Report - ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME_

Report Overview

Visited public
2023-10-15 22:01:04
Tags
URL
ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Finishing URL
ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
IP / ASN
52.19.101.114
#16509 AMAZON-02
Title
$1000 cash

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-10-14 18:12:07	666 B	1.4 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-10-14 21:56:49	1.1 kB	36 kB	216.58.207.227
route.frest.pro	unknown	2022-10-19	2023-01-02 14:11:29	2023-10-15 10:00:26	522 B	744 B	104.21.77.196
stormtrk.com	289095	2019-05-15	2019-05-17 20:09:53	2023-10-15 10:00:27	799 B	33 kB	104.26.4.120
ebll.giveawaywonders.info	unknown	2023-07-28	2023-07-28 16:46:52	2023-09-24 06:00:18	726 B	12 kB	52.19.101.114
cdn-adef.akamaized.net	125719	2014-03-18	2018-02-06 08:56:01	2023-10-15 10:00:25	5.2 kB	1.7 MB	23.36.76.96
cdnjs.claudflare.io	unknown	2021-08-09	2021-08-12 10:01:46	2023-10-15 10:00:25	455 B	92 kB	206.189.196.86
tt.stfilecamp.com	unknown	2021-09-06	2022-03-08 16:47:05	2023-10-15 10:00:26	862 B	6.6 kB	205.185.216.10
cdn.stfilecamp.com	400667	2021-09-06	2021-09-06 17:32:03	2023-10-15 10:00:26	1.3 kB	42 kB	205.185.216.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-10-15	medium	claudflare.io	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1691598796	ScriptElement	92 kB	2023-09-04	2023-10-28
Pretty URL cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1691598796 IP 206.189.196.86 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-04 00:00 Last Seen2023-10-28 16:01 Times Seen7 Hash 1306c912aae7b57e3c17ddbbd9ca5b0b 284bcb9b9d3f5a95bdbd201dab54be553c39c3a0 37a2ebdad04b9ed279eba7e94aa70ddc44e3565501ee45bd4cca7f89db40a2b9 Loading...

	cdn-adef.akamaized.net/landings/281934/1691598796/js/collector.js?1691598796	ScriptElement	5.6 kB	2023-06-20	2024-10-17
Pretty URL cdn-adef.akamaized.net/landings/281934/1691598796/js/collector.js?1691598796 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-20 06:01 Last Seen2024-10-17 14:06 Times Seen23 Hash f2b084c56561aec35e77c7bff672d092 fe6ace52724040f8b5814a2b6ca215b2c5c208a4 01263e02d9f2e53b49c8ae2cfd1f84b0a51f6680354d748d2bb8656ad04835d9 Loading...

	cdn.stfilecamp.com/multi_push.js	ScriptElement	1.1 kB	2023-03-07	2024-08-21
Pretty URL cdn.stfilecamp.com/multi_push.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2024-08-21 09:42 Times Seen51 Hash a50322f9d3f3fafe3fb02be02285e433 c0a894b3bfa545832c3ad1c2f145005d02e50ac4 cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99 Loading...

	tt.stfilecamp.com/jsfiles/site-protect2.0.js	ScriptElement	3.1 kB	2023-03-07	2025-03-07
Pretty URL tt.stfilecamp.com/jsfiles/site-protect2.0.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-03-07 04:00 Times Seen89 Hash fc96ab06b0f9fcea6731405215ae5daf 8af9f27d895eb69754919a2fc0d74760fecd3860 9243e166cbcd628fd992eba59544ebf99328fd4db7c0c08c2fb28a7af14d759e Loading...

	cdn.stfilecamp.com/stormtrk.js	ScriptElement	6.8 kB	2023-03-12	2025-03-07
Pretty URL cdn.stfilecamp.com/stormtrk.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:32 Last Seen2025-03-07 06:00 Times Seen131 Hash 39e5f8ad757fe438c784e8d883e47ab0 6b2905489485100c83605f43186c5843031e1f3b e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a Loading...

	cdn.stfilecamp.com/fp.min.js	ScriptElement	32 kB	2023-04-06	2025-05-09
Pretty URL cdn.stfilecamp.com/fp.min.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-06 21:01 Last Seen2025-05-09 18:17 Times Seen568 Hash 198f2f5b0a649f41fe890c59d37319aa f24629687612889bb59f610df3879afcd766fb80 d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912 Loading...

