
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:21:35 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://www.cam4.com
Vary: Origin
Access-Control-Allow-Credentials: true
NEL: {"report_to":"default","max_age":31536000,"include_subdomains":true,"failure_fraction":0.5,"success_fraction":0.001}
Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://collector.net-logger.com/report"}]}
ETag: W/"998-VRZ0m1QZqa8fQFrJpbjXdMFC+1M"
Content-Encoding: gzip

dumpster.cam4.com/ws/

185.94.239.83

0 B

URL
dumpster.cam4.com/ws/
IP
185.94.239.83:0
ASN
#42567 Mojohost B.v.

Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ws/ HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.cam4.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pgVv2ppEaItFqBozZ1EQqg==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892; cam4-AF-params=remoteAction=register; smart-agents-ws-cookie=1715368894.477.1344.773316; _sp_ses.dd07=*; _sp_id.dd07=0e7589c2-aece-4fcd-b17a-0aaa7b8ea00b.1715368895.1.1715368895..ab992c58-2d26-422e-8219-5b81740e81bb....0; cam4rt8=true
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Fri, 10 May 2024 19:21:35 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: 74D2z9UkZNbkWAVXhAJ/m8OqZeI=
set-cookie: SESSIONIDv2=4a71867ec9868fab2dbbab7a808fec854ccf2d57; Domain=.cam4.com; Path=/; SameSite=Lax; Secure; HttpOnly

www.cam4.com/api/directoryCams?directoryJson=true&online=true&url=true&recommendationsForUser=guest&recommendationsRoomName=&resultsPerPage=16&gender=&recommendationEnginePayload=

185.94.239.81

200

4.4 kB

URL GET HTTP/1.1
www.cam4.com/api/directoryCams?directoryJson=true&online=true&url=true&recommendationsForUser=guest&recommendationsRoomName=&resultsPerPage=16&gender=&recommendationEnginePayload=
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JSON text data
Size
4.4 kB (4423 bytes)
Hash
20242476f457bf7c6b6f36a1b60145ac
20157ad85ecda3a56a1e2684f9458d7684581896
79fefcd0e2290f2e679646827f02a68b6380d64e9958d13d837ebc076a6e758f

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Internal Revenue Service

HTTP Headers

GET /api/directoryCams?directoryJson=true&online=true&url=true&recommendationsForUser=guest&recommendationsRoomName=&resultsPerPage=16&gender=&recommendationEnginePayload= HTTP/1.1
Host: www.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Cookie: cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892; INGRESSCOOKIE=b7252deaaa95d520a86b7a4d4aae5996|d6a68dccd9919960ff135dee3820d14b; JSESSIONID=5A2B94A3485F12837CB778963E237EC7; cam4-AF-params=remoteAction=register
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Fri, 10 May 2024 19:21:38 GMT
Content-Type: application/json;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Username, Access-Hash
content-security-policy: frame-ancestors 'self' ;
Content-Encoding: gzip

www.cam4.com/rest/v1.0/options/countries?full=true

185.94.239.81

200

2.9 kB

URL GET HTTP/1.1
www.cam4.com/rest/v1.0/options/countries?full=true
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JSON text data
Size
2.9 kB (2942 bytes)
Hash
2b6586f99e5b6b0228734b04a8da30c4
8c759da64cf096269f9f49b98f53720424ca72b1
a85d8b5bd1f02c1692907d9c7359128ecb9b23b3fcde799d3e58eb7d0081c8de

