www.cam4.com Open in urlscan Pro
217.22.17.249 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gethomeplans.com/
Effective URL:
https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc...
Submission: On March 04 via manual (March 4th 2020, 6:28:40 am UTC) from HK

Summary HTTP 52 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 23 domains to perform 52 HTTP transactions. The main IP is 217.22.17.249, located in Netherlands and belongs to MOJHOST-EU, NL. The main domain is www.cam4.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 8th 2019. Valid for: 2 years.

This is the only time www.cam4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.224.182.239 103.224.182.239	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 4	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 2	116.202.81.140 116.202.81.140	24940 (HETZNER-AS) (HETZNER-AS)
2 3	198.143.165.219 198.143.165.219	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	205.147.93.131 205.147.93.131	393676 (ZENEDGE) (ZENEDGE)
1 2	35.168.149.183 35.168.149.183	14618 (AMAZON-AES) (AMAZON-AES)
1 2	151.80.221.9 151.80.221.9	16276 (OVH) (OVH)
2	213.174.132.218 213.174.132.218	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	69.61.28.190 69.61.28.190	22653 (GLOBALCOM...) (GLOBALCOMPASS)
1 1	18.196.86.59 18.196.86.59	16509 (AMAZON-02) (AMAZON-02)
1 1	99.192.250.46 99.192.250.46	27589 (MOJOHOST) (MOJOHOST)
8	217.22.17.249 217.22.17.249	42567 (MOJHOST-EU) (MOJHOST-EU)
16	66.254.122.100 66.254.122.100	29789 (REFLECTED) (REFLECTED)
2	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:9c00:1f:5390:e140:21	16509 (AMAZON-02) (AMAZON-02)
4	54.174.78.248 54.174.78.248	14618 (AMAZON-AES) (AMAZON-AES)
1	147.75.84.91 147.75.84.91	54825 (PACKET) (PACKET)
1	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
52	18

1 103.224.182.239 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-239.above.com

gethomeplans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

bidr.trellian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.81.140 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.140.81.202.116.clients.your-server.de

secure.clicktrkservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.click2partner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.143.165.219 (Chicago, United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

click.amazingtechsavings.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.147.93.131 (United States)

ASN393676 (ZENEDGE, US)

yltenim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.168.149.183 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-149-183.compute-1.amazonaws.com

tryd.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.80.221.9 (Netherlands) 1 redirects

ASN16276 (OVH, FR)
PTR: core.royalads.net

core.royalads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.132.218 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

moviesmale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.new-young-boys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.61.28.190 (Atlanta, United States) 2 redirects

ASN22653 (GLOBALCOMPASS, US)

www.fpctraffic3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.86.59 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-86-59.eu-central-1.compute.amazonaws.com

free.liivecams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.192.250.46 (Franklin, United States) 1 redirects

ASN27589 (MOJOHOST, US)
PTR: cs1844.mojohost.com

c4tracking01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 217.22.17.249 (Netherlands)

ASN42567 (MOJHOST-EU, NL)

www.cam4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 66.254.122.100 (Amsterdam, Netherlands)

ASN29789 (REFLECTED, US)

cam4-static.xcdnpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9c00:1f:5390:e140:21 (United States)

ASN16509 (AMAZON-02, US)

d2as12kgjg8gw5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.174.78.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-78-248.compute-1.amazonaws.com

com-rypl-main.collector.snplow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	xcdnpro.com cam4-static.xcdnpro.com	2 MB
8	cam4.com www.cam4.com	30 KB
4	snplow.net com-rypl-main.collector.snplow.net	1014 B
4	trellian.com 1 redirects bidr.trellian.com	3 KB
3	amazingtechsavings.xyz 2 redirects click.amazingtechsavings.xyz	3 KB
2	googletagmanager.com www.googletagmanager.com	60 KB
2	fpctraffic3.com 2 redirects www.fpctraffic3.com	1 KB
2	royalads.net 1 redirects core.royalads.net	1 KB
2	tryd.pro tryd.pro Failed	776 B
1	google.de www.google.de	110 B
1	google.com www.google.com	151 B
1	doubleclick.net googleads.g.doubleclick.net	1 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	hotjar.com static.hotjar.com script.hotjar.com Failed vars.hotjar.com Failed	3 KB
1	cloudfront.net d2as12kgjg8gw5.cloudfront.net	25 KB
1	c4tracking01.com 1 redirects c4tracking01.com	439 B
1	liivecams.com 1 redirects free.liivecams.com	920 B
1	new-young-boys.com www.new-young-boys.com	400 B
1	moviesmale.com moviesmale.com	797 B
1	yltenim.com yltenim.com	4 KB
1	click2partner.com secure.click2partner.com	298 B
1	clicktrkservices.com 1 redirects secure.clicktrkservices.com	314 B
1	gethomeplans.com 1 redirects gethomeplans.com	1 KB
52	23

	Domain	Requested by
16	cam4-static.xcdnpro.com	www.cam4.com cam4-static.xcdnpro.com
8	www.cam4.com	cam4-static.xcdnpro.com
4	com-rypl-main.collector.snplow.net	d2as12kgjg8gw5.cloudfront.net www.cam4.com
4	bidr.trellian.com	1 redirects bidr.trellian.com
3	click.amazingtechsavings.xyz	2 redirects
2	www.googletagmanager.com	www.cam4.com www.googletagmanager.com
2	www.fpctraffic3.com	2 redirects
2	core.royalads.net	1 redirects tryd.pro
2	tryd.pro	yltenim.com
1	www.google.de
1	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	bidr.trellian.com
1	d2as12kgjg8gw5.cloudfront.net	bidr.trellian.com
1	c4tracking01.com	1 redirects
1	free.liivecams.com	1 redirects
1	www.new-young-boys.com
1	moviesmale.com	core.royalads.net
1	yltenim.com	click.amazingtechsavings.xyz
1	secure.click2partner.com	bidr.trellian.com
1	secure.clicktrkservices.com	1 redirects
1	gethomeplans.com	1 redirects
0	vars.hotjar.com Failed	static.hotjar.com
0	script.hotjar.com Failed	static.hotjar.com
52	25

This site contains links to these domains. Also see Links.

Domain
a.libertystmedia.com
www.cam4models.com
www.shafttraffic.com
www.facebook.com
cam4inside.tumblr.com
www.twitter.com
www.youtube.com
www.snapchat.com
www.reddit.com
www.google.com

Subject Issuer	Validity	Valid
secure.click2partner.com Let's Encrypt Authority X3	`2020-02-08` - `2020-05-08`	3 months	crt.sh
click.amazingtechsavings.xyz Let's Encrypt Authority X3	`2020-01-15` - `2020-04-14`	3 months	crt.sh
yltenim.com Let's Encrypt Authority X3	`2020-02-21` - `2020-05-21`	3 months	crt.sh
*.cam4.com DigiCert SHA2 Secure Server CA	`2019-07-08` - `2021-10-10`	2 years	crt.sh
*.xcdnpro.com DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-05-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.collector.snplow.net COMODO RSA Domain Validation Secure Server CA	`2017-10-06` - `2020-10-29`	3 years	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Frame ID: 582D9C4B5E0B967B1F2D0D6F53556452
Requests: 56 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 26A5BA0A90715A8AB6628AED4A8D25E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://gethomeplans.com/ HTTP 302
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB5pXizaM88ykBtiKtqcIFGO9b7xn2bN28WIUC9gyXl7zAJ... Page URL
http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzic... HTTP 302
https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=731213845&sid=20200304172... HTTP 302
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campai... Page URL
https://click.amazingtechsavings.xyz/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2... HTTP 302
https://click.amazingtechsavings.xyz/?utm_term=6800235901755589351&clickverify=1 Page URL
https://click.amazingtechsavings.xyz/proc.php?0d54c6afaf0632a0a00beb454d4a059909d45bc0 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_... Page URL
http://tryd.pro/go/216668/456926 Page URL
http://tryd.pro/ad/ad?p=216668&w=456926&t=11af0ca31dd73390&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmN... HTTP 303
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926 Page URL
http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926&ref=http%3A%2F%2Ftr... HTTP 302
http://moviesmale.com/free.shtml Page URL
http://www.new-young-boys.com/out.shtml Page URL
https://www.fpctraffic3.com/raw/click.cgi?account=antyan1975&track=A HTTP 302
http://www.fpctraffic3.com/raw/click_next.cgi?account=antyan1975 HTTP 302
https://free.liivecams.com/9cd9433a-12ba-4916-8049-93851d657994?refdomain=new-young-boys.com&ipubco=ant... HTTP 302
https://c4tracking01.com/aff/ep.php?act=voluum_wmdmv0gapturnect1iut8l06_200108:fpc_tier1_mix&prog=2&s... HTTP 302
https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=2... Page URL

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

52
Requests

75 %
HTTPS

24 %
IPv6

23
Domains

25
Subdomains

18
IPs

4
Countries

2025 kB
Transfer

7847 kB
Size

1
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://a.libertystmedia.com/loader?a=46&t=4&s=5&p=4
Title: Local Dates

Search URL Search Domain Scan URL

URL: https://a.libertystmedia.com/loader?a=85&t=4&s=5&p=4
Title: Porn Games

Search URL Search Domain Scan URL

URL: https://www.cam4models.com/
Title: Make Money as a Broadcaster

Search URL Search Domain Scan URL

URL: https://www.shafttraffic.com/
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cam4.gay

Search URL Search Domain Scan URL

URL: http://cam4inside.tumblr.com/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/cam4

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/cam4official?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/cam4snaps