	cdn-adef.akamaized.net/landings/281934/1691598796/js/script.js?1691598796	ScriptElement	2.6 kB	2023-07-15	2024-08-21
Pretty URL cdn-adef.akamaized.net/landings/281934/1691598796/js/script.js?1691598796 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-15 10:00 Last Seen2024-08-21 04:36 Times Seen5 Hash bc399c721447a081345292e5214d5de5 e7c2d5de1540f5c0fa5e812a3b80a48407165586 9cfc4986b44b3b0a2f8be16bf98d295bf4c315fe0536b86b3ce58d2a839e0b47 Loading...

	tt.stfilecamp.com/jsfiles/second_back_multi.js	ScriptElement	2.2 kB	2023-03-07	2024-10-17
Pretty URL tt.stfilecamp.com/jsfiles/second_back_multi.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2024-10-17 14:06 Times Seen52 Hash 4034050f2be05cd41b77c4bb153f89eb 395187f1b6ad0a67fcdede70756a1c455903d84d 717b9e3b39eb201ec4cf8ade5f0ce9f2f2537b02b0b7f822ae159a8d1496df60 Loading...

HTTP Transactions (24)

URL IP Response Size

cdn-adef.akamaized.net/landings/281934/1691598796/css/halloween.css?1691598796

23.36.76.96

200 OK

1.2 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/281934/1691598796/css/halloween.css?1691598796
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1180 bytes)
Hash
310ed33284f7052837c178f113359df4
6a4df3e280f0209c3ccdb8f76e9e626e728d60f8
7ce22d0324dc3d75bd051dc9efc4af3914be87f48f2a0a1d94717eab18fc789e

HTTP Headers

GET /landings/281934/1691598796/css/halloween.css?1691598796 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 8jCSmvXlKa3/9IA8Nr75HNN2PVyGYCzTPhpRSUtaIdq+lWPklP5ozKzInKeJ3uuKM37qZtY3SJY=
x-amz-request-id: 17VDYCZ74F9GED1T
Last-Modified: Wed, 09 Aug 2023 16:33:19 GMT
ETag: "310ed33284f7052837c178f113359df4"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 15 Oct 2023 22:00:46 GMT
Content-Length: 1180
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/281934/1691598796/css/style.css?1691598796

23.36.76.96

200 OK

1.5 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/281934/1691598796/css/style.css?1691598796
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1524 bytes)
Hash
7fa25c58506e8165ce6232dafdd5ab7d
e5e5785ca74a0e4ad9cc2bcf0b4350da30eeb6bb
4783cf31202b217875417a33d35805c720f0196a9be95f1fbe132251ca982ed2

HTTP Headers

GET /landings/281934/1691598796/css/style.css?1691598796 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: a/ndiBTKsCqJxZ+2BZtygNO1AH/nuCy8e0qPUDpkBIGm6rBkbPR+zHojx5CCpVRoxEhI0wW7V1c=
x-amz-request-id: W2GRP9ESMV2PTAD2
Last-Modified: Wed, 09 Aug 2023 16:33:19 GMT
ETag: "7fa25c58506e8165ce6232dafdd5ab7d"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 15 Oct 2023 22:00:46 GMT
Content-Length: 1524
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/281934/1691598796/js/collector.js?1691598796

23.36.76.96

200 OK

1.3 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/281934/1691598796/js/collector.js?1691598796
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
1.3 kB (1291 bytes)
Hash
f2b084c56561aec35e77c7bff672d092
fe6ace52724040f8b5814a2b6ca215b2c5c208a4
01263e02d9f2e53b49c8ae2cfd1f84b0a51f6680354d748d2bb8656ad04835d9

HTTP Headers

GET /landings/281934/1691598796/js/collector.js?1691598796 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: IHyhFncaJnPuJRWRegUypJ6pZPvWuwAYDhC03Ntie0evP//vzGkRLdtLh4VCiM0YZSEZ2mYYlrM=
x-amz-request-id: 9E2Y4XFTXJN7EJQD
Last-Modified: Wed, 09 Aug 2023 16:33:19 GMT
ETag: "f2b084c56561aec35e77c7bff672d092"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 15 Oct 2023 22:00:46 GMT
Content-Length: 1291
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/281934/1691598796/css/animations.css?1691598796