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Internal Revenue Service

HTTP Headers

GET /rest/v1.0/options/countries?full=true HTTP/1.1
Host: www.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Cookie: cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892; INGRESSCOOKIE=b7252deaaa95d520a86b7a4d4aae5996|d6a68dccd9919960ff135dee3820d14b; JSESSIONID=5A2B94A3485F12837CB778963E237EC7; cam4-AF-params=remoteAction=register
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Fri, 10 May 2024 19:21:38 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
content-security-policy: frame-ancestors 'self' ;
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, x-b3-traceid, x-b3-spanid, x-b3-parentspanid, x-b3-sampled, x-b3-flags, x-zipkin-extension, x-process-id, x-span-name, x-span-export, Content-Disposition, Access-Hash, Username, Last-Cash-Out-Authorization, X-Redirect-To
access-control-allow-methods: GET, POST, PATCH , DELETE, PUT, OPTIONS, HEAD
access-control-expose-headers: totalCount
cache-control: max-age=86400
Content-Encoding: gzip

dumpster.cam4.com/v2/fp1.js

185.94.239.83

200 OK

14 kB

URL GET HTTP/1.1
dumpster.cam4.com/v2/fp1.js
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33906)
Size
14 kB (14338 bytes)
Hash
6c8689234a1c0bbbd2711ba685157ecd
a71b00334f871425ba408adc5bee9f859aa0329c
5a4ce9720e3a1bceae6e699ccba89f9f002ece6b563758092d144cdf4d0928f4

HTTP Headers

GET /v2/fp1.js HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Cookie: cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892; cam4-AF-params=remoteAction=register; smart-agents-ws-cookie=1715368894.477.1344.773316; _sp_ses.dd07=*; _sp_id.dd07=0e7589c2-aece-4fcd-b17a-0aaa7b8ea00b.1715368895.1.1715368895..ab992c58-2d26-422e-8219-5b81740e81bb....0; cam4rt8=true; ds_recsys_alloc_DS0002b=true; SESSIONIDv2=4a71867ec9868fab2dbbab7a808fec854ccf2d57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 19:21:44 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=864000
etag: W/"85bf-pxsAM0+HFCW6QIrcW+6fhZqgMpw"
content-encoding: gzip

collector.scarletwood.com/com.snowplowanalytics.snowplow/tp2

3.232.14.32

200 OK

0 B

URL POST HTTP/2
collector.scarletwood.com/com.snowplowanalytics.snowplow/tp2
IP
3.232.14.32:443
ASN
#14618 AMAZON-AES

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerAmazon
Subjectcollector.scarletwood.com
Fingerprint91:D1:88:82:A6:F0:8E:05:1A:00:10:BE:2B:DD:16:D2:07:A3:22:67
ValidityTue, 26 Sep 2023 00:00:00 GMT - Thu, 24 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: collector.scarletwood.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cam4.com/
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:45 GMT
content-length: 0
access-control-allow-origin: https://www.cam4.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 86400
server: akka-http/10.2.7
X-Firefox-Spdy: h2

collector.scarletwood.com/com.snowplowanalytics.snowplow/tp2

3.232.14.32

200 OK

2 B

URL POST HTTP/2
collector.scarletwood.com/com.snowplowanalytics.snowplow/tp2
IP
3.232.14.32:443
ASN
#14618 AMAZON-AES

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerAmazon
Subjectcollector.scarletwood.com
Fingerprint91:D1:88:82:A6:F0:8E:05:1A:00:10:BE:2B:DD:16:D2:07:A3:22:67
ValidityTue, 26 Sep 2023 00:00:00 GMT - Thu, 24 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: collector.scarletwood.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2408
Origin: https://www.cam4.com
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:45 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
set-cookie: sp=0fa3a1e8-cca4-42f0-95f2-b50bf0097908; Expires=Sat, 10 May 2025 19:21:45 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.cam4.com
access-control-allow-credentials: true
server: akka-http/10.2.7
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js

104.18.10.207

200 OK

29 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (28941)
Size
29 kB (29110 bytes)
Hash
ba847811448ef90d98d272aeccef2a95
5814e91bb6276f4de8b7951c965f2f190a03978d
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

HTTP Headers

GET /bootstrap/3.1.1/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:31 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ba847811448ef90d98d272aeccef2a95"
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 12/24/2022 09:42:47
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b3984b0a13f0eceb165a762100a626a6
cdn-cache: HIT
cf-cache-status: HIT
age: 860550
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 881c4af5ea445689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup

99.192.248.164

200 OK

4.3 kB

URL User Request GET HTTP/2
landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
IP
99.192.248.164:443
ASN
#27589 MOJOHOST