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/cam4live/

Search URL Search Domain Scan URL

URL: https://www.google.com/
Title: Leave This Site

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gethomeplans.com/ HTTP 302
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB5pXizaM88ykBtiKtqcIFGO9b7xn2bN28WIUC9gyXl7zAJ6%2BJ1O3HCKhXl%2BFdqnriIDtC65f4x%2BysrGqRA3WBlWmL8NsE0V6kfzBjdjaKLxZyhSFzhXc6tjMiTXD4U8VQ5XlptvnaCHce%2BEyAWcNZGkhdseW4DvBbA%2FjkhsclC0Hqy9ks6ywDImHvLTrSJLgIN%2BSzodiZtI2byMuPUmR1Zk9XTcjRHKD3erGcBOKX%2BZVa2p%2Fun47%2FtafJMbcEFUgjV3h1snHvMJcY62gLHbHg4R0e5ONN%2Fg%2Fh5ngRbsjPuhq9XvEnJXlUZS%2Flwp05sm8QDT1tLZjwJpC2VZA%2Bi9r9tmCY%2BwIi8OnQWQzkP2ovVvp0jahnqWfeIXXlNVle7dNnlpTxPtbb5obfxErsqmVRoh5h7g4qYlyL9%2FpknRSlFMAM3CnOSDY%2F5ylX%2B199pdkDqxSPg%2FomPT%2FWK0QHDeeSn6e98%2BiPPhw%2FnQtImUo9LJFSOgVyi%2FltKAgy2WKUIUB2rdowkiB04IEWzHRhF5x8XVTSVfWNKTK5aq5%2FIe1gz6Lh%2FTBi68zJe8%2FiN6ZCHpI3QChmM87%2BpeOi3fddc8tSN8xK4QGAzuOpVXLBQBPTJjQKQMx5WE4A5acFLeRFHPxyQgOzAMaSVGBcG3IWzp%2FAg%2B4JVGyKtifn%2Fz0Uo655wPMWE9vsWd0ihoKOMy5Lfa2S4zYYLFgaWzIp3HsSzpikCOGeYes0P0pMy1FZ34PJ%2FoPvLr1LnQQwX%2BEq6UZwV3Tina5TcmYSD12P%2F3mI7F2iMzViZUoQAbyw%3D%3D Page URL
http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzicrucf3l6lfp558m%26cpv%3D0.005%26subid%3D731213845%26sid%3D2020030417282031b30ee04eb311970c&s=j HTTP 302
https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=731213845&sid=2020030417282031b30ee04eb311970c HTTP 302
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=0c97fir1516j6818&url_bnm_redirect=https://click.amazingtechsavings.xyz/ Page URL
https://click.amazingtechsavings.xyz/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=0c97fir1516j6818 HTTP 302
https://click.amazingtechsavings.xyz/?utm_term=6800235901755589351&clickverify=1 Page URL
https://click.amazingtechsavings.xyz/proc.php?0d54c6afaf0632a0a00beb454d4a059909d45bc0 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6800235901755589351&ext1=240 Page URL
http://tryd.pro/go/216668/456926 Page URL
http://tryd.pro/ad/ad?p=216668&w=456926&t=11af0ca31dd73390&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmNvbSUyRg==&vw=1600&vh=1200 HTTP 303
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926 Page URL
http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926&ref=http%3A%2F%2Ftryd.pro%2Fgo%2F216668%2F456926&scrw=1600&scrh=1200&nlc=rtpT607O5nV4Wwzr&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
http://moviesmale.com/free.shtml Page URL
http://www.new-young-boys.com/out.shtml Page URL
https://www.fpctraffic3.com/raw/click.cgi?account=antyan1975&track=A HTTP 302
http://www.fpctraffic3.com/raw/click_next.cgi?account=antyan1975 HTTP 302
https://free.liivecams.com/9cd9433a-12ba-4916-8049-93851d657994?refdomain=new-young-boys.com&ipubco=antyan1975&var8=200108&var9=fpc_tier1_mix HTTP 302
https://c4tracking01.com/aff/ep.php?act=voluum_wmdmv0gapturnect1iut8l06_200108:fpc_tier1_mix&prog=2&site=90&skin=c4&t=c&c=female&nd=1&s1=wmdmv0gapturnect1iut8l06 HTTP 302
https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gethomeplans.com/ HTTP 302
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB5pXizaM88ykBtiKtqcIFGO9b7xn2bN28WIUC9gyXl7zAJ6%2BJ1O3HCKhXl%2BFdqnriIDtC65f4x%2BysrGqRA3WBlWmL8NsE0V6kfzBjdjaKLxZyhSFzhXc6tjMiTXD4U8VQ5XlptvnaCHce%2BEyAWcNZGkhdseW4DvBbA%2FjkhsclC0Hqy9ks6ywDImHvLTrSJLgIN%2BSzodiZtI2byMuPUmR1Zk9XTcjRHKD3erGcBOKX%2BZVa2p%2Fun47%2FtafJMbcEFUgjV3h1snHvMJcY62gLHbHg4R0e5ONN%2Fg%2Fh5ngRbsjPuhq9XvEnJXlUZS%2Flwp05sm8QDT1tLZjwJpC2VZA%2Bi9r9tmCY%2BwIi8OnQWQzkP2ovVvp0jahnqWfeIXXlNVle7dNnlpTxPtbb5obfxErsqmVRoh5h7g4qYlyL9%2FpknRSlFMAM3CnOSDY%2F5ylX%2B199pdkDqxSPg%2FomPT%2FWK0QHDeeSn6e98%2BiPPhw%2FnQtImUo9LJFSOgVyi%2FltKAgy2WKUIUB2rdowkiB04IEWzHRhF5x8XVTSVfWNKTK5aq5%2FIe1gz6Lh%2FTBi68zJe8%2FiN6ZCHpI3QChmM87%2BpeOi3fddc8tSN8xK4QGAzuOpVXLBQBPTJjQKQMx5WE4A5acFLeRFHPxyQgOzAMaSVGBcG3IWzp%2FAg%2B4JVGyKtifn%2Fz0Uo655wPMWE9vsWd0ihoKOMy5Lfa2S4zYYLFgaWzIp3HsSzpikCOGeYes0P0pMy1FZ34PJ%2FoPvLr1LnQQwX%2BEq6UZwV3Tina5TcmYSD12P%2F3mI7F2iMzViZUoQAbyw%3D%3D

Request Chain 3

http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzicrucf3l6lfp558m%26cpv%3D0.005%26subid%3D731213845%26sid%3D2020030417282031b30ee04eb311970c&s=j HTTP 302
https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=731213845&sid=2020030417282031b30ee04eb311970c HTTP 302
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=0c97fir1516j6818&url_bnm_redirect=https://click.amazingtechsavings.xyz/

Request Chain 4

https://click.amazingtechsavings.xyz/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=0c97fir1516j6818 HTTP 302
https://click.amazingtechsavings.xyz/?utm_term=6800235901755589351&clickverify=1

Request Chain 5

https://click.amazingtechsavings.xyz/proc.php?0d54c6afaf0632a0a00beb454d4a059909d45bc0 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6800235901755589351&ext1=240

Request Chain 8

http://tryd.pro/ad/ad?p=216668&w=456926&t=11af0ca31dd73390&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmNvbSUyRg==&vw=1600&vh=1200 HTTP 303
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926

Request Chain 9

http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926&ref=http%3A%2F%2Ftryd.pro%2Fgo%2F216668%2F456926&scrw=1600&scrh=1200&nlc=rtpT607O5nV4Wwzr&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
http://moviesmale.com/free.shtml

52 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set r2.php Show response
bidr.trellian.com/
Redirect Chain

http://gethomeplans.com/
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB5pXizaM88ykBtiKtqcIFGO9b7xn2bN28WIUC9gyXl7zAJ6%2BJ1O3HCKhXl%2BFdqnriIDtC65f4x%2BysrGqRA3WBlWmL8NsE0V6kfzBjdjaKLxZyhSFzhXc6tjMiTXD4U8VQ5Xlptvn...

2 KB
2 KB

315ms
301ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB5pXizaM88ykBtiKtqcIFGO9b7xn2bN28WIUC9gyXl7zAJ6%2BJ1O3HCKhXl%2BFdqnriIDtC65f4x%2BysrGqRA3WBlWmL8NsE0V6kfzBjdjaKLxZyhSFzhXc6tjMiTXD4U8VQ5XlptvnaCHce%2BEyAWcNZGkhdseW4DvBbA%2FjkhsclC0Hqy9ks6ywDImHvLTrSJLgIN%2BSzodiZtI2byMuPUmR1Zk9XTcjRHKD3erGcBOKX%2BZVa2p%2Fun47%2FtafJMbcEFUgjV3h1snHvMJcY62gLHbHg4R0e5ONN%2Fg%2Fh5ngRbsjPuhq9XvEnJXlUZS%2Flwp05sm8QDT1tLZjwJpC2VZA%2Bi9r9tmCY%2BwIi8OnQWQzkP2ovVvp0jahnqWfeIXXlNVle7dNnlpTxPtbb5obfxErsqmVRoh5h7g4qYlyL9%2FpknRSlFMAM3CnOSDY%2F5ylX%2B199pdkDqxSPg%2FomPT%2FWK0QHDeeSn6e98%2BiPPhw%2FnQtImUo9LJFSOgVyi%2FltKAgy2WKUIUB2rdowkiB04IEWzHRhF5x8XVTSVfWNKTK5aq5%2FIe1gz6Lh%2FTBi68zJe8%2FiN6ZCHpI3QChmM87%2BpeOi3fddc8tSN8xK4QGAzuOpVXLBQBPTJjQKQMx5WE4A5acFLeRFHPxyQgOzAMaSVGBcG3IWzp%2FAg%2B4JVGyKtifn%2Fz0Uo655wPMWE9vsWd0ihoKOMy5Lfa2S4zYYLFgaWzIp3HsSzpikCOGeYes0P0pMy1FZ34PJ%2FoPvLr1LnQQwX%2BEq6UZwV3Tina5TcmYSD12P%2F3mI7F2iMzViZUoQAbyw%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 43ccd9dd7073a32e399c251e713f601781b689f069310d8a34249533058a6d2f

Request headers

Host: bidr.trellian.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 06:28:21 GMT
Server: Apache/2.4.25 (Debian)
Set-Cookie: __dsnsid=2020030417282031b30ee04eb311970c; expires=Thu, 04-Mar-2021 06:28:21 GMT; Max-Age=31536000; path=/; domain=bidr.trellian.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1236
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 04 Mar 2020 06:28:20 GMT
Server: Apache/2.4.25 (Debian)
Set-Cookie: __tad=1583303300.8426673; expires=Sat, 02-Mar-2030 06:28:20 GMT; Max-Age=315360000
Location: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB5pXizaM88ykBtiKtqcIFGO9b7xn2bN28WIUC9gyXl7zAJ6%2BJ1O3HCKhXl%2BFdqnriIDtC65f4x%2BysrGqRA3WBlWmL8NsE0V6kfzBjdjaKLxZyhSFzhXc6tjMiTXD4U8VQ5XlptvnaCHce%2BEyAWcNZGkhdseW4DvBbA%2FjkhsclC0Hqy9ks6ywDImHvLTrSJLgIN%2BSzodiZtI2byMuPUmR1Zk9XTcjRHKD3erGcBOKX%2BZVa2p%2Fun47%2FtafJMbcEFUgjV3h1snHvMJcY62gLHbHg4R0e5ONN%2Fg%2Fh5ngRbsjPuhq9XvEnJXlUZS%2Flwp05sm8QDT1tLZjwJpC2VZA%2Bi9r9tmCY%2BwIi8OnQWQzkP2ovVvp0jahnqWfeIXXlNVle7dNnlpTxPtbb5obfxErsqmVRoh5h7g4qYlyL9%2FpknRSlFMAM3CnOSDY%2F5ylX%2B199pdkDqxSPg%2FomPT%2FWK0QHDeeSn6e98%2BiPPhw%2FnQtImUo9LJFSOgVyi%2FltKAgy2WKUIUB2rdowkiB04IEWzHRhF5x8XVTSVfWNKTK5aq5%2FIe1gz6Lh%2FTBi68zJe8%2FiN6ZCHpI3QChmM87%2BpeOi3fddc8tSN8xK4QGAzuOpVXLBQBPTJjQKQMx5WE4A5acFLeRFHPxyQgOzAMaSVGBcG3IWzp%2FAg%2B4JVGyKtifn%2Fz0Uo655wPMWE9vsWd0ihoKOMy5Lfa2S4zYYLFgaWzIp3HsSzpikCOGeYes0P0pMy1FZ34PJ%2FoPvLr1LnQQwX%2BEq6UZwV3Tina5TcmYSD12P%2F3mI7F2iMzViZUoQAbyw%3D%3D
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jscheck.js Show response
bidr.trellian.com/javascript/ 858 B
701 B 312ms
298ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://bidr.trellian.com/javascript/jscheck.js
Requested by: Host: bidr.trellian.com
URL: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB5pXizaM88ykBtiKtqcIFGO9b7xn2bN28WIUC9gyXl7zAJ6%2BJ1O3HCKhXl%2BFdqnriIDtC65f4x%2BysrGqRA3WBlWmL8NsE0V6kfzBjdjaKLxZyhSFzhXc6tjMiTXD4U8VQ5XlptvnaCHce%2BEyAWcNZGkhdseW4DvBbA%2FjkhsclC0Hqy9ks6ywDImHvLTrSJLgIN%2BSzodiZtI2byMuPUmR1Zk9XTcjRHKD3erGcBOKX%2BZVa2p%2Fun47%2FtafJMbcEFUgjV3h1snHvMJcY62gLHbHg4R0e5ONN%2Fg%2Fh5ngRbsjPuhq9XvEnJXlUZS%2Flwp05sm8QDT1tLZjwJpC2VZA%2Bi9r9tmCY%2BwIi8OnQWQzkP2ovVvp0jahnqWfeIXXlNVle7dNnlpTxPtbb5obfxErsqmVRoh5h7g4qYlyL9%2FpknRSlFMAM3CnOSDY%2F5ylX%2B199pdkDqxSPg%2FomPT%2FWK0QHDeeSn6e98%2BiPPhw%2FnQtImUo9LJFSOgVyi%2FltKAgy2WKUIUB2rdowkiB04IEWzHRhF5x8XVTSVfWNKTK5aq5%2FIe1gz6Lh%2FTBi68zJe8%2FiN6ZCHpI3QChmM87%2BpeOi3fddc8tSN8xK4QGAzuOpVXLBQBPTJjQKQMx5WE4A5acFLeRFHPxyQgOzAMaSVGBcG3IWzp%2FAg%2B4JVGyKtifn%2Fz0Uo655wPMWE9vsWd0ihoKOMy5Lfa2S4zYYLFgaWzIp3HsSzpikCOGeYes0P0pMy1FZ34PJ%2FoPvLr1LnQQwX%2BEq6UZwV3Tina5TcmYSD12P%2F3mI7F2iMzViZUoQAbyw%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 0766f527fcf931c99f93825401ea5d39f6cfe63b56bfd1050f9d1689a8266ab4