23.36.76.96

200 OK

998 B

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/281934/1691598796/css/animations.css?1691598796
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with CRLF line terminators
Size
998 B (998 bytes)
Hash
68578c1c851a57c5e8ac8a0de94ab75e
1fb82f3e8566f809953e1ed2a5b5ebf513e64ffe
84db6ef5d78b827ad3abfd598ba3ac78e4c520dc5c3cd4465dcad9fefb655c88

HTTP Headers

GET /landings/281934/1691598796/css/animations.css?1691598796 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: YG+xRBTN6mMmbPFGL2DGk0sP6mj51XPx62PQcAyC2x9ZgoVOxk7VfZtS+isq/VHEFXzkcDk6t8Q=
x-amz-request-id: 9N22J0NXRJADSG98
Last-Modified: Wed, 09 Aug 2023 16:33:19 GMT
ETag: "68578c1c851a57c5e8ac8a0de94ab75e"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 15 Oct 2023 22:00:46 GMT
Content-Length: 998
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/281934/1691598796/js/script.js?1691598796

23.36.76.96

200 OK

884 B

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/281934/1691598796/js/script.js?1691598796
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
884 B (884 bytes)
Hash
bc399c721447a081345292e5214d5de5
e7c2d5de1540f5c0fa5e812a3b80a48407165586
9cfc4986b44b3b0a2f8be16bf98d295bf4c315fe0536b86b3ce58d2a839e0b47

HTTP Headers

GET /landings/281934/1691598796/js/script.js?1691598796 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: F/F1gx4YmUBCmhKlit0WTSul4HOpVOq+zmAxT7BlV6tjYyXAKSHdMV2HsanNgGr3TgPFwZzHrzI=
x-amz-request-id: 5M136G2RZJEWGGQG
Last-Modified: Wed, 09 Aug 2023 16:33:19 GMT
ETag: "bc399c721447a081345292e5214d5de5"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 15 Oct 2023 22:00:46 GMT
Content-Length: 884
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1691598796

206.189.196.86

200 OK

92 kB

URL GET HTTP/1.1
cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1691598796
IP
206.189.196.86:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectcdnjs.claudflare.io
Fingerprint18:7C:79:BA:FF:48:8B:AA:43:33:E2:1F:F8:A6:0C:12:EA:07:A9:13
ValidityWed, 04 Oct 2023 20:01:27 GMT - Tue, 02 Jan 2024 20:01:26 GMT

File type
ASCII text, with very long lines (65447)
Size
92 kB (92013 bytes)
Hash
1306c912aae7b57e3c17ddbbd9ca5b0b
284bcb9b9d3f5a95bdbd201dab54be553c39c3a0
37a2ebdad04b9ed279eba7e94aa70ddc44e3565501ee45bd4cca7f89db40a2b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/jquery/3.6.0/d/jquery.min.js?1691598796 HTTP/1.1
Host: cdnjs.claudflare.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Sun, 15 Oct 2023 22:00:47 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 92013
Connection: keep-alive
Cache-Control: public, max-age=43200
Expires: Mon, 16 Oct 2023 10:00:47 GMT

cdn-adef.akamaized.net/landings/281934/1691598796/images/ico-like2.png

23.36.76.96

200 OK

220 B

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/281934/1691598796/images/ico-like2.png
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 13 x 12, 8-bit colormap, non-interlaced\012- data
Size
220 B (220 bytes)
Hash
e4c6e8dcd575bd5f346565ce8dbacfe7
29e5d4862f0470607f803d462bddf5f14cf57969
9e79a749ac5f41341fdff11f64845580207490915f72b09ec320e0db0fea224a

HTTP Headers

GET /landings/281934/1691598796/images/ico-like2.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: KALU+HWbaLtpzsaehW/FPsOSJ6Wq+rgURaBRNiN97Uj1APemYz2MBYCs1d5Bc8ZoUcktbmSyY8s=
x-amz-request-id: WEHK6A1E612RPD0K
Last-Modified: Wed, 09 Aug 2023 16:33:18 GMT
ETag: "e4c6e8dcd575bd5f346565ce8dbacfe7"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 220
Date: Sun, 15 Oct 2023 22:00:47 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/281934/1691598796/images/gift.png