Certificate
IssuerLet's Encrypt
Subjectlanders.cam4.com
Fingerprint58:A6:4E:49:D2:79:11:78:62:5D:8C:CA:27:0A:A4:AA:FD:AC:50:50
ValidityThu, 18 Apr 2024 07:24:31 GMT - Wed, 17 Jul 2024 07:24:30 GMT

File type
HTML document, ASCII text, with very long lines (4565), with no line terminators
Size
4.3 kB (4274 bytes)
Hash
29ddc918241387eb3fffd8013a9e5ee9
7bb515ca51f37d27bbf15c0b95f6760d1ba32ace
53b1da39e8dbac952b68ccd78b800a1e8ee62b6abdfff9b4a12d3cd86c038e8d

HTTP Headers

GET /video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup HTTP/1.1
Host: landers.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:31 GMT
server: Apache
x-powered-by: PHP/7.4.15
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=9dkin48lu9arh5scbk03nrqv99; path=/
cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; expires=Sun, 09-Jun-2024 19:21:31 GMT; Max-Age=2592000; path=/; domain=.cam4.com
cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; expires=Sun, 09-Jun-2024 19:21:31 GMT; Max-Age=2592000; path=/; domain=.cam4.com
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/cam4-merged_4872de44.js

64.210.135.118

200 OK

1.4 MB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/cam4-merged_4872de44.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type

Size
1.4 MB (1442692 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web/js/cam4-merged_4872de44.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:34 GMT
content-type: application/javascript
vary: Origin
last-modified: Thu, 25 Apr 2024 11:24:34 GMT
etag: W/"21aa9870a-160384-616ea0814c080"
expires: Mon, 26 Aug 2024 01:17:02 GMT
cache-control: max-age=10501377
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6249-1-22154-h-0-0---;6249-24-22641----0-0-1
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/i18n/com_cam4/jsLang.en_GB_9971a259.js

64.210.135.118

200 OK

50 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/i18n/com_cam4/jsLang.en_GB_9971a259.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type

Size
50 kB (50225 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web/js/i18n/com_cam4/jsLang.en_GB_9971a259.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:34 GMT
content-type: application/javascript
vary: Origin
last-modified: Thu, 09 May 2024 14:21:18 GMT
etag: W/"21c402c5f-c431-6180621e83380"
expires: Tue, 10 Sep 2024 13:33:45 GMT
cache-control: max-age=10709473
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6249-2-22217-h-0-0---;6249-21-22641----0-0-2
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css

104.18.10.207

200 OK

100 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65366)
Size
100 kB (99961 bytes)
Hash
8a7442ca6bedd62cec4881040b9a9e83
e2d2b846e9ea72a1985458a3748aab4e01a8fb3a
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

HTTP Headers

GET /bootstrap/3.1.1/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:31 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"8a7442ca6bedd62cec4881040b9a9e83"
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 08/25/2022 04:46:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0b4c3834ab6989d627440285cf3fa532
cdn-cache: HIT
cf-cache-status: HIT
age: 870550
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 881c4af5ea3d5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/bootstrap-merged_41d3f2c3.js

64.210.135.118

200 OK

168 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/bootstrap-merged_41d3f2c3.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
JavaScript source, ASCII text, with very long lines (58715)
Size
168 kB (167474 bytes)
Hash
146364c0723a486b1f4ae2f050633506
9352e57ac70ae1290143168c37189fb00d2932a5
71cc89128b4a3df550ecbc3a3c1db402d981b335d1b43e666c5abfa662d19ccd

HTTP Headers

GET /web/js/bootstrap-merged_41d3f2c3.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:34 GMT
content-type: application/javascript
vary: Origin
last-modified: Fri, 29 Mar 2024 07:46:34 GMT
etag: W/"215e1db92-28e32-614c7d6bcaa80"
expires: Sat, 03 Aug 2024 13:51:05 GMT
cache-control: max-age=10774584
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7846-3-2789-h-0-0---;6249-24-22641----0-0-1
X-Firefox-Spdy: h2

www.cam4.com/images/favicon_192x192.png

185.94.239.81

200

8.0 kB

URL GET HTTP/1.1
www.cam4.com/images/favicon_192x192.png
IP
185.94.239.81:443
ASN
#42567 Mojohost B.v.