Request headers

Referer: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB5pXizaM88ykBtiKtqcIFGO9b7xn2bN28WIUC9gyXl7zAJ6%2BJ1O3HCKhXl%2BFdqnriIDtC65f4x%2BysrGqRA3WBlWmL8NsE0V6kfzBjdjaKLxZyhSFzhXc6tjMiTXD4U8VQ5XlptvnaCHce%2BEyAWcNZGkhdseW4DvBbA%2FjkhsclC0Hqy9ks6ywDImHvLTrSJLgIN%2BSzodiZtI2byMuPUmR1Zk9XTcjRHKD3erGcBOKX%2BZVa2p%2Fun47%2FtafJMbcEFUgjV3h1snHvMJcY62gLHbHg4R0e5ONN%2Fg%2Fh5ngRbsjPuhq9XvEnJXlUZS%2Flwp05sm8QDT1tLZjwJpC2VZA%2Bi9r9tmCY%2BwIi8OnQWQzkP2ovVvp0jahnqWfeIXXlNVle7dNnlpTxPtbb5obfxErsqmVRoh5h7g4qYlyL9%2FpknRSlFMAM3CnOSDY%2F5ylX%2B199pdkDqxSPg%2FomPT%2FWK0QHDeeSn6e98%2BiPPhw%2FnQtImUo9LJFSOgVyi%2FltKAgy2WKUIUB2rdowkiB04IEWzHRhF5x8XVTSVfWNKTK5aq5%2FIe1gz6Lh%2FTBi68zJe8%2FiN6ZCHpI3QChmM87%2BpeOi3fddc8tSN8xK4QGAzuOpVXLBQBPTJjQKQMx5WE4A5acFLeRFHPxyQgOzAMaSVGBcG3IWzp%2FAg%2B4JVGyKtifn%2Fz0Uo655wPMWE9vsWd0ihoKOMy5Lfa2S4zYYLFgaWzIp3HsSzpikCOGeYes0P0pMy1FZ34PJ%2FoPvLr1LnQQwX%2BEq6UZwV3Tina5TcmYSD12P%2F3mI7F2iMzViZUoQAbyw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 06:28:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 05:31:22 GMT
Server: Apache/2.4.25 (Debian)
ETag: "35a-57ce09ffa182b-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 388

GET
H/1.1 200
OK jscheck.php
bidr.trellian.com/ 0
166 B 322ms
308ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://bidr.trellian.com/jscheck.php?enc=cF8L0S4UvzZFbF2sJTBoT9bcK4M9e5uDK0iGxET9TeR3BzvPDyKuhzTsjAhLOzknmgYgcisqeLFxFAUKN%2BeS7nK%2FwC0Ug773dhZRf3HynhKcNaE9OCEjpcmyJ9Cue1rw83z0muBPXRQHT3NMDHoDn06RT1JTuQqwcbvGmqB7G7udwOFWukKq8sxf4yqkfG2KyL70F9pVz7ngqYpCsOCtZLCYa43KLuM9Zs3PI6n3rsUl0b6RTRQ%2BCHhKHrfFriTiJ0dCCne2SuJ%2FvV5%2FzvLv5nnEpIs65xn7K8Dq6SGlVmwry3bKc47Iq4Vl5x4DID8Va1k7NeZO4f8%2ByNJfd5CG1tYFt%2B9Ir8PCEjEqG2bFb9MwdJ7iNl37fgHjF%2BxpqZxckO37RNDv8eGwa04NojlD0c2eXVd2ovwColBHNP7flns7tNEU8%2FLQpLWcHWdcC78B%2FInEjOC3SUbkmyTLa49jF5S1MhEfwNRKGSOJix%2FU8CPL%2FvS9nnZj5Yhv1vOlKNYFp6mI3RbfgmeCA5va4s%2Bcs03ZsjwhlcKSv98J8JLkvUDhbDS%2B3ROXRUjTvSKrDizzMmlfGPOyn177elCd4S0RQr1U6EjQA0UtVw%2BTNKEDXYFkzSCogRKNL%2BjL%2FsPZzDhRKIlkNZqN6%2FpsYCMPsFmUIUBVTtvUkUayEcmG6iI60%2BSSxvA1RkE9c2CCY90ytPGJE3mdxuYiTRUh7IKQd8kXML1oxK4c2bSdJMUSVtbi8sSNyi5mft%2BL6EkcUNq3tRlmQTq%2Bss3T0q4VjKt3g08quPbkJMjO6c5i66Q3IHyCCC512gTNB%2BpCT0xdw9oqfjQ1B1WBzgnBRIk3Iq9jDTO6PVXWLVh1QpOyNKmWKkR5TvJwtIbF60%2BFSuoWC0cgD662KVWTdFcC6eZ0ECgxoNoe6TrtPJZIIVNglFdgPAKTj%2FYwj6c62Fig80w1rV2rQP8nrNFGc9tvy0w%3D&rand=0.8656601288006143
Requested by: Host: bidr.trellian.com
URL: http://bidr.trellian.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Referer: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB5pXizaM88ykBtiKtqcIFGO9b7xn2bN28WIUC9gyXl7zAJ6%2BJ1O3HCKhXl%2BFdqnriIDtC65f4x%2BysrGqRA3WBlWmL8NsE0V6kfzBjdjaKLxZyhSFzhXc6tjMiTXD4U8VQ5XlptvnaCHce%2BEyAWcNZGkhdseW4DvBbA%2FjkhsclC0Hqy9ks6ywDImHvLTrSJLgIN%2BSzodiZtI2byMuPUmR1Zk9XTcjRHKD3erGcBOKX%2BZVa2p%2Fun47%2FtafJMbcEFUgjV3h1snHvMJcY62gLHbHg4R0e5ONN%2Fg%2Fh5ngRbsjPuhq9XvEnJXlUZS%2Flwp05sm8QDT1tLZjwJpC2VZA%2Bi9r9tmCY%2BwIi8OnQWQzkP2ovVvp0jahnqWfeIXXlNVle7dNnlpTxPtbb5obfxErsqmVRoh5h7g4qYlyL9%2FpknRSlFMAM3CnOSDY%2F5ylX%2B199pdkDqxSPg%2FomPT%2FWK0QHDeeSn6e98%2BiPPhw%2FnQtImUo9LJFSOgVyi%2FltKAgy2WKUIUB2rdowkiB04IEWzHRhF5x8XVTSVfWNKTK5aq5%2FIe1gz6Lh%2FTBi68zJe8%2FiN6ZCHpI3QChmM87%2BpeOi3fddc8tSN8xK4QGAzuOpVXLBQBPTJjQKQMx5WE4A5acFLeRFHPxyQgOzAMaSVGBcG3IWzp%2FAg%2B4JVGyKtifn%2Fz0Uo655wPMWE9vsWd0ihoKOMy5Lfa2S4zYYLFgaWzIp3HsSzpikCOGeYes0P0pMy1FZ34PJ%2FoPvLr1LnQQwX%2BEq6UZwV3Tina5TcmYSD12P%2F3mI7F2iMzViZUoQAbyw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 06:28:21 GMT
Server: Apache/2.4.25 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

index.php
secure.click2partner.com/nlp/
Redirect Chain

http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzicrucf3l6lfp558m%26cpv%3D0.005%26subid%3D731213845%26sid%3D2020030417282031b30ee04eb311970c&s=j
https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=731213845&sid=2020030417282031b30ee04eb311970c
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=0c97fir1516j6818&url_bnm_redirect=https://click.amazingtechsavings.xyz/

179 B
298 B

124ms
28ms

Document
text/html

116.202.81.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=0c97fir1516j6818&url_bnm_redirect=https://click.amazingtechsavings.xyz/

Requested by

Host: bidr.trellian.com
URL: http://bidr.trellian.com/javascript/jscheck.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