23.36.76.96

200 OK

4.3 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/281934/1691598796/images/gift.png
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 84 x 84, 8-bit colormap, non-interlaced\012- data
Size
4.3 kB (4278 bytes)
Hash
fffce733f6fe691cbd72247e0858079a
6abcf141d1ba377a441ecd25d978d34416486d08
ed0ec5bec53f54f33990790fd15a7c8b9c3ba35bbb3a5d795e336a1e33c83b18

HTTP Headers

GET /landings/281934/1691598796/images/gift.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 0qzeGOO+WP76nae+2kdlTtRS0BEXUoJE4Go9Yva8kt5ox/+n8+9UKLWNXGek7ZcQtzV7DS0UV1w=
x-amz-request-id: PTJGZD9AS6ZMG8V6
Last-Modified: Wed, 09 Aug 2023 16:33:18 GMT
ETag: "fffce733f6fe691cbd72247e0858079a"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4278
Date: Sun, 15 Oct 2023 22:00:47 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
69e854bd23c5909474ee243025da31be
f3fddc38a4c6b9239d214dea51adf6fdafdbace1
0b8193f810972158734d57f32f73e61e9a3bd6da0329df18a1516cab2b5ae414

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Oct 2023 22:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/arvo/v14/tDbM2oWUg0MKoZw1-LPK8w.woff2

216.58.207.227

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/arvo/v14/tDbM2oWUg0MKoZw1-LPK8w.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17300, version 1.0\012- data
Size
17 kB (17300 bytes)
Hash
4422504365a339cdaaa4a6124e8a00a2
2708a7cc500d8fcc263e8cdf88f37c5f2eff9531
2c43a3f8c9ced2758c2f7cba58401a323439120bc6e985881a1bc01475c468ab

HTTP Headers

GET /s/arvo/v14/tDbM2oWUg0MKoZw1-LPK8w.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ebll.giveawaywonders.info
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Oct 2023 15:08:34 GMT
expires: Wed, 09 Oct 2024 15:08:34 GMT
cache-control: public, max-age=31536000
age: 456733
last-modified: Thu, 10 Sep 2020 17:06:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/281934/1691598796/images/sprites2.jpg

23.36.76.96

200 OK

20 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/281934/1691598796/images/sprites2.jpg
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 192x192, components 3\012- data
Size
20 kB (20068 bytes)
Hash
3d5813d0dc0e03ae25aa9aa60b064fea
970331d3110728e9342127330ecdd7b736acf8f4
3888663dd84f0c638de77d6fb74df9a76b4fbbb059a5d3b3678153663befc1d0

HTTP Headers

GET /landings/281934/1691598796/images/sprites2.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/landings/281934/1691598796/css/style.css?1691598796
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Xu9sGufGoU8FIMjH7sHVWXiJCImZ5dctTtZ2duiaqgnmnc1SM+fyC/4VBNgjuaGCJTz9Q3gzZvI=
x-amz-request-id: EDJD6FQ8F4N3FVKK
Last-Modified: Wed, 09 Aug 2023 16:33:18 GMT
ETag: "3d5813d0dc0e03ae25aa9aa60b064fea"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 20068
Date: Sun, 15 Oct 2023 22:00:47 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
69e854bd23c5909474ee243025da31be
f3fddc38a4c6b9239d214dea51adf6fdafdbace1
0b8193f810972158734d57f32f73e61e9a3bd6da0329df18a1516cab2b5ae414

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Oct 2023 22:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tt.stfilecamp.com/jsfiles/second_back_multi.js

205.185.216.10

200 OK

2.2 kB

URL GET HTTP/1.1
tt.stfilecamp.com/jsfiles/second_back_multi.js
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
Fingerprint6B:B2:F3:D7:42:0D:85:30:43:C7:AA:0A:52:05:37:3D:73:88:9B:9C
ValidityFri, 29 Sep 2023 07:01:52 GMT - Thu, 28 Dec 2023 07:01:51 GMT

File type
HTML document, ASCII text
Size
2.2 kB (2209 bytes)
Hash
4034050f2be05cd41b77c4bb153f89eb
395187f1b6ad0a67fcdede70756a1c455903d84d
717b9e3b39eb201ec4cf8ade5f0ce9f2f2537b02b0b7f822ae159a8d1496df60