Requested by
https://landers.cam4.com/video/fragile7883-1?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&utm_keyword=102525309&utm_medium=popunder&utm_source=341&utm_campaign=acquisition_mar-27-2023&utm_content=viewer_it_frites_female_straight_leads_wifi_desktop_italian&utm_term=lander-female_nsfw_signup
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
8.0 kB (8029 bytes)
Hash
5bae50159117d9b136d1f5fa5fe6535e
361978b9edf4e9eaada77fc2618767ef0fefe2c0
04f23efc7857dbb7cf6d3dedffa83890888f3176bd3bd1093412b864f193bf74

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Internal Revenue Service

HTTP Headers

GET /images/favicon_192x192.png HTTP/1.1
Host: www.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landers.cam4.com/
Cookie: cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Fri, 10 May 2024 19:21:32 GMT
Content-Type: image/png
Content-Length: 8029
Connection: keep-alive
Set-Cookie: INGRESSCOOKIE=b8771c5df5cf765df9698d11a1cf4238|d6a68dccd9919960ff135dee3820d14b; Path=/; HttpOnly
JSESSIONID=0CA679DE460FF0BF5A543E64EA47568F; Path=/; Secure; HttpOnly
cam4-AH=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=cam4.com; Path=/; HttpOnly
cam4-PAY=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Domain=cam4.com; Path=/
cache-control: max-age=432000
content-security-policy: frame-ancestors 'self' ;
accept-ranges: bytes
last-modified: Thu, 01 Jan 1970 00:00:01 GMT

cam4-static-test.xcdnpro.com/web/js/build/bundle_dc1efe22.js

64.210.135.118

200 OK

30 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/build/bundle_dc1efe22.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
JavaScript source, ASCII text, with very long lines (18835)
Size
30 kB (29994 bytes)
Hash
f7cc42969087a295da221cf977805135
e1c8f649d4e40926ee3227a02d539e75b5682578
90ef79194d512cd95df4b2aa140468d08a44ed3a8538349b88f1692fc0854eb2

HTTP Headers

GET /web/js/build/bundle_dc1efe22.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:34 GMT
content-type: application/javascript
vary: Origin
last-modified: Thu, 25 Jan 2024 12:28:24 GMT
etag: W/"20d66b813-752a-60fc450ceca00"
expires: Tue, 28 May 2024 08:01:17 GMT
cache-control: max-age=10436311
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-3-13368-h-0-0---;6249-24-22641----0-0-0
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.css

64.210.135.118

200 OK

73 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.css
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
ASCII text, with very long lines (65378)
Size
73 kB (72903 bytes)
Hash
00dc711bd524c5bf796b3bb24ce5b43c
8ac4dbb14a86fe21784e9d25b1f8f987fe1ae510
738dd9d2c66db07508d0aab9736e88c4c0a01760c2b618e64e8a65c7b028a0b7

HTTP Headers

GET /web/js/jquery-mobile/jquery.mobile-1.2.0.min.css HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:34 GMT
content-type: text/css
vary: Origin
last-modified: Fri, 12 Apr 2024 14:02:14 GMT
etag: W/"219343489-11cc7-615e6b8010580"
expires: Tue, 13 Aug 2024 04:01:31 GMT
cache-control: max-age=10392788
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6249-1-22154-h-0-0---;6249-24-22641----0-0-0
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.js

64.210.135.118

200 OK

113 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery.mobile-1.2.0.min.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65377)
Size
113 kB (113181 bytes)
Hash
ddabc6e77acfae444e9169c8bbae550d
0aadbf40969629561f3f9a7297f58a32d240d1f4
738a09f335c53353116cbde58185f0e59167278374aa1f49d77f53cb7956820b