116.202.81.140 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.140.81.202.116.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: secure.click2partner.com
:scheme: https
:path: /nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=0c97fir1516j6818&url_bnm_redirect=https://click.amazingtechsavings.xyz/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB5pXizaM88ykBtiKtqcIFGO9b7xn2bN28WIUC9gyXl7zAJ6%2BJ1O3HCKhXl%2BFdqnriIDtC65f4x%2BysrGqRA3WBlWmL8NsE0V6kfzBjdjaKLxZyhSFzhXc6tjMiTXD4U8VQ5XlptvnaCHce%2BEyAWcNZGkhdseW4DvBbA%2FjkhsclC0Hqy9ks6ywDImHvLTrSJLgIN%2BSzodiZtI2byMuPUmR1Zk9XTcjRHKD3erGcBOKX%2BZVa2p%2Fun47%2FtafJMbcEFUgjV3h1snHvMJcY62gLHbHg4R0e5ONN%2Fg%2Fh5ngRbsjPuhq9XvEnJXlUZS%2Flwp05sm8QDT1tLZjwJpC2VZA%2Bi9r9tmCY%2BwIi8OnQWQzkP2ovVvp0jahnqWfeIXXlNVle7dNnlpTxPtbb5obfxErsqmVRoh5h7g4qYlyL9%2FpknRSlFMAM3CnOSDY%2F5ylX%2B199pdkDqxSPg%2FomPT%2FWK0QHDeeSn6e98%2BiPPhw%2FnQtImUo9LJFSOgVyi%2FltKAgy2WKUIUB2rdowkiB04IEWzHRhF5x8XVTSVfWNKTK5aq5%2FIe1gz6Lh%2FTBi68zJe8%2FiN6ZCHpI3QChmM87%2BpeOi3fddc8tSN8xK4QGAzuOpVXLBQBPTJjQKQMx5WE4A5acFLeRFHPxyQgOzAMaSVGBcG3IWzp%2FAg%2B4JVGyKtifn%2Fz0Uo655wPMWE9vsWd0ihoKOMy5Lfa2S4zYYLFgaWzIp3HsSzpikCOGeYes0P0pMy1FZ34PJ%2FoPvLr1LnQQwX%2BEq6UZwV3Tina5TcmYSD12P%2F3mI7F2iMzViZUoQAbyw%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB5pXizaM88ykBtiKtqcIFGO9b7xn2bN28WIUC9gyXl7zAJ6%2BJ1O3HCKhXl%2BFdqnriIDtC65f4x%2BysrGqRA3WBlWmL8NsE0V6kfzBjdjaKLxZyhSFzhXc6tjMiTXD4U8VQ5XlptvnaCHce%2BEyAWcNZGkhdseW4DvBbA%2FjkhsclC0Hqy9ks6ywDImHvLTrSJLgIN%2BSzodiZtI2byMuPUmR1Zk9XTcjRHKD3erGcBOKX%2BZVa2p%2Fun47%2FtafJMbcEFUgjV3h1snHvMJcY62gLHbHg4R0e5ONN%2Fg%2Fh5ngRbsjPuhq9XvEnJXlUZS%2Flwp05sm8QDT1tLZjwJpC2VZA%2Bi9r9tmCY%2BwIi8OnQWQzkP2ovVvp0jahnqWfeIXXlNVle7dNnlpTxPtbb5obfxErsqmVRoh5h7g4qYlyL9%2FpknRSlFMAM3CnOSDY%2F5ylX%2B199pdkDqxSPg%2FomPT%2FWK0QHDeeSn6e98%2BiPPhw%2FnQtImUo9LJFSOgVyi%2FltKAgy2WKUIUB2rdowkiB04IEWzHRhF5x8XVTSVfWNKTK5aq5%2FIe1gz6Lh%2FTBi68zJe8%2FiN6ZCHpI3QChmM87%2BpeOi3fddc8tSN8xK4QGAzuOpVXLBQBPTJjQKQMx5WE4A5acFLeRFHPxyQgOzAMaSVGBcG3IWzp%2FAg%2B4JVGyKtifn%2Fz0Uo655wPMWE9vsWd0ihoKOMy5Lfa2S4zYYLFgaWzIp3HsSzpikCOGeYes0P0pMy1FZ34PJ%2FoPvLr1LnQQwX%2BEq6UZwV3Tina5TcmYSD12P%2F3mI7F2iMzViZUoQAbyw%3D%3D

Response headers

status: 200
server: nginx/1.16.1
date: Wed, 04 Mar 2020 06:28:22 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-encoding: gzip

Redirect headers

status: 302
server: nginx/1.16.1
date: Wed, 04 Mar 2020 06:28:22 GMT
content-type: text/html; charset=UTF-8
location: https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=0c97fir1516j6818&url_bnm_redirect=https://click.amazingtechsavings.xyz/
set-cookie: uclick=ir1516j6; expires=Thu, 05-Mar-2020 06:28:22 GMT; Max-Age=86400; path=/
strict-transport-security: max-age=31536000

GET
H2

200

/ Show response
click.amazingtechsavings.xyz/
Redirect Chain

https://click.amazingtechsavings.xyz/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=0c97fir1516j6818
https://click.amazingtechsavings.xyz/?utm_term=6800235901755589351&clickverify=1

5 KB
2 KB

131ms
131ms

Document
text/html

198.143.165.219
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://click.amazingtechsavings.xyz/?utm_term=6800235901755589351&clickverify=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

d36c62178317dc9d690262da2020816b29bb357ac8b27404c5be52efa3d44dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: click.amazingtechsavings.xyz
:scheme: https
:path: /?utm_term=6800235901755589351&clickverify=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=0c97fir1516j6818&url_bnm_redirect=https://click.amazingtechsavings.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: u=ab2ca611448957660d40aabf477aa255
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=0c97fir1516j6818&url_bnm_redirect=https://click.amazingtechsavings.xyz/

Response headers

status: 200
server: nginx
date: Wed, 04 Mar 2020 06:28:23 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Wed, 04 Mar 2020 06:28:23 GMT
content-type: text/html; charset=UTF-8
location: https://click.amazingtechsavings.xyz/?utm_term=6800235901755589351&clickverify=1
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=ab2ca611448957660d40aabf477aa255; expires=Thu, 04-Mar-2021 06:28:22 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2

200

JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m Show response
yltenim.com/nh4ea/ciqM/fC6c/
Redirect Chain

https://click.amazingtechsavings.xyz/proc.php?0d54c6afaf0632a0a00beb454d4a059909d45bc0
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6800235901755589351&ext1=240

4 KB
4 KB

122ms
59ms

Document
text/html

205.147.93.131
ZENEDGE

General

Check archive.org

Show headers Download Go to

Full URL

https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6800235901755589351&ext1=240

Requested by

Host: click.amazingtechsavings.xyz
URL: https://click.amazingtechsavings.xyz/?utm_term=6800235901755589351&clickverify=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

1ac784b1a0e83170fd9bbaac208fb1d675e78955f0cc51203f53c738a4ca8dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: yltenim.com
:scheme: https
:path: /nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6800235901755589351&ext1=240
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://click.amazingtechsavings.xyz/?utm_term=6800235901755589351&clickverify=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://click.amazingtechsavings.xyz/?utm_term=6800235901755589351&clickverify=1#

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Wed, 04 Mar 2020 06:28:23 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 06a5f858f217d50f6795985e115098b233a03a92
set-cookie: TR7A3jMiISYwstsFmTB2nnIHQbldWUy4oIejVz55dlg%3D=ecbc36a12a4bf069ed4e560a645ccb17_1583303303.4142; domain=yltenim.com; path=/; expires=Sat, 02-Mar-2030 06:28:23 UTC; Secure b5lq9eygwZllzl4luI4VBgQgNE5fCh5dQrQRotUx370%3D=1583303303.4169; domain=yltenim.com; path=/; expires=Sat, 02-Mar-2030 06:28:23 UTC; Secure vHgNpuORtFmyejMz%2Fu4SCq%2BJuUygP9Fo7yvtcHxZqjM%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3YTI5ZkhGdkVkZjBDeTQyQTI3T1V3Z3JYQXhCQnJPUlc2Vm95eWxtZEw0dg%3D%3D; domain=yltenim.com; path=/; expires=Sat, 02-Mar-2030 06:28:23 UTC; Secure ecbc36a12a4bf069ed4e560a645ccb17_1583303303.4142_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRk16dTk4N0RFa01kQm1wZFpQK1JZRjdEU091Mlkwak9MbHhUK2x6NU0rZUFKYnNlUU8rUWpSV0tsdVNNUDNZVkFkcVZLc2h2TTRGd0c3enJnSFNOZWM4UlhLeE9TZy9KdVRMM2E1ZUxMbDB2OGNETnFuc3RORDRuenZJWDZka2JER1FHWnhsc1pYVXNzTm1DNnBSdHJCQk5VSkZLZmlJMHpMOXc4ZXpLNzgvYTdTQ0ZHdjJNZTB6TTRSMlBrQzJvT3VBL3JUcWRyTVovN3NjcXdRb1p0ZnZUaXByZU9vYmdnMXJrc1hhUXNrdk5XUmcrUWRRLzVKVDI1K256ZmVkZ2d1YS8ra1dpc09YU3QrUTR1SWowRHN0VHJFNlEyRUh3M2VtdUp5T05iZVMrdmdFbE1ZdVNwTGdkVkhjdzUyV2VKd284Y2NCSzlNUHF3bzdEWnF4aDJ3YlFKS1NRQUxEaWw4ME9lYWpZY2tGM2JyK2pLSXpiRU5hV2Rqc1FvZ0tJb2R2S2wxdlhKcGt1dmJEaEdHd2VkMWtIWWtteHBnb1g5RGozTFFGM3RMOW90VVJxSDQwRDdkYms1THNuL2pjT3U4UVFpMDdRWjV1SVBNQVcwb3F2a1g2OFd2RDBVeEYxait0YU1tYXFGMktyT0dVWFdFNVZjWklmT0Iyb0JMYlBicy8wcUlOeWN6RVAwank2c09ZRkhTSlAvbUtSdWJwcnJGd2JvY3ZEWktCeFhleUJRRnJQbWF2cXZ5S05BQUd1M2pLR2ZqMzF6TU56QzJqSndTbkxQdmRLSWgzNHcwNXI1aG5TSkpiMVNmd2wyNzJFcVhzMVd5MVMvQnhZOXJ6NDVDb2FVeCt2NG04enlDK0ZkT3djNGRSRmYwalg1bkhhclZvNzF2MFYvaWRpUllZVk51YlVpSVo3K1dsTzRwVUdFNGJadld1NjdvL0diQnJKeW1paXZRRDNtYU92TWNtbm4rRjdYL21DTCt5dEE5L3MrMlgxTGEvWnJmMEVlZCt1TUFiK2dubU1YSUNiS1lNMHZGTG8xQ0JxajlnWStKOHhDVlMvSm1SbUp3U0VEcE9vbkVsOC9GbyszOVI4WkhQRnFPb0x0NWo5ZklqK0gzT2R5MndVTFVaS3NhRzVoSHp1RWVRVCtpNHlJTzJLUVcrcmpBZDJyOTE0SzBhSEhEdmhwWTRiaWZueFVMMk9UcWduSEZ1ZzdralhkOFVoS09jOXdFQU9zSE9CQ043UA%3D%3D; domain=yltenim.com; path=/; expires=Sat, 02-Mar-2030 06:28:23 UTC; Secure f%2BNxABd9BuS%2BD6mZ%2FBtNNoR%2BezmypWHgySeOvF3EM0s%3D=WGRjb0ZDL0dWaDhuZHcvZStKaW84QUw0Z3hzNjljVTFhN1hxSC9OZ20wVFVGdTJlNURTRzFWNk91azlNY2I3MWNxWWZKZ3I3RGxDMDNmR2s1NkZlRVdEY21RL0Z0ZllaZUFRRjBGM1NJdzA9; domain=yltenim.com; path=/; expires=Wed, 04-Mar-2020 07:33:23 UTC; Secure SERVERID=sfc4; path=/
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx
date: Wed, 04 Mar 2020 06:28:23 GMT
content-type: text/html; charset=UTF-8
location: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6800235901755589351&ext1=240
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET 456926
tryd.pro/go/216668/ 0
0