HTTP Headers

GET /jsfiles/second_back_multi.js HTTP/1.1
Host: tt.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 15 Oct 2023 22:00:47 GMT
Connection: Keep-Alive
Cache-Control: max-age=1239
Content-Length: 2209
Content-Type: text/javascript
Last-Modified: Mon, 27 Feb 2023 13:49:23 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "4034050f2be05cd41b77c4bb153f89eb"
x-amz-request-id: tx00000fb16f62ed4a10a46-00652c57d6-7a135a4e-nyc3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1697407247.dop014.sk1.t,1697407247.cds002.sk1.shn,1697407247.dop014.sk1.t,1697407247.cds203.sk1.c

fonts.gstatic.com/s/arvo/v14/tDbM2oWUg0MKoZw1-LPK8w.woff2

216.58.207.227

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/arvo/v14/tDbM2oWUg0MKoZw1-LPK8w.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17300, version 1.0\012- data
Size
17 kB (17300 bytes)
Hash
4422504365a339cdaaa4a6124e8a00a2
2708a7cc500d8fcc263e8cdf88f37c5f2eff9531
2c43a3f8c9ced2758c2f7cba58401a323439120bc6e985881a1bc01475c468ab

HTTP Headers

GET /s/arvo/v14/tDbM2oWUg0MKoZw1-LPK8w.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ebll.giveawaywonders.info
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Oct 2023 15:08:34 GMT
expires: Wed, 09 Oct 2024 15:08:34 GMT
cache-control: public, max-age=31536000
age: 456733
last-modified: Thu, 10 Sep 2020 17:06:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

route.frest.pro/is_redirect

104.21.77.196

200 OK

17 B

URL POST HTTP/2
route.frest.pro/is_redirect
IP
104.21.77.196:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerGoogle Trust Services LLC
Subjectfrest.pro
FingerprintA1:6D:80:97:81:5F:7D:81:A1:3A:F7:AD:B0:7C:80:EF:AF:09:8F:04
ValiditySun, 08 Oct 2023 16:23:46 GMT - Sat, 06 Jan 2024 16:23:45 GMT

File type
JSON data\012- , ASCII text
Size
17 B (17 bytes)
Hash
6dec798efb56f56f33660938f6249ff6
e889219883cef38754dc1e5df7ca5277b3b314c8
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4

HTTP Headers

POST /is_redirect HTTP/1.1
Host: route.frest.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 10
Origin: https://ebll.giveawaywonders.info
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Oct 2023 22:00:47 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdefkDIuKZh4uCsO68r40pj0VesCoxUD65g1ATwmVE0nfY9hQcb30P4LKL8%2B1IeFBtCu%2FVS7DJlBuhOuxx5qQ7SpI7E70xmvMkcpEkoxVNKdSrVvWBhb2ALTxoDITRjz4G0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 816b56413e661c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tt.stfilecamp.com/jsfiles/site-protect2.0.js

205.185.216.10

200 OK

3.1 kB

URL GET HTTP/1.1
tt.stfilecamp.com/jsfiles/site-protect2.0.js
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
Fingerprint6B:B2:F3:D7:42:0D:85:30:43:C7:AA:0A:52:05:37:3D:73:88:9B:9C
ValidityFri, 29 Sep 2023 07:01:52 GMT - Thu, 28 Dec 2023 07:01:51 GMT

File type
ASCII text
Size
3.1 kB (3137 bytes)
Hash
fc96ab06b0f9fcea6731405215ae5daf
8af9f27d895eb69754919a2fc0d74760fecd3860
9243e166cbcd628fd992eba59544ebf99328fd4db7c0c08c2fb28a7af14d759e

HTTP Headers

GET /jsfiles/site-protect2.0.js HTTP/1.1
Host: tt.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 15 Oct 2023 22:00:48 GMT
Connection: Keep-Alive
Cache-Control: max-age=3600
Content-Length: 3137
Content-Type: text/javascript
Last-Modified: Mon, 27 Feb 2023 13:49:23 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "fc96ab06b0f9fcea6731405215ae5daf"
x-amz-request-id: tx00000c50cca4f013c4272-00652c6110-7a12decc-nyc3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1697407247.dop014.sk1.t,1697407247.cds010.sk1.shn,1697407247.dop014.sk1.t,1697407248.cds253.sk1.pr

cdn-adef.akamaized.net/landings/281934/1691598796/images/box.png

23.36.76.96

200 OK

120 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/281934/1691598796/images/box.png
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 626 x 626, 8-bit/color RGBA, non-interlaced\012- data
Size
120 kB (120073 bytes)
Hash
d03f559a499a6aa707df4a246b2d1d67
f07c321ef210d7973dc96ffc17016cfa5e94b26d
c09892c5b29f4235a4c163d293d1a8a1e02a018dfa3f68fd1127514e2136994f

HTTP Headers

GET /landings/281934/1691598796/images/box.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: cJ3xP5amTUxXoxMH2n98XXYJyNF8WfTUd9R0z20lG3wt+6h3/QAi6jJAZXPS7EQoHW5vU2uQDP0=
x-amz-request-id: X41Z09MX12DZGS98
Last-Modified: Wed, 09 Aug 2023 16:33:18 GMT
ETag: "d03f559a499a6aa707df4a246b2d1d67"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 120073
Date: Sun, 15 Oct 2023 22:00:47 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/images/favicon.ico

23.36.76.96

200 OK

4.1 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/images/favicon.ico
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: mzbDFFn0Yhqdz4XL9s4sX6yByljdNVrKhKiK+UtK4DVRgNzfBI6OtL7EakQiGwqEsC19uC++cQI=
x-amz-request-id: 78F19547EBC3B810
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
X-Akamai-EW-Subworker: 8096267
Date: Sun, 15 Oct 2023 22:00:48 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn.stfilecamp.com/multi_push.js

205.185.216.10

200 OK

1.1 kB

URL GET HTTP/1.1
cdn.stfilecamp.com/multi_push.js
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
FingerprintC8:F2:82:03:44:08:54:DB:7D:D9:9F:D1:7D:8A:97:B3:4D:91:57:32
ValidityTue, 26 Sep 2023 11:10:19 GMT - Mon, 25 Dec 2023 11:10:18 GMT

File type
ASCII text
Size
1.1 kB (1072 bytes)
Hash
a50322f9d3f3fafe3fb02be02285e433
c0a894b3bfa545832c3ad1c2f145005d02e50ac4
cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99

HTTP Headers

GET /multi_push.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 15 Oct 2023 22:00:48 GMT
Connection: Keep-Alive
Cache-Control: max-age=3600
Content-Length: 1072
Content-Type: text/javascript
Last-Modified: Thu, 07 Jul 2022 14:21:23 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "a50322f9d3f3fafe3fb02be02285e433"
x-amz-request-id: tx00000b6483d902865856f-00652c6110-3c6f4933-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1697407247.dop012.sk1.t,1697407247.cds254.sk1.shn,1697407247.dop012.sk1.t,1697407248.cds203.sk1.pr

cdn.stfilecamp.com/stormtrk.js

205.185.216.10

200 OK

6.8 kB

URL GET HTTP/1.1
cdn.stfilecamp.com/stormtrk.js
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
FingerprintC8:F2:82:03:44:08:54:DB:7D:D9:9F:D1:7D:8A:97:B3:4D:91:57:32
ValidityTue, 26 Sep 2023 11:10:19 GMT - Mon, 25 Dec 2023 11:10:18 GMT

File type
ASCII text
Size
6.8 kB (6807 bytes)
Hash
39e5f8ad757fe438c784e8d883e47ab0
6b2905489485100c83605f43186c5843031e1f3b
e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a

HTTP Headers

GET /stormtrk.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 15 Oct 2023 22:00:48 GMT
Connection: Keep-Alive
Cache-Control: max-age=2930
Content-Length: 6807
Content-Type: text/javascript
Last-Modified: Sat, 24 Dec 2022 08:48:24 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "39e5f8ad757fe438c784e8d883e47ab0"
x-amz-request-id: tx0000013bcead6e0c83d0b-00652c5e72-3c6f4933-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1697407247.dop012.sk1.t,1697407247.cds254.sk1.shn,1697407248.dop012.sk1.t,1697407248.cds014.sk1.c

cdn-adef.akamaized.net/landings/281934/1691598796/images/box_dark.png

23.36.76.96

200 OK

1.6 MB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/281934/1691598796/images/box_dark.png
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 626 x 626, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 MB (1570720 bytes)
Hash
a73e891dd0e0613042d045b5a6f0cac0
4495dc982fc4eeec99e0e451eac59eddccd1742b
a1a0a26b87d2564e50c82bd0b4d8c53dcac764918e869aa3331ec27e660560b4

HTTP Headers

GET /landings/281934/1691598796/images/box_dark.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: ORy6q3Rb47wkWhDbBPEWw23sDsnJlZ0h+rb8o0rKiQEKtgzoYhhopsGp/dJmbppM56rQ32LOyGM=
x-amz-request-id: X41K91KTXW00H4JH
Last-Modified: Wed, 09 Aug 2023 16:33:18 GMT
ETag: "a73e891dd0e0613042d045b5a6f0cac0"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1570720
Date: Sun, 15 Oct 2023 22:00:47 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Febll.giveawaywonders.info%2Fc%2Fb08cd7ab6a76d3df%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__

104.26.4.120

200 OK

32 kB

URL GET HTTP/2
stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Febll.giveawaywonders.info%2Fc%2Fb08cd7ab6a76d3df%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__
IP
104.26.4.120:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint12:CF:2B:DC:A1:B5:77:12:91:68:E8:DD:F0:22:9A:1B:06:84:6A:74
ValidityFri, 09 Dec 2022 00:00:00 GMT - Sat, 09 Dec 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (489)
Size
32 kB (32042 bytes)
Hash
3c2847838e1af32a96e611f378e214bc
0b7b09df38502aba0c2993de376142ee2b1ac62b
ae70d38403e8024fa71b005e6160d343a15a0ebe07885484424bc5c5705c739e

HTTP Headers

GET /api/1.0/ping/pong?location=https%3A%2F%2Febll.giveawaywonders.info%2Fc%2Fb08cd7ab6a76d3df%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__ HTTP/1.1
Host: stormtrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ebll.giveawaywonders.info
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Oct 2023 22:00:49 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55e6IFYjtdz8hwFEl0WGfyaJqUwtM90BrIwq3rvhRte7FV0kisvTOOhDKeSDpd8z4tpmhV%2F%2BhdBwwqTB4oiUbPKOjptnsZzfperjiUcPXYwXTM6wsZm67MSS5MB6kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 816b56476ca1b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__

52.19.101.114

200 OK

12 kB

URL User Request GET HTTP/2
ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
IP
52.19.101.114:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectebll.giveawaywonders.info
Fingerprint8D:3F:3A:B0:C8:E3:B6:53:C3:DF:B6:58:59:87:9D:1D:CF:4D:5F:2F
ValidityWed, 11 Oct 2023 02:30:19 GMT - Tue, 09 Jan 2024 02:30:18 GMT

File type

Size
12 kB (11477 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__ HTTP/1.1
Host: ebll.giveawaywonders.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 15 Oct 2023 22:00:46 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=652c610e00092199; Path=/; Expires=Thu, 14 Dec 2023 22:00:46 GMT; Secure; SameSite=None
unique_id2=652c610e00092992; Path=/; Expires=Sat, 13 Jan 2024 22:00:46 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Sun, 15 Oct 2023 22:00:46 GMT; Secure; SameSite=None
652c610e00092992_sl=[281934]; Path=/; Expires=Sun, 29 Oct 2023 22:00:46 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.stfilecamp.com/fp.min.js

205.185.216.10

200 OK

32 kB

URL GET HTTP/1.1
cdn.stfilecamp.com/fp.min.js
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/b08cd7ab6a76d3df?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
FingerprintC8:F2:82:03:44:08:54:DB:7D:D9:9F:D1:7D:8A:97:B3:4D:91:57:32
ValidityTue, 26 Sep 2023 11:10:19 GMT - Mon, 25 Dec 2023 11:10:18 GMT

File type

Size
32 kB (31705 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 15 Oct 2023 22:00:49 GMT
Connection: Keep-Alive
Cache-Control: max-age=3585
Content-Length: 31705
Content-Type: text/javascript
Last-Modified: Mon, 13 Jun 2022 11:23:14 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx000003afbe602f384c5aa-00652c6102-3c6f4933-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1697407247.dop012.sk1.t,1697407247.cds254.sk1.shn,1697407249.dop012.sk1.t,1697407249.cds237.sk1.c

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (24)

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1