HTTP Headers

GET /web/js/jquery-mobile/jquery.mobile-1.2.0.min.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:34 GMT
content-type: application/javascript
vary: Origin
last-modified: Tue, 12 Dec 2023 14:26:12 GMT
etag: W/"207010982-1ba1d-60c50d5136900"
expires: Fri, 12 Apr 2024 14:31:14 GMT
cache-control: max-age=10501546
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6140-1-2439-h-0-0---;6249-24-22641----0-0-1
X-Firefox-Spdy: h2

dumpster.cam4.com/ws/

185.94.239.83

101 Switching Protocols

0 B

URL GET HTTP/1.1
dumpster.cam4.com/ws/
IP
185.94.239.83:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.cam4.com
Fingerprint4C:3A:CD:1A:77:09:B4:EB:3F:81:63:A4:A8:FA:F3:84:6C:BA:1C:84
ValidityWed, 30 Aug 2023 14:36:02 GMT - Mon, 30 Sep 2024 14:36:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ws/ HTTP/1.1
Host: dumpster.cam4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.cam4.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pgVv2ppEaItFqBozZ1EQqg==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: cam4-AF="voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323"; cam4-UTM-campaigns=%7B%22utmCampaign%22%3A%22acquisition_mar-27-2023%22%2C%22utmSource%22%3A%22341%22%2C%22utmMedium%22%3A%22popunder%22%2C%22utmTerm%22%3A%22lander-female_nsfw_signup%22%2C%22utmContent%22%3A%22viewer_it_frites_female_straight_leads_wifi_desktop_italian%22%7D; _ga_Y9E01LQ1PZ=GS1.1.1715368892.1.0.1715368892.0.0.0; _ga=GA1.1.733869612.1715368892; cam4-AF-params=remoteAction=register; smart-agents-ws-cookie=1715368894.477.1344.773316; _sp_ses.dd07=*; _sp_id.dd07=0e7589c2-aece-4fcd-b17a-0aaa7b8ea00b.1715368895.1.1715368895..ab992c58-2d26-422e-8219-5b81740e81bb....0; cam4rt8=true
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Fri, 10 May 2024 19:21:35 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: 74D2z9UkZNbkWAVXhAJ/m8OqZeI=
set-cookie: SESSIONIDv2=4a71867ec9868fab2dbbab7a808fec854ccf2d57; Domain=.cam4.com; Path=/; SameSite=Lax; Secure; HttpOnly

cam4-static-test.xcdnpro.com/web/css/VidyoClient.css

64.210.135.118

200 OK

8.6 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/css/VidyoClient.css
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
ASCII text, with very long lines (8656), with no line terminators
Size
8.6 kB (8590 bytes)
Hash
54ac943756c592c7c5bb492335cbdb93
ddabe48f54aa6ecacaa5fb6a801271584743c2ff
744949b6c1913be4c29a42700a05732b0809eb58809e5c2bb6ae221b82781a54

HTTP Headers

GET /web/css/VidyoClient.css HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:34 GMT
content-type: text/css
vary: Origin
last-modified: Tue, 30 Jan 2024 21:02:20 GMT
etag: W/"20f8d2db5-218e-6103013fbaf00"
expires: Thu, 30 May 2024 05:12:43 GMT
cache-control: max-age=10394654
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-2-13326-h-0-0---;6249-21-22641----0-0-2
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery-1.8.2.min.js

64.210.135.118

200 OK

93 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/jquery-mobile/jquery-1.8.2.min.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type

Size
93 kB (93435 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web/js/jquery-mobile/jquery-1.8.2.min.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:34 GMT
content-type: application/javascript
vary: Origin
last-modified: Tue, 30 Jan 2024 16:08:36 GMT
etag: W/"20f0e9b5e-16cfb-6102bf982c900"
expires: Mon, 03 Jun 2024 16:26:59 GMT
cache-control: max-age=10794091
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6140-1-2439-h-0-0---;6249-24-22641----0-0-0
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/checkout_e6ec4d0a.js