GET
H/1.1 200
OK 456926 Show response
tryd.pro/go/216668/ 466 B
517 B 205ms
191ms Document
text/html 35.168.149.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://tryd.pro/go/216668/456926
Requested by: Host: yltenim.com
URL: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6800235901755589351&ext1=240
Protocol: HTTP/1.1
Server: 35.168.149.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-149-183.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b8bb5256015c0be17de74c2e8ede9d8c7ec727f37007fa8a194d94103b7f6215

Request headers

Host: tryd.pro
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: https://yltenim.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://yltenim.com/

Response headers

Date: Wed, 04 Mar 2020 06:28:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1

200
OK

Cookie set /
core.royalads.net/click/
Redirect Chain

http://tryd.pro/ad/ad?p=216668&w=456926&t=11af0ca31dd73390&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmNvbSUyRg==&vw=1600&vh=1200
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926

950 B
870 B

60ms
45ms

Document
text/html

151.80.221.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926
Requested by: Host: tryd.pro
URL: http://tryd.pro/go/216668/456926
Protocol: HTTP/1.1
Server: 151.80.221.9 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS: core.royalads.net
Software: nginx /
Resource Hash

Request headers

Host: core.royalads.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://tryd.pro/go/216668/456926
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://tryd.pro/go/216668/456926

Response headers

Server: nginx
Date: Wed, 04 Mar 2020 06:28:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Set-Cookie: cflag=430;Domain=core.royalads.net;Path=/
Content-Encoding: gzip

Redirect headers

Date: Wed, 04 Mar 2020 06:28:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 115
Connection: keep-alive
Server: nginx
Location: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926

GET
H/1.1

200
OK

free.shtml Show response
moviesmale.com/
Redirect Chain

http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926&ref=http%3A%2F%2Ftryd.pro%2Fgo%2F216668%2F456926&scrw=1600&scrh=1200&nlc=rtpT607O5nV4Wwzr&ven=&ver=&p=falsexundefin...
http://moviesmale.com/free.shtml

2 KB
797 B

213ms
198ms

Document
text/html

213.174.132.218
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://moviesmale.com/free.shtml
Requested by: Host: core.royalads.net
URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926
Protocol: HTTP/1.1
Server: 213.174.132.218 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 397f5a59082ec878bcfeb41a8aa440a87d7cb412ac7d2f99153fe884440917e2

Request headers

Host: moviesmale.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://core.royalads.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926

Response headers

Server: nginx/1.8.0
Date: Wed, 04 Mar 2020 06:28:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 04 Mar 2020 06:28:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-cookie: hash=76a8b8a9-e0ef-4ee2-b52c-ced8b2431b90; expires=Thu, 05-Mar-2020 06:28:24 GMT; path=/; version=1.0
Location: http://moviesmale.com/free.shtml
Cache-Control: no-cache

GET
H/1.1 200
OK out.shtml
www.new-young-boys.com/ 211 B
400 B 250ms
236ms Document
text/html 213.174.132.218
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.new-young-boys.com/out.shtml
Protocol: HTTP/1.1
Server: 213.174.132.218 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash

Request headers

Host: www.new-young-boys.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://moviesmale.com/free.shtml
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://moviesmale.com/free.shtml

Response headers

Server: nginx/1.8.0
Date: Wed, 04 Mar 2020 06:28:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1

200
OK

Primary Request

Cookie set female Show response
www.cam4.com/
Redirect Chain

https://www.fpctraffic3.com/raw/click.cgi?account=antyan1975&track=A
http://www.fpctraffic3.com/raw/click_next.cgi?account=antyan1975
https://free.liivecams.com/9cd9433a-12ba-4916-8049-93851d657994?refdomain=new-young-boys.com&ipubco=antyan1975&var8=200108&var9=fpc_tier1_mix
https://c4tracking01.com/aff/ep.php?act=voluum_wmdmv0gapturnect1iut8l06_200108:fpc_tier1_mix&prog=2&site=90&skin=c4&t=c&c=female&nd=1&s1=wmdmv0gapturnect1iut8l06
https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new...

12 KB
5 KB

272ms
87ms

Document
text/html

217.22.17.249
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.22.17.249 , Netherlands, ASN42567 (MOJHOST-EU, NL),

Reverse DNS

Software

nginx /

Resource Hash

f03f61a6ff46d9f41e0d14981b3fc83f65e967f78fb69180aa5eb2619482c016

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Host: www.cam4.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://www.new-young-boys.com/out.shtml
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: http://www.new-young-boys.com/out.shtml

Response headers

Server: nginx
Date: Wed, 04 Mar 2020 06:28:28 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=web15-ams~69EAE23E48E2016AFE3EC2CF1C82C8EF; Path=/; Secure; HttpOnly cam4-AH=""; Domain=cam4.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; HttpOnly UAF=""; Domain=cam4.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ cam4-PAY=""; Domain=cam4.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ cam4-AF=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix; Domain=.cam4.com; Expires=Fri, 03-Apr-2020 06:28:28 GMT; Path=/
Content-Security-Policy: frame-ancestors 'self';
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Sun, 03 Mar 2019 09:00:11 EST
Content-Encoding: gzip
Vary: Accept-Encoding

Redirect headers

Server: nginx
Date: Wed, 04 Mar 2020 06:28:27 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/5.6.35
Location: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true

GET
H2 200 vendors~application.app-7e01c6a08c2fe8375064.css
cam4-static.xcdnpro.com/web/v2/app/css/ 444 KB
109 KB 383ms
68ms Stylesheet
text/css 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/css/vendors~application.app-7e01c6a08c2fe8375064.css
Requested by: Host: www.cam4.com
URL: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: d7b93097e258592bc07909f8aae1992d8ddd9619bc18178971e55ed178c6a12b

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 06:28:28 GMT
content-encoding: gzip
last-modified: Mon, 02 Mar 2020 13:46:03 GMT
access-control-allow-origin: *
etag: 6c3d7a30a1d164e5137ec54ae93b405d
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
status: 200
x-timestamp: 1583156762.54830
cache-control: public, max-age=2630000
x-cdn-diag: fra1-11014-2-8263-h-0-0---;11028-46-38025----0-0-0
x-trans-id: txac752a8f9c1547f3b5419-005e5d0eebiad3
expires: Thu, 02 Apr 2020 00:22:51 GMT

GET
H2 200 vendors~application-733f4f0fb8cc299601d3.js Show response
cam4-static.xcdnpro.com/web/v2/app/js/ 5 MB
1 MB 403ms
86ms Script
application/javascript 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/js/vendors~application-733f4f0fb8cc299601d3.js
Requested by: Host: www.cam4.com
URL: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: ffe3980b1a2277dfe31aad4f00057ed224b377454d0c76a58c2d6ac211367ae2

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:28:28 GMT
content-encoding: gzip
last-modified: Tue, 03 Mar 2020 13:12:05 GMT
access-control-allow-origin: *
etag: 62723993f08e737b548251b7be6785ed
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript
status: 200
x-timestamp: 1583241124.35854
cache-control: public, max-age=2629968
x-cdn-diag: fra1-11014-3-8309-h-0-0---;11028-46-38025----0-0-0
x-trans-id: tx7c7a49a4daf44f9eb4146-005e5e5823iad3
expires: Thu, 02 Apr 2020 23:46:59 GMT

GET
H2 200 runtime-fb312b14cf0968ad9f45.js Show response
cam4-static.xcdnpro.com/web/v2/app/js/ 7 KB
4 KB 402ms
85ms Script
application/javascript 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/js/runtime-fb312b14cf0968ad9f45.js
Requested by: Host: www.cam4.com
URL: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: db4a8534763082ecb9bdde97f3f73831bf3e4430d3ee77984781bbbbd5df5519

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:28:28 GMT
content-encoding: gzip
status: 200
content-length: 3730
x-trans-id: tx2ca77f6372b1484ea22e2-005e5e3fb7iad3
last-modified: Tue, 03 Mar 2020 11:27:53 GMT
etag: 2cd3a3a9231d8b9e657178e4131a7c31
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-timestamp: 1583234872.72101
cache-control: public, max-age=2629994
x-cdn-diag: fra1-11037-3-46148-h-0-0---;11028-46-38025----0-0-0
accept-ranges: bytes
expires: Thu, 02 Apr 2020 22:03:13 GMT

GET
H2 200 application-e30a0aadad148317e4c1.js Show response
cam4-static.xcdnpro.com/web/v2/app/js/ 172 B
577 B 404ms
88ms Script
application/javascript 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/js/application-e30a0aadad148317e4c1.js
Requested by: Host: www.cam4.com
URL: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 4e565202cb3b773655cdb7cd1887f9a6296a52b9053ff092dafaf47b4ddaf59f

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:28:28 GMT
content-encoding: gzip
status: 200
content-length: 152
x-trans-id: tx18137794479d4d6789006-005e3c3750iad3
last-modified: Thu, 06 Feb 2020 11:54:01 GMT
etag: f0be59013321e73b9057a0dbd9766912
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-timestamp: 1580990040.46060
cache-control: public, max-age=2304104
x-cdn-diag: fra1-11028-2-37618-h-0-0---;11028-46-38025----0-0-0
accept-ranges: bytes
expires: Sun, 08 Mar 2020 02:30:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 148 KB
32 KB 401ms
87ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53Q9NQ

Requested by

Host: www.cam4.com
URL: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e5d0be153c91c52f95a9ebeab9858609477e5b687a7ab9c68f124d5b22cc65b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:28:29 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 32373
x-xss-protection: 0
last-modified: Wed, 04 Mar 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Mar 2020 06:28:29 GMT

GET
H2 200 GpfChJrg3DMi44LjA.js Show response
d2as12kgjg8gw5.cloudfront.net/ 72 KB
25 KB 208ms
7ms Script
application/javascript 2600:9000:2156:9c00:1f:5390:e140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2as12kgjg8gw5.cloudfront.net/GpfChJrg3DMi44LjA.js
Requested by: Host: bidr.trellian.com
URL: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB5pXizaM88ykBtiKtqcIFGO9b7xn2bN28WIUC9gyXl7zAJ6%2BJ1O3HCKhXl%2BFdqnriIDtC65f4x%2BysrGqRA3WBlWmL8NsE0V6kfzBjdjaKLxZyhSFzhXc6tjMiTXD4U8VQ5XlptvnaCHce%2BEyAWcNZGkhdseW4DvBbA%2FjkhsclC0Hqy9ks6ywDImHvLTrSJLgIN%2BSzodiZtI2byMuPUmR1Zk9XTcjRHKD3erGcBOKX%2BZVa2p%2Fun47%2FtafJMbcEFUgjV3h1snHvMJcY62gLHbHg4R0e5ONN%2Fg%2Fh5ngRbsjPuhq9XvEnJXlUZS%2Flwp05sm8QDT1tLZjwJpC2VZA%2Bi9r9tmCY%2BwIi8OnQWQzkP2ovVvp0jahnqWfeIXXlNVle7dNnlpTxPtbb5obfxErsqmVRoh5h7g4qYlyL9%2FpknRSlFMAM3CnOSDY%2F5ylX%2B199pdkDqxSPg%2FomPT%2FWK0QHDeeSn6e98%2BiPPhw%2FnQtImUo9LJFSOgVyi%2FltKAgy2WKUIUB2rdowkiB04IEWzHRhF5x8XVTSVfWNKTK5aq5%2FIe1gz6Lh%2FTBi68zJe8%2FiN6ZCHpI3QChmM87%2BpeOi3fddc8tSN8xK4QGAzuOpVXLBQBPTJjQKQMx5WE4A5acFLeRFHPxyQgOzAMaSVGBcG3IWzp%2FAg%2B4JVGyKtifn%2Fz0Uo655wPMWE9vsWd0ihoKOMy5Lfa2S4zYYLFgaWzIp3HsSzpikCOGeYes0P0pMy1FZ34PJ%2FoPvLr1LnQQwX%2BEq6UZwV3Tina5TcmYSD12P%2F3mI7F2iMzViZUoQAbyw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:9c00:1f:5390:e140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 365698b03900c1b1dfa9ce782e9953af6465d0ef441c423bbb2e3030e03db7fc

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Jun 2019 00:52:21 GMT
content-encoding: gzip
last-modified: Thu, 29 Jun 2017 15:28:26 GMT
server: AmazonS3
age: 22829770
etag: "f77631eb75223d8174f01ac490ca936b"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 25553
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-id: 0g49ZycJ5CQKNF7xn2VfF2ijIxoVvny_QExMA8qK-h-kilQ924Lrrg==

OPTIONS
H2 200 tp2 Show response
com-rypl-main.collector.snplow.net/com.snowplowanalytics.snowplow/ 0
182 B 1006ms
100ms XHR
text/plain 54.174.78.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://com-rypl-main.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d2as12kgjg8gw5.cloudfront.net
URL: https://d2as12kgjg8gw5.cloudfront.net/GpfChJrg3DMi44LjA.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.78.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-78-248.compute-1.amazonaws.com
Software: akka-http/10.1.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.cam4.com
Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Wed, 04 Mar 2020 06:28:31 GMT
server: akka-http/10.1.10
access-control-allow-origin: https://www.cam4.com
access-control-max-age: 5
status: 200
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1 200
OK user Show response
www.cam4.com/rest/v1.0/login/ 3 KB
3 KB 98ms
90ms XHR
application/json 217.22.17.249
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cam4.com/rest/v1.0/login/user

Requested by

Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/vendors~application-733f4f0fb8cc299601d3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.22.17.249 , Netherlands, ASN42567 (MOJHOST-EU, NL),

Reverse DNS

Software

nginx /

Resource Hash

1bbebdc8423ced3addf6607763a61a884f701426f0271d6317653a58a58e76f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Mar 2020 06:28:32 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: totalCount
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors 'self';
Connection: keep-alive
Access-Control-Allow-Headers: origin, content-type, accept, authorization, x-b3-traceid, x-b3-spanid, x-b3-parentspanid, x-b3-sampled, x-b3-flags, x-zipkin-extension, x-process-id, x-span-name, x-span-export

OPTIONS
H2 200 i18n-ffd116b31992480fda3ad991cfa611e2f7e2bbbd670a1934a0809a99667369e0.json Show response
cam4-static.xcdnpro.com/web/v2/app/i18n/com.cam4/ 0
214 B 1121ms
24ms XHR
text/plain 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/i18n/com.cam4/i18n-ffd116b31992480fda3ad991cfa611e2f7e2bbbd670a1934a0809a99667369e0.json
Requested by: Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/vendors~application-733f4f0fb8cc299601d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://www.cam4.com
Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

status: 200
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: Origin, Content-Type, Authorization, Instance, Range
allow: OPTIONS, GET, HEAD
access-control-allow-methods: GET, HEAD, OPTIONS

POST
H2 200 tp2 Show response
com-rypl-main.collector.snplow.net/com.snowplowanalytics.snowplow/ 2 B
325 B 319ms
104ms XHR
text/plain 54.174.78.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://com-rypl-main.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: www.cam4.com
URL: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.78.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-78-248.compute-1.amazonaws.com
Software: akka-http/10.1.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Origin: https://www.cam4.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 04 Mar 2020 06:28:33 GMT
server: akka-http/10.1.10
status: 200
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.cam4.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
content-length: 2

GET
H2 200 hotjar-41393.js Show response
static.hotjar.com/c/ 5 KB
3 KB 1246ms
73ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-41393.js?sv=4

Requested by

Host: bidr.trellian.com
URL: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yB5pXizaM88ykBtiKtqcIFGO9b7xn2bN28WIUC9gyXl7zAJ6%2BJ1O3HCKhXl%2BFdqnriIDtC65f4x%2BysrGqRA3WBlWmL8NsE0V6kfzBjdjaKLxZyhSFzhXc6tjMiTXD4U8VQ5XlptvnaCHce%2BEyAWcNZGkhdseW4DvBbA%2FjkhsclC0Hqy9ks6ywDImHvLTrSJLgIN%2BSzodiZtI2byMuPUmR1Zk9XTcjRHKD3erGcBOKX%2BZVa2p%2Fun47%2FtafJMbcEFUgjV3h1snHvMJcY62gLHbHg4R0e5ONN%2Fg%2Fh5ngRbsjPuhq9XvEnJXlUZS%2Flwp05sm8QDT1tLZjwJpC2VZA%2Bi9r9tmCY%2BwIi8OnQWQzkP2ovVvp0jahnqWfeIXXlNVle7dNnlpTxPtbb5obfxErsqmVRoh5h7g4qYlyL9%2FpknRSlFMAM3CnOSDY%2F5ylX%2B199pdkDqxSPg%2FomPT%2FWK0QHDeeSn6e98%2BiPPhw%2FnQtImUo9LJFSOgVyi%2FltKAgy2WKUIUB2rdowkiB04IEWzHRhF5x8XVTSVfWNKTK5aq5%2FIe1gz6Lh%2FTBi68zJe8%2FiN6ZCHpI3QChmM87%2BpeOi3fddc8tSN8xK4QGAzuOpVXLBQBPTJjQKQMx5WE4A5acFLeRFHPxyQgOzAMaSVGBcG3IWzp%2FAg%2B4JVGyKtifn%2Fz0Uo655wPMWE9vsWd0ihoKOMy5Lfa2S4zYYLFgaWzIp3HsSzpikCOGeYes0P0pMy1FZ34PJ%2FoPvLr1LnQQwX%2BEq6UZwV3Tina5TcmYSD12P%2F3mI7F2iMzViZUoQAbyw%3D%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Resource Hash

27b3ea989fa09fa1fa21144306045e1af10b78e0682add241a43a03e88faf9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 32
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 2381
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/e76c05ce94964ad83b6a03a493c31627
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.076
accept-ranges: bytes
section-io-id: 6f66631dfd7ecb4d90ac2e46eb3cc845
section-origin-responded: true

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 57ms
53ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-827148136

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53Q9NQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb51c75d04da68f250d7c4378c6870631657e5b008b09829450d3854315b6ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:28:32 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28631
x-xss-protection: 0
last-modified: Wed, 04 Mar 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Mar 2020 06:28:32 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 95ms
87ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-827148136

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 9478280665056484852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Mar 2020 06:28:33 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/827148136/ 3 KB
1 KB 25ms
17ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827148136/?random=1583303313160&cv=9&fst=1583303313160&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cam4.com%2Ffemale%3Fact%3Dvoluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix%26utm_source%3D200108%26utm_medium%3Dfpc_tier1_mix%26utm_content%3Dcam4bucks%26utm_campaign%3Dcam4%26utm_term%3Dhttp%253A%252F%252Fwww.new-young-boys.com%252Fout.shtml%26displayConfirm%3Dtrue&ref=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&tiba=CAM4&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1de591c31fc2236f674223908de937688e4b3022b14e5c43b1e266fbc828413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 06:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1164
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 tp2 Show response
com-rypl-main.collector.snplow.net/com.snowplowanalytics.snowplow/ 0
182 B 105ms
103ms XHR
text/plain 54.174.78.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://com-rypl-main.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d2as12kgjg8gw5.cloudfront.net
URL: https://d2as12kgjg8gw5.cloudfront.net/GpfChJrg3DMi44LjA.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.78.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-78-248.compute-1.amazonaws.com
Software: akka-http/10.1.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.cam4.com
Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Wed, 04 Mar 2020 06:28:33 GMT
server: akka-http/10.1.10
access-control-allow-origin: https://www.cam4.com
access-control-max-age: 5
status: 200
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/827148136/ 42 B
151 B 26ms
25ms Image
image/gif 2a00:1450:4001:825::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/827148136/?random=1583303313160&cv=9&fst=1583301600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cam4.com%2Ffemale%3Fact%3Dvoluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix%26utm_source%3D200108%26utm_medium%3Dfpc_tier1_mix%26utm_content%3Dcam4bucks%26utm_campaign%3Dcam4%26utm_term%3Dhttp%253A%252F%252Fwww.new-young-boys.com%252Fout.shtml%26displayConfirm%3Dtrue&ref=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&tiba=CAM4&async=1&fmt=3&is_vtc=1&random=2756768399&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 06:28:33 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/827148136/ 42 B
110 B 28ms
27ms Image
image/gif 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/827148136/?random=1583303313160&cv=9&fst=1583301600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cam4.com%2Ffemale%3Fact%3Dvoluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix%26utm_source%3D200108%26utm_medium%3Dfpc_tier1_mix%26utm_content%3Dcam4bucks%26utm_campaign%3Dcam4%26utm_term%3Dhttp%253A%252F%252Fwww.new-young-boys.com%252Fout.shtml%26displayConfirm%3Dtrue&ref=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&tiba=CAM4&async=1&fmt=3&is_vtc=1&random=2756768399&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 06:28:33 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tp2 Show response
com-rypl-main.collector.snplow.net/com.snowplowanalytics.snowplow/ 2 B
325 B 107ms
107ms XHR
text/plain 54.174.78.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://com-rypl-main.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.78.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-78-248.compute-1.amazonaws.com
Software: akka-http/10.1.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Origin: https://www.cam4.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 04 Mar 2020 06:28:33 GMT
server: akka-http/10.1.10
status: 200
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.cam4.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
content-length: 2

GET
H2 200 i18n-ffd116b31992480fda3ad991cfa611e2f7e2bbbd670a1934a0809a99667369e0.json Show response
cam4-static.xcdnpro.com/web/v2/app/i18n/com.cam4/ 1 MB
378 KB 25ms
24ms XHR
application/json 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/i18n/com.cam4/i18n-ffd116b31992480fda3ad991cfa611e2f7e2bbbd670a1934a0809a99667369e0.json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: ffd116b31992480fda3ad991cfa611e2f7e2bbbd670a1934a0809a99667369e0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Origin: https://www.cam4.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 04 Mar 2020 06:28:33 GMT
content-encoding: gzip
last-modified: Tue, 03 Mar 2020 16:59:42 GMT
status: 200
etag: f632c9c73028b9a535dcf32d7e3530b1
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.cam4.com
x-timestamp: 1583254781.36055
cache-control: public, max-age=2629999
x-cdn-diag: fra1-11014-2-8264-h-0-0---;11037-13-39867----0-0-0
x-trans-id: tx3b300432f19648c8914c6-005e5e8d2aiad3
expires: Fri, 03 Apr 2020 03:33:46 GMT

GET
H2 200 28.app-6f544207e8c94a63a157.css
cam4-static.xcdnpro.com/web/v2/app/css/ 4 KB
2 KB 83ms
78ms Stylesheet
text/css 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/css/28.app-6f544207e8c94a63a157.css
Requested by: Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/runtime-fb312b14cf0968ad9f45.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 87371c8d7837eb7a254c07674863314f24d285dc49214c41d4d4080f90c219bb

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 06:28:33 GMT
content-encoding: gzip
status: 200
content-length: 1328
x-trans-id: tx1b085526dac6473ba9e6c-005e4d0757iad3
last-modified: Wed, 19 Feb 2020 09:56:22 GMT
etag: e5a50bf5e110c4f2d4efc57a17c06b3b
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-timestamp: 1582106181.94539
cache-control: public, max-age=2630000
x-cdn-diag: fra1-11014-1-8196-h-0-0---;11028-10-38025----0-0-1
accept-ranges: bytes
expires: Fri, 20 Mar 2020 20:34:15 GMT

GET
H2 200 28-889c73824b255f52474c.js Show response
cam4-static.xcdnpro.com/web/v2/app/js/ 26 KB
7 KB 79ms
78ms Script
application/javascript 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/js/28-889c73824b255f52474c.js
Requested by: Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/runtime-fb312b14cf0968ad9f45.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 0ff21416cd6c2e6fa69ffcc3dd07bbfcc26191f91aacd66e9e2ffef4c43bdb25

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:28:33 GMT
content-encoding: gzip
status: 200
content-length: 6609
x-trans-id: tx8d44e802f746455cb2b78-005e57db8eiad3
last-modified: Thu, 27 Feb 2020 15:06:01 GMT
etag: 6ace275b07ce654947d0c6619b7d6ce6
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-timestamp: 1582815960.78593
cache-control: public, max-age=2629983
x-cdn-diag: fra1-11014-1-8193-h-0-0---;11028-10-38025----0-0-0
accept-ranges: bytes
expires: Sun, 29 Mar 2020 01:42:05 GMT

GET
H/1.1 200
OK filters Show response
www.cam4.com/rest/v1.0/directory/ 11 KB
4 KB 78ms
75ms XHR
application/json 217.22.17.249
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cam4.com/rest/v1.0/directory/filters

Requested by

Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/vendors~application-733f4f0fb8cc299601d3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.22.17.249 , Netherlands, ASN42567 (MOJHOST-EU, NL),

Reverse DNS

Software

nginx /

Resource Hash

3fa407de9962c41b4fdc953371433c25a0f6235928fa56606f65288ed822e3d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 06:28:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: totalCount
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors 'self';
Connection: keep-alive
Access-Control-Allow-Headers: origin, content-type, accept, authorization, x-b3-traceid, x-b3-spanid, x-b3-parentspanid, x-b3-sampled, x-b3-flags, x-zipkin-extension, x-process-id, x-span-name, x-span-export

GET
H2 200 7.app-92f901efa7c3c49902f0.css
cam4-static.xcdnpro.com/web/v2/app/css/ 5 KB
2 KB 75ms
74ms Stylesheet
text/css 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/css/7.app-92f901efa7c3c49902f0.css
Requested by: Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/runtime-fb312b14cf0968ad9f45.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: cb025c1b13208698e382ae75da7e7b7e3b0be0c479cc37a6895bbc03829faab3

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 06:28:34 GMT
content-encoding: gzip
status: 200
content-length: 1477
x-trans-id: txae9ac991a4914ddd929d9-005e4d0757iad3
last-modified: Wed, 19 Feb 2020 09:56:05 GMT
etag: 5df7dc77aae262981299aaea110672d4
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-timestamp: 1582106164.21518
cache-control: public, max-age=2630000
x-cdn-diag: fra1-11037-2-46111-h-0-0---;11028-10-38025----0-0-0
accept-ranges: bytes
expires: Fri, 20 Mar 2020 20:34:15 GMT

GET
H2 200 7-3f93325e6de56b53c305.js Show response
cam4-static.xcdnpro.com/web/v2/app/js/ 5 KB
2 KB 75ms
75ms Script
application/javascript 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/js/7-3f93325e6de56b53c305.js
Requested by: Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/runtime-fb312b14cf0968ad9f45.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 99851dd448da12ba1089ca0eb0ca37bd8e6c667d2f44a9c049aedceca1b14ea0

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:28:34 GMT
content-encoding: gzip
status: 200
content-length: 1873
x-trans-id: txbf3271c060db4d75bb7fb-005e57db8fiad3
last-modified: Thu, 27 Feb 2020 15:05:37 GMT
etag: 17afa68b1a591a282ea0b30a985f14f5
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-timestamp: 1582815936.17605
cache-control: public, max-age=2630000
x-cdn-diag: fra1-11037-1-46045-h-0-0---;11028-10-38025----0-0-0
accept-ranges: bytes
expires: Sun, 29 Mar 2020 01:42:23 GMT

GET
H2 200 59-01d324b64ce286116d8b.js Show response
cam4-static.xcdnpro.com/web/v2/app/js/ 4 KB
2 KB 73ms
72ms Script
application/javascript 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/js/59-01d324b64ce286116d8b.js
Requested by: Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/runtime-fb312b14cf0968ad9f45.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 41553904228bbbf87b1d7439f0f82097253415f067ca728169d26ae7a624347a

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:28:34 GMT
content-encoding: gzip
status: 200
content-length: 1961
x-trans-id: tx43ed427d187e4345b6784-005e4ffa45iad3
last-modified: Fri, 21 Feb 2020 15:37:48 GMT
etag: 4dcb579618952f2623aef6b5032cffbf
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-timestamp: 1582299467.58358
cache-control: public, max-age=2630000
x-cdn-diag: fra1-11028-3-37663-h-0-0---;11028-10-38025----0-0-0
accept-ranges: bytes
expires: Mon, 23 Mar 2020 02:15:17 GMT

GET
H2 200 61-f5afc0253024d6756b54.js Show response
cam4-static.xcdnpro.com/web/v2/app/js/ 2 KB
1 KB 70ms
69ms Script
application/javascript 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/js/61-f5afc0253024d6756b54.js
Requested by: Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/runtime-fb312b14cf0968ad9f45.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 4328235fa707ef20a8812b8efbc241a3e0de748ffdf908aa28a78dccc4534ba0

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:28:34 GMT
content-encoding: gzip
status: 200
content-length: 824
x-trans-id: tx98f4427415a44282a91ac-005e58d2a8iad3
last-modified: Thu, 27 Feb 2020 20:22:33 GMT
etag: 245784a8269fa7613894e6448760a391
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-timestamp: 1582834952.84103
cache-control: public, max-age=2630000
x-cdn-diag: fra1-11014-2-8264-h-0-0---;11028-10-38025----0-0-0
accept-ranges: bytes
expires: Sun, 29 Mar 2020 19:16:40 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a7256f6b53a380bee135a23dcb30dd0aa048c20c8e94ca3f6c86b106be7d816

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb9edc442aa5152643c98147d7d7afcfd42f2a12ea402078e6af8bd43dafaa50

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b5e87da27508fb982cb6dec82da7e664ad18614262ff32e2b7603a7cbc11a75

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET modules.e483a7fd5848d79df4ee.js
script.hotjar.com/ 0
0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52eaa13b48346341ec571af145ab4ee24a990b3b9b0373845c0fe52da8c633b7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK directoryCounts Show response
www.cam4.com/ 21 B
541 B 64ms
63ms XHR
text/json 217.22.17.249
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cam4.com/directoryCounts?directoryJson=true&online=true&url=true&page=1&orderBy=VIDEO_QUALITY&resultsPerPage=60

Requested by

Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/vendors~application-733f4f0fb8cc299601d3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.22.17.249 , Netherlands, ASN42567 (MOJHOST-EU, NL),

Reverse DNS

Software

nginx /

Resource Hash

3e5c8342cd46ab17edc0e39771dbbd7cc2d4b274e71416d2f5ccb5fbf01757f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Origin: https://www.cam4.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 06:28:34 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
Content-Type: text/json;charset=utf-8
Access-Control-Allow-Origin: https://www.cam4.com
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors 'self';
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length: 21

POST
H/1.1 200
OK directoryCounts Show response
www.cam4.com/ 20 B
540 B 84ms
83ms XHR
text/json 217.22.17.249
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cam4.com/directoryCounts?directoryJson=true&online=true&url=true&gender=female&broadcastType=female_group&broadcastType=solo&broadcastType=male_female_group&page=1&orderBy=VIDEO_QUALITY&resultsPerPage=60

Requested by

Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/vendors~application-733f4f0fb8cc299601d3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.22.17.249 , Netherlands, ASN42567 (MOJHOST-EU, NL),

Reverse DNS

Software

nginx /

Resource Hash

1dfefcc9473ef80c55b7993f332e4724c5d65da99e9180d9def6923971c37540

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Origin: https://www.cam4.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 06:28:34 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
Content-Type: text/json;charset=utf-8
Access-Control-Allow-Origin: https://www.cam4.com
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors 'self';
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length: 20

POST
H/1.1 200
OK directoryCounts Show response
www.cam4.com/ 20 B
540 B 113ms
27ms XHR
text/json 217.22.17.249
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/vendors~application-733f4f0fb8cc299601d3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.22.17.249 , Netherlands, ASN42567 (MOJHOST-EU, NL),

Reverse DNS

Software

nginx /

Resource Hash

1dfefcc9473ef80c55b7993f332e4724c5d65da99e9180d9def6923971c37540

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Origin: https://www.cam4.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 06:28:34 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
Content-Type: text/json;charset=utf-8
Access-Control-Allow-Origin: https://www.cam4.com
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors 'self';
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length: 20

GET
H/1.1 200
OK directoryCams
www.cam4.com/ 84 KB
15 KB 181ms
69ms XHR
application/json 217.22.17.249
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cam4.com/directoryCams?directoryJson=true&online=true&url=true&gender=female&broadcastType=female_group&broadcastType=solo&broadcastType=male_female_group&page=1&orderBy=VIDEO_QUALITY&resultsPerPage=60

Requested by

Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/vendors~application-733f4f0fb8cc299601d3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.22.17.249 , Netherlands, ASN42567 (MOJHOST-EU, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 06:28:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors 'self';
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 26A5 0
0

GET
H2 200 32.app-9da5b112b613f6725901.css
cam4-static.xcdnpro.com/web/v2/app/css/ 406 B
669 B 70ms
67ms Stylesheet
text/css 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/css/32.app-9da5b112b613f6725901.css
Requested by: Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/runtime-fb312b14cf0968ad9f45.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 4cdd5933594d6fb7e8532d974605d81d187b778d1575f250aac609ca760c5f87

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 06:28:34 GMT
content-encoding: gzip
status: 200
content-length: 258
x-trans-id: txc8a93cedd1dc439e957a8-005e43f7c0iad3
last-modified: Wed, 12 Feb 2020 12:53:48 GMT
etag: f9e2d9575561b1f83c8b9fc971534d12
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-timestamp: 1581512027.49309
cache-control: public, max-age=2630000
x-cdn-diag: fra1-11037-1-46044-h-0-0---;11028-10-38025----0-0-0
accept-ranges: bytes
expires: Fri, 13 Mar 2020 23:37:20 GMT

GET 32-7f2a545ad88ec5bded8c.js
cam4-static.xcdnpro.com/web/v2/app/js/ 0
0

GET
DATA 200
OK truncated
/ 985 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb76c11f0056c22bde11627eb3d20b57eafb4824c5a3b96636c0432161b75876

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 screen-blur-b105bef9756bea969a3f6a54f06c3568.jpg
cam4-static.xcdnpro.com/web/v2/app/images/ 22 KB
23 KB 88ms
24ms Image
image/jpeg 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/images/screen-blur-b105bef9756bea969a3f6a54f06c3568.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: c1877897d38eed667a6812aa4c689e80cc145d5d9ff60c45f1274ca034caeddc

Request headers

Referer: https://cam4-static.xcdnpro.com/web/v2/app/css/vendors~application.app-7e01c6a08c2fe8375064.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 06:28:34 GMT
last-modified: Wed, 26 Feb 2020 22:12:48 GMT
access-control-allow-origin: *
etag: b105bef9756bea969a3f6a54f06c3568
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/jpeg
status: 200
x-timestamp: 1582755167.05597
cache-control: public, max-age=2629949
content-length: 22868
x-cdn-diag: fra1-11014-1-8193-h-0-0---;11028-16-38025----0-0-0
accept-ranges: bytes
x-trans-id: txfb38600c38484b3ba3a4e-005e571f85iad3
expires: Sat, 28 Mar 2020 12:19:15 GMT

GET
H2 200 20.app-5eb252f92032104806f7.css
cam4-static.xcdnpro.com/web/v2/app/css/ 1 KB
902 B 94ms
92ms Stylesheet
text/css 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/css/20.app-5eb252f92032104806f7.css
Requested by: Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/runtime-fb312b14cf0968ad9f45.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 06:28:34 GMT
content-encoding: gzip
status: 200
content-length: 491
x-trans-id: txf2e6467d51344a01ba385-005e4d0758iad3
last-modified: Wed, 19 Feb 2020 09:56:16 GMT
etag: 4bfb6ae00086e33749b0a8ee2bb31a5b
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
x-timestamp: 1582106175.41200
cache-control: public, max-age=2630000
x-cdn-diag: fra1-11037-2-46112-h-0-0---;11028-12-38025----0-0-0
accept-ranges: bytes
expires: Fri, 20 Mar 2020 20:34:16 GMT

GET
H2 200 20-da78950435c46b254bcf.js
cam4-static.xcdnpro.com/web/v2/app/js/ 3 KB
0 93ms
91ms Script
application/javascript 66.254.122.100
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://cam4-static.xcdnpro.com/web/v2/app/js/20-da78950435c46b254bcf.js
Requested by: Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/runtime-fb312b14cf0968ad9f45.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.100 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:28:34 GMT
content-encoding: gzip
status: 200
content-length: 1113
x-trans-id: tx71d2fa8fea2c4a86b6f18-005e57c66ciad3
last-modified: Thu, 27 Feb 2020 13:35:26 GMT
etag: ad3b33921aba155585b4b63af22fbd6f
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-timestamp: 1582810525.48270
cache-control: public, max-age=2629963
x-cdn-diag: fra1-11014-2-8263-h-0-0---;11028-12-38025----0-0-0
accept-ranges: bytes
expires: Sun, 29 Mar 2020 00:11:35 GMT

POST
H/1.1 200
OK translation
www.cam4.com/rest/v1.0/ 1 KB
1 KB 76ms
75ms XHR
application/json 217.22.17.249
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cam4.com/rest/v1.0/translation

Requested by

Host: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/vendors~application-733f4f0fb8cc299601d3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.22.17.249 , Netherlands, ASN42567 (MOJHOST-EU, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cam4.com/female?act=voluum_wmdmv0gapturnect1iut8l06_200108~fpc_tier1_mix&utm_source=200108&utm_medium=fpc_tier1_mix&utm_content=cam4bucks&utm_campaign=cam4&utm_term=http%3A%2F%2Fwww.new-young-boys.com%2Fout.shtml&displayConfirm=true
Origin: https://www.cam4.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 04 Mar 2020 06:28:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://www.cam4.com
Access-Control-Expose-Headers: totalCount
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Content-Security-Policy: frame-ancestors 'self';
Connection: keep-alive
Access-Control-Allow-Headers: origin, content-type, accept, authorization, x-b3-traceid, x-b3-spanid, x-b3-parentspanid, x-b3-sampled, x-b3-flags, x-zipkin-extension, x-process-id, x-span-name, x-span-export

GET directory-banner
www.cam4.com/rest/v1.0/ 0
0

GET vendor-5f8c7f308997f6c94355.js
cam4-static.xcdnpro.com/web/v2/app/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tryd.pro
URL: http://tryd.pro/go/216668/456926?

Domain: script.hotjar.com
URL: https://script.hotjar.com/modules.e483a7fd5848d79df4ee.js

Domain: vars.hotjar.com
URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html

Domain: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/32-7f2a545ad88ec5bded8c.js

Domain: www.cam4.com
URL: https://www.cam4.com/rest/v1.0/directory-banner?malePage=false

Domain: cam4-static.xcdnpro.com
URL: https://cam4-static.xcdnpro.com/web/v2/app/js/vendor-5f8c7f308997f6c94355.js

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.cam4.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: web13-ams~947C35BF3C4FE97BA9B449924567CDB0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bidr.trellian.com
c4tracking01.com
cam4-static.xcdnpro.com
click.amazingtechsavings.xyz
com-rypl-main.collector.snplow.net
core.royalads.net
d2as12kgjg8gw5.cloudfront.net
free.liivecams.com
gethomeplans.com
googleads.g.doubleclick.net
moviesmale.com
script.hotjar.com
secure.click2partner.com
secure.clicktrkservices.com
static.hotjar.com
tryd.pro
vars.hotjar.com
www.cam4.com
www.fpctraffic3.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.new-young-boys.com
yltenim.com
cam4-static.xcdnpro.com
script.hotjar.com
tryd.pro
vars.hotjar.com
www.cam4.com
103.224.182.206
103.224.182.239
116.202.81.140
147.75.84.91
151.80.221.9
172.217.21.194
18.196.86.59
198.143.165.219
205.147.93.131
213.174.132.218
217.22.17.249
2600:9000:2156:9c00:1f:5390:e140:21
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2002
2a00:1450:4001:81b::2003
2a00:1450:4001:825::2004
35.168.149.183
54.174.78.248
66.254.122.100
69.61.28.190
99.192.250.46
0766f527fcf931c99f93825401ea5d39f6cfe63b56bfd1050f9d1689a8266ab4
0ff21416cd6c2e6fa69ffcc3dd07bbfcc26191f91aacd66e9e2ffef4c43bdb25
1ac784b1a0e83170fd9bbaac208fb1d675e78955f0cc51203f53c738a4ca8dfc
1bbebdc8423ced3addf6607763a61a884f701426f0271d6317653a58a58e76f8
1dfefcc9473ef80c55b7993f332e4724c5d65da99e9180d9def6923971c37540
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27b3ea989fa09fa1fa21144306045e1af10b78e0682add241a43a03e88faf9ed
365698b03900c1b1dfa9ce782e9953af6465d0ef441c423bbb2e3030e03db7fc
397f5a59082ec878bcfeb41a8aa440a87d7cb412ac7d2f99153fe884440917e2
3e5c8342cd46ab17edc0e39771dbbd7cc2d4b274e71416d2f5ccb5fbf01757f8
3fa407de9962c41b4fdc953371433c25a0f6235928fa56606f65288ed822e3d1
41553904228bbbf87b1d7439f0f82097253415f067ca728169d26ae7a624347a
4328235fa707ef20a8812b8efbc241a3e0de748ffdf908aa28a78dccc4534ba0
43ccd9dd7073a32e399c251e713f601781b689f069310d8a34249533058a6d2f
4cdd5933594d6fb7e8532d974605d81d187b778d1575f250aac609ca760c5f87
4e565202cb3b773655cdb7cd1887f9a6296a52b9053ff092dafaf47b4ddaf59f
52eaa13b48346341ec571af145ab4ee24a990b3b9b0373845c0fe52da8c633b7
87371c8d7837eb7a254c07674863314f24d285dc49214c41d4d4080f90c219bb
8a7256f6b53a380bee135a23dcb30dd0aa048c20c8e94ca3f6c86b106be7d816
8b5e87da27508fb982cb6dec82da7e664ad18614262ff32e2b7603a7cbc11a75
99851dd448da12ba1089ca0eb0ca37bd8e6c667d2f44a9c049aedceca1b14ea0
b1de591c31fc2236f674223908de937688e4b3022b14e5c43b1e266fbc828413
b8bb5256015c0be17de74c2e8ede9d8c7ec727f37007fa8a194d94103b7f6215
c1877897d38eed667a6812aa4c689e80cc145d5d9ff60c45f1274ca034caeddc
cb025c1b13208698e382ae75da7e7b7e3b0be0c479cc37a6895bbc03829faab3
d36c62178317dc9d690262da2020816b29bb357ac8b27404c5be52efa3d44dce
d7b93097e258592bc07909f8aae1992d8ddd9619bc18178971e55ed178c6a12b
db4a8534763082ecb9bdde97f3f73831bf3e4430d3ee77984781bbbbd5df5519
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d0be153c91c52f95a9ebeab9858609477e5b687a7ab9c68f124d5b22cc65b1
e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03f61a6ff46d9f41e0d14981b3fc83f65e967f78fb69180aa5eb2619482c016
fb51c75d04da68f250d7c4378c6870631657e5b008b09829450d3854315b6ca5
fb76c11f0056c22bde11627eb3d20b57eafb4824c5a3b96636c0432161b75876
fb9edc442aa5152643c98147d7d7afcfd42f2a12ea402078e6af8bd43dafaa50
ffd116b31992480fda3ad991cfa611e2f7e2bbbd670a1934a0809a99667369e0
ffe3980b1a2277dfe31aad4f00057ed224b377454d0c76a58c2d6ac211367ae2

www.cam4.com Open in urlscan Pro 217.22.17.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

75 %HTTPS

24 %IPv6

23 Domains

25 Subdomains

18 IPs

4 Countries

2025 kBTransfer

7847 kBSize

1 Cookies

11 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cam4.com Open in urlscan Pro
217.22.17.249 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

75 %
HTTPS

24 %
IPv6

23
Domains

25
Subdomains

18
IPs

4
Countries

2025 kB
Transfer

7847 kB
Size

1
Cookies

52 HTTP transactions
5 data transactions