64.210.135.118

200 OK

63 B

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/checkout_e6ec4d0a.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
6fd6fbd1dccbab3af90464a278b7a5de
f0dbfc05c0b832ed17405e11869771964f5547df
db20d5c1803b6be54c27778ce76c68260f561960fc699af34ec25e9d44fabc1e

HTTP Headers

GET /web/js/checkout_e6ec4d0a.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:34 GMT
content-type: application/javascript
content-length: 63
last-modified: Thu, 25 Jan 2024 12:24:16 GMT
etag: "20ea2715a-3f-60fc442069c00"
expires: Tue, 28 May 2024 01:37:46 GMT
cache-control: max-age=10572461
access-control-allow-origin: *
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-3-2789-h-0-0---;6249-24-22641----0-0-2
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/cam4-ads_3badabeb.js

64.210.135.118

200 OK

8.1 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/cam4-ads_3badabeb.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
JavaScript source, ASCII text, with very long lines (8349), with no line terminators
Size
8.1 kB (8071 bytes)
Hash
b91baf9c9a3f0de96db3c88009a03184
1cf8f2234008e41d0bdc2d7d3c47410d729d0224
80f9b192d44a5dd9bcb254885052265d564376ab147d7bd69be31f7bce0da460

HTTP Headers

GET /web/js/cam4-ads_3badabeb.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:34 GMT
content-type: application/javascript
vary: Origin
last-modified: Mon, 25 Mar 2024 14:59:30 GMT
etag: W/"21760042e-1f87-6147d6ba97880"
expires: Wed, 24 Jul 2024 09:06:25 GMT
cache-control: max-age=10425807
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6141-3-18728-h-0-0---;6249-24-22641----0-0-1
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/cam4-runnable_670a275b.js

64.210.135.118

200 OK

114 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/cam4-runnable_670a275b.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type

Size
114 kB (114507 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web/js/cam4-runnable_670a275b.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:34 GMT
content-type: application/javascript
vary: Origin
last-modified: Mon, 01 Apr 2024 13:20:54 GMT
etag: W/"217f25700-1bf4b-61508dbee1980"
expires: Fri, 02 Aug 2024 12:04:19 GMT
cache-control: max-age=10472102
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-1-13266-h-0-0---;6249-24-22641----0-0-0
X-Firefox-Spdy: h2

cam4-static-test.xcdnpro.com/web/js/cam4-vidyo-connector_6c3a4f55.js

64.210.135.118

200 OK

3.9 kB

URL GET HTTP/2
cam4-static-test.xcdnpro.com/web/js/cam4-vidyo-connector_6c3a4f55.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://www.cam4.com/remote/register?act=voluum_wq1s2sr5nvak3r613ut412ee_200850:850_it_pop_st_dk_323&stylesheet=https://landers.cam4.com/video/css/form.css
Certificate
IssuerGlobalSign nv-sa
Subject*.xcdnpro.com
Fingerprint3F:70:98:C7:0B:AC:3D:4B:5A:67:77:FC:17:B6:8C:E9:07:02:B9:B7
ValidityThu, 28 Mar 2024 12:31:02 GMT - Tue, 29 Apr 2025 12:31:01 GMT

File type
JavaScript source, ASCII text, with very long lines (4067), with no line terminators
Size
3.9 kB (3922 bytes)
Hash
1fbde34b5140e7da6462ccd1045ba06d
ccdbb436f9304bf402ef65fb0135ef57cf01109a
bcc48c0bee144a0167cece6c2895fa22b637e7ee78b24e0b61a3890679db1c1d

HTTP Headers

GET /web/js/cam4-vidyo-connector_6c3a4f55.js HTTP/1.1
Host: cam4-static-test.xcdnpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cam4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 19:21:34 GMT
content-type: application/javascript
vary: Origin
last-modified: Wed, 10 Apr 2024 14:55:00 GMT
etag: W/"218b18ea2-f52-615bf39079900"
expires: Tue, 13 Aug 2024 14:29:39 GMT
cache-control: max-age=10777321
access-control-allow-origin: *
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6139-3-6044-h-0-0---;6249-21-22641----0-0-1
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML