Report - hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME_

Report Overview

Visited public
2023-09-19 02:01:01
Tags
URL
hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Finishing URL
hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
IP / ASN
52.19.101.114
#16509 AMAZON-02
Title
Cash App $1000 gift card

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-09-18 20:30:39	452 B	24 kB	104.17.24.14
cdnjs.claudflare.io	unknown	2021-08-09	2021-08-12 10:01:46	2023-09-04 00:00:36	457 B	92 kB	206.189.196.86
tt.stfilecamp.com	unknown	2021-09-06	2022-03-08 16:47:05	2023-08-30 10:06:17	871 B	6.7 kB	205.185.216.42
cdn.stfilecamp.com	400667	2021-09-06	2021-09-06 17:32:03	2023-09-17 05:01:40	836 B	40 kB	205.185.216.10
cdn-adef.akamaized.net	125719	2014-03-18	2018-02-06 08:56:01	2023-09-18 06:02:24	3.3 kB	98 kB	23.36.76.96
api.imotech.video	140520	2019-11-08	2021-01-28 14:59:54	2023-09-15 18:28:45	4.5 kB	9.5 kB	164.90.105.98
hllj.giftcardmagiczone.club	unknown	2023-07-28	2023-07-28 16:31:12	2023-09-18 14:00:19	726 B	19 kB	52.19.101.114
route.frest.pro	unknown	2022-10-19	2023-01-02 14:11:29	2023-09-04 00:00:37	526 B	750 B	104.21.77.196
stormtrk.com	289095	2019-05-15	2019-05-17 20:09:53	2023-09-17 05:01:39	805 B	33 kB	172.67.69.203

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-19	medium	claudflare.io	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	cdn.stfilecamp.com/fp.min.js	ScriptElement	32 kB	2023-04-06	2025-05-09
Pretty URL cdn.stfilecamp.com/fp.min.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-06 21:01 Last Seen2025-05-09 18:17 Times Seen568 Hash 198f2f5b0a649f41fe890c59d37319aa f24629687612889bb59f610df3879afcd766fb80 d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912 Loading...

	cdn-adef.akamaized.net/landings/279025/1691599176/js/collector.js?1691599176	ScriptElement	4.8 kB	2023-04-19	2023-09-19
Pretty URL cdn-adef.akamaized.net/landings/279025/1691599176/js/collector.js?1691599176 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-19 04:01 Last Seen2023-09-19 04:01 Times Seen1 Hash f8b45d0ed194e6004ca419dee0e22934 581900293960571006b122ff6c70635c073efd26 5026cccc8406cbdad1e96b014cbd33656cd449ec01feb287b9d331fd1343101a Loading...

	cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js?1691599176	ScriptElement	64 kB	2023-03-07	2025-05-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js?1691599176 IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08 Last Seen2025-05-09 14:35 Times Seen206 Hash 6ceffd5b35d350764ce6cb72313190f5 1a8bcae2241d253c1a41050b20c840d29878f3ae 6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f Loading...

	tt.stfilecamp.com/jsfiles/second_back_multi_bigo.js	ScriptElement	2.3 kB	2023-03-08	2024-09-20
Pretty URL tt.stfilecamp.com/jsfiles/second_back_multi_bigo.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:39 Last Seen2024-09-20 21:37 Times Seen21 Hash 96af925d55cad494665471c73ac01b04 5d2b1c06d2edb1a1ba9a5335c5dbb73c508b879b 1109fbd42583528695ba5995a756fd0fd09a992a85f50e54862e4b13c1cf75c2 Loading...

	api.imotech.video/ad/events.js?pixel_id=902760083831232256	ScriptElement	17 kB	2023-03-08	2024-08-21
Pretty URL api.imotech.video/ad/events.js?pixel_id=902760083831232256 IP 164.90.105.98 ASN #10122 BIGO TECHNOLOGY PTE. LTD. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:39 Last Seen2024-08-21 06:23 Times Seen4 Hash 65e92d1f5cd6a66edd798d8e31a0f5a4 ee20b1d89622bcf1787c29b0480e6547996acadf b047e3cd894e371bc43a81292ba872d0f81fd03a8a9e66aa7e063c7e96f76098 Loading...

	cdn.stfilecamp.com/stormtrk.js	ScriptElement	6.8 kB	2023-03-12	2025-03-07
Pretty URL cdn.stfilecamp.com/stormtrk.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:32 Last Seen2025-03-07 06:00 Times Seen131 Hash 39e5f8ad757fe438c784e8d883e47ab0 6b2905489485100c83605f43186c5843031e1f3b e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a Loading...

	tt.stfilecamp.com/jsfiles/site-protect2.0.js	ScriptElement	3.1 kB	2023-03-07	2025-03-07
Pretty URL tt.stfilecamp.com/jsfiles/site-protect2.0.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-03-07 04:00 Times Seen89 Hash fc96ab06b0f9fcea6731405215ae5daf 8af9f27d895eb69754919a2fc0d74760fecd3860 9243e166cbcd628fd992eba59544ebf99328fd4db7c0c08c2fb28a7af14d759e Loading...

	cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1691599176	ScriptElement	92 kB	2023-08-05	2023-10-29
Pretty URL cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1691599176 IP 206.189.196.86 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-05 18:00 Last Seen2023-10-29 19:16 Times Seen5 Hash 5f134267bb0bbb337c14d3e3c17598ed b00469b424732323ab9e2025452bd0ed3ce16039 c87337fa4f744e422666cec67da64263346e0d1cabf1148fd3562f67a754ec00 Loading...

	cdn-adef.akamaized.net/landings/279025/1691599176/js/main.js?1691599176	ScriptElement	5.1 kB	2023-04-06	2023-10-30
Pretty URL cdn-adef.akamaized.net/landings/279025/1691599176/js/main.js?1691599176 IP 23.36.76.96 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-06 21:01 Last Seen2023-10-30 05:48 Times Seen4 Hash eb86cde28d0545695ec8823f6617fd6c 37b6641f75ab1b1b1e2bd375b56c40ccbc90f9ec 125d8a743888e128f1cc2cfec48f256aed9c7bb9ea64edb15cbcc04eb245ee19 Loading...

	hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__	ScriptElement	180 B	2023-04-06	2024-08-21
Pretty URL hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__ IP 52.19.101.114 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-06 21:01 Last Seen2024-08-21 06:23 Times Seen1 Hash 6bec16cc83255c4520a06dd99f2433d5 94a30f195358cda803a26a1bb8dcf5064f571db1 958bb4ed11b35436407a2a2ae960143e6fe703fb4d012fa2857c5d355b4cba75 Loading...

HTTP Transactions (21)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js?1691599176

104.17.24.14

200 OK

23 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js?1691599176
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (63851)
Size
23 kB (22890 bytes)
Hash
6ceffd5b35d350764ce6cb72313190f5
1a8bcae2241d253c1a41050b20c840d29878f3ae
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

HTTP Headers

GET /ajax/libs/gsap/3.9.1/gsap.min.js?1691599176 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 19 Sep 2023 02:00:44 GMT
content-type: application/javascript; charset=utf-8
content-length: 22890
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942a86-596a"
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1598565
expires: Sun, 08 Sep 2024 02:00:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjF4ljgRBI9F310O1kCMXAOv5sm%2BDka9FpTohSPxsaCtQlOA3VBUCSZHCKPki5TpqPKq1f1Gf0vIAdPRT6uL%2F86uuSHvOYEKQ2Flj%2BjlRiZdtJZh2RCpwiQXqxiLO9VKh1kpCBno"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 808e3c9cbc42568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/279025/1691599176/js/main.js?1691599176

23.36.76.96

200 OK

1.7 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/279025/1691599176/js/main.js?1691599176
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text
Size
1.7 kB (1741 bytes)
Hash
eb86cde28d0545695ec8823f6617fd6c
37b6641f75ab1b1b1e2bd375b56c40ccbc90f9ec
125d8a743888e128f1cc2cfec48f256aed9c7bb9ea64edb15cbcc04eb245ee19

HTTP Headers

GET /landings/279025/1691599176/js/main.js?1691599176 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: TQSmnfZo6To5Ui1CtuNAIsR3mVz91/91xVvc+AW4aAGc+jmqAm5KKwilLY3VZREmzkjRx5l8Qzg=
x-amz-request-id: ZVBZ5G27E003F6W4
Last-Modified: Wed, 09 Aug 2023 16:39:38 GMT
ETag: "eb86cde28d0545695ec8823f6617fd6c"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 19 Sep 2023 02:00:44 GMT
Content-Length: 1741
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/279025/1691599176/js/collector.js?1691599176

23.36.76.96

200 OK

1.2 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/279025/1691599176/js/collector.js?1691599176
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text
Size
1.2 kB (1154 bytes)
Hash
f8b45d0ed194e6004ca419dee0e22934
581900293960571006b122ff6c70635c073efd26
5026cccc8406cbdad1e96b014cbd33656cd449ec01feb287b9d331fd1343101a

HTTP Headers

GET /landings/279025/1691599176/js/collector.js?1691599176 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Rlo6aBMvcc61CquriEEiSbbf2blBf72vfvr15nLd05Cn9esh4bMvbEImP3FVVRQZph6PET1nevo=
x-amz-request-id: 305Q984RFS25JH9J
Last-Modified: Wed, 09 Aug 2023 16:39:38 GMT
ETag: "f8b45d0ed194e6004ca419dee0e22934"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 19 Sep 2023 02:00:44 GMT
Content-Length: 1154
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/279025/1691599176/css/basics.css?1691599176

23.36.76.96

200 OK

2.6 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/279025/1691599176/css/basics.css?1691599176
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (402), with CRLF line terminators
Size
2.6 kB (2627 bytes)
Hash
89ee45d6bd0055d7aabbdbcf06a9c609
291299092ea5a161a87d16ed32aa2b2d3bb64123
1a7ff92b7075cacac8bba769b6c2c6c00d9cff419c97c67d0a45a42a2e5a9ce8

HTTP Headers

GET /landings/279025/1691599176/css/basics.css?1691599176 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: MevJ/49gsedRR4kfygJ0eYpyFjHIE0zekA3ahIvnHJsQ4gLdn68PcWaMc7e92UcerelVQ8UoQzw=
x-amz-request-id: EEGRKQ832H65N15R
Last-Modified: Wed, 09 Aug 2023 16:39:38 GMT
ETag: "89ee45d6bd0055d7aabbdbcf06a9c609"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 19 Sep 2023 02:00:44 GMT
Content-Length: 2627
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

api.imotech.video/ad/events.js?pixel_id=902760083831232256

164.90.105.98

200 OK

6.1 kB

URL GET HTTP/2
api.imotech.video/ad/events.js?pixel_id=902760083831232256
IP
164.90.105.98:443
ASN
#10122 BIGO TECHNOLOGY PTE. LTD.

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerGlobalSign nv-sa
Subject*.imotech.video
Fingerprint08:2D:1A:49:D3:E7:0E:CD:C5:00:C3:FA:2D:4F:D0:DB:9B:E6:6B:EE
ValidityWed, 12 Jul 2023 02:46:27 GMT - Mon, 12 Aug 2024 02:46:26 GMT

File type
Unicode text, UTF-8 text, with very long lines (17299), with no line terminators
Size
6.1 kB (6084 bytes)
Hash
65e92d1f5cd6a66edd798d8e31a0f5a4
ee20b1d89622bcf1787c29b0480e6547996acadf
b047e3cd894e371bc43a81292ba872d0f81fd03a8a9e66aa7e063c7e96f76098

HTTP Headers

GET /ad/events.js?pixel_id=902760083831232256 HTTP/1.1
Host: api.imotech.video
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.13.6.1
date: Tue, 19 Sep 2023 02:00:44 GMT
content-type: application/javascript;charset=utf-8
content-length: 6084
access-control-allow-origin: *
bigotraceresponse: 00-7370189499f9ff953c1e52de5b51ea58-0-00
content-encoding: gzip
cache-control: private, max-age=900
X-Firefox-Spdy: h2

cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1691599176

206.189.196.86

200 OK

92 kB

URL GET HTTP/1.1
cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1691599176
IP
206.189.196.86:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectcdnjs.claudflare.io
Fingerprint67:13:F5:CA:7E:60:0D:25:57:38:EE:CA:2B:1E:00:90:B2:EA:2B:94
ValiditySat, 05 Aug 2023 17:09:58 GMT - Fri, 03 Nov 2023 17:09:57 GMT

File type
ASCII text, with very long lines (65447)
Size
92 kB (92013 bytes)
Hash
5f134267bb0bbb337c14d3e3c17598ed
b00469b424732323ab9e2025452bd0ed3ce16039
c87337fa4f744e422666cec67da64263346e0d1cabf1148fd3562f67a754ec00

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/jquery/3.6.0/d/jquery.min.js?1691599176 HTTP/1.1
Host: cdnjs.claudflare.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Tue, 19 Sep 2023 02:00:44 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 92013
Connection: keep-alive
Cache-Control: public, max-age=43200
Expires: Tue, 19 Sep 2023 14:00:44 GMT

cdn-adef.akamaized.net/landings/279025/1691599176/images/visa-logo.png

23.36.76.96

200 OK

8.5 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/279025/1691599176/images/visa-logo.png
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 300 x 68, 4-bit colormap, non-interlaced\012- data
Size
8.5 kB (8491 bytes)
Hash
a0157852d2a3d6e9aefbd7c23419e566
27d57dbdf88d42be5defcea6a1675d4932d13664
3b6b61919a663134edcdfe300b4de7e821ffa07cc72c15611988fb86fbba935c

HTTP Headers

GET /landings/279025/1691599176/images/visa-logo.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: glK1B8B7cXj42yl4cUVYr1dKSyk4CbChrEUzL0OEaM3c6YLXAz5IvkCNefJWFwf/Ky/zfK2fhZE=
x-amz-request-id: 5KXYDVPGNKW1E22C
Last-Modified: Wed, 09 Aug 2023 16:39:37 GMT
ETag: "a0157852d2a3d6e9aefbd7c23419e566"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 8491
Date: Tue, 19 Sep 2023 02:00:45 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/279025/1691599176/images/prize.png

23.36.76.96

200 OK

60 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/279025/1691599176/images/prize.png
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 400 x 226, 8-bit/color RGBA, non-interlaced\012- data
Size
60 kB (60378 bytes)
Hash
4e17b2ba445338c8c2b9c4b956ad3445
6449c19e419ac509bc5f09e610f5607dc46a4a64
f009ea810eed4c5bd532ca671374fb25c887932383213f5737fe71ed7f1bd915

HTTP Headers

GET /landings/279025/1691599176/images/prize.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: paAsisfMy2XhOK1oSMYFNyzKXIv9FX6jnvotdE91J9qXz1nfMDcuKYWBtjkrsek6wvk63y2txhI=
x-amz-request-id: 305VKDFDNKFYM2P3
Last-Modified: Wed, 09 Aug 2023 16:39:38 GMT
ETag: "4e17b2ba445338c8c2b9c4b956ad3445"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 60378
Date: Tue, 19 Sep 2023 02:00:45 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__

52.19.101.114

200 OK

18 kB

URL User Request GET HTTP/2
hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
IP
52.19.101.114:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjecthllj.giftcardmagiczone.club
Fingerprint27:78:D1:9C:2F:BD:69:64:E6:DB:51:86:A3:36:94:93:25:9F:A9:C3
ValidityFri, 28 Jul 2023 13:30:16 GMT - Thu, 26 Oct 2023 13:30:15 GMT

File type
gzip compressed data, from Unix\012- data
Size
18 kB (18311 bytes)
Hash
aed1ddba22e8f727d93587b1c0cd9605
3b113081c27b379bb7ec15902231ed55bfda9806
85563a32ca6092adca8192fa8cc0957e3ca110e498b2d8ed7fc646ad4106b80c

HTTP Headers

GET /c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__ HTTP/1.1
Host: hllj.giftcardmagiczone.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 19 Sep 2023 02:00:43 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=650900cb00061a41; Path=/; Expires=Sat, 18 Nov 2023 02:00:43 GMT; Secure; SameSite=None
unique_id2=650900cb000623ce; Path=/; Expires=Mon, 18 Dec 2023 02:00:43 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Tue, 19 Sep 2023 02:00:43 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

tt.stfilecamp.com/jsfiles/site-protect2.0.js

205.185.216.42

200 OK

3.1 kB

URL GET HTTP/2
tt.stfilecamp.com/jsfiles/site-protect2.0.js
IP
205.185.216.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
Fingerprint08:EF:24:ED:D7:F1:09:BB:18:AB:11:91:32:F6:90:FD:A3:21:A1:14
ValidityWed, 30 Aug 2023 07:04:21 GMT - Tue, 28 Nov 2023 07:04:20 GMT

File type
ASCII text
Size
3.1 kB (3137 bytes)
Hash
fc96ab06b0f9fcea6731405215ae5daf
8af9f27d895eb69754919a2fc0d74760fecd3860
9243e166cbcd628fd992eba59544ebf99328fd4db7c0c08c2fb28a7af14d759e

HTTP Headers

GET /jsfiles/site-protect2.0.js HTTP/1.1
Host: tt.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 19 Sep 2023 02:00:45 GMT
cache-control: max-age=1584
content-length: 3137
content-type: text/javascript
last-modified: Mon, 27 Feb 2023 13:49:23 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "fc96ab06b0f9fcea6731405215ae5daf"
x-amz-request-id: tx00000000000001dac1da0-006508f8ed-7871d902-nyc3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1695088845.dop018.sk1.t,1695088845.cds247.sk1.hn,1695088845.cds231.sk1.c
X-Firefox-Spdy: h2

api.imotech.video/bigoad/trackingview?it=1695088845597&title=Cash%20App%20%241000%20gift%20card&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fhllj.giftcardmagiczone.club%2Fc%2F18f94c5e59b1d51a%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__&host=hllj.giftcardmagiczone.club&cookie_id=BA1.1.1575649650.1695088846&session_id=BA1.1.3873168824.1695088846&pixel_id=902760083831232256&ts=1695088845608&extra=%7B%22action%22%3A%22init%22%2C%22wst%22%3A273%2C%22drt%22%3A1867%2C%22lgt%22%3A1884%7D

164.90.105.98

200 OK

104 B

URL POST HTTP/2
api.imotech.video/bigoad/trackingview?it=1695088845597&title=Cash%20App%20%241000%20gift%20card&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fhllj.giftcardmagiczone.club%2Fc%2F18f94c5e59b1d51a%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__&host=hllj.giftcardmagiczone.club&cookie_id=BA1.1.1575649650.1695088846&session_id=BA1.1.3873168824.1695088846&pixel_id=902760083831232256&ts=1695088845608&extra=%7B%22action%22%3A%22init%22%2C%22wst%22%3A273%2C%22drt%22%3A1867%2C%22lgt%22%3A1884%7D
IP
164.90.105.98:443
ASN
#10122 BIGO TECHNOLOGY PTE. LTD.

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerGlobalSign nv-sa
Subject*.imotech.video
Fingerprint08:2D:1A:49:D3:E7:0E:CD:C5:00:C3:FA:2D:4F:D0:DB:9B:E6:6B:EE
ValidityWed, 12 Jul 2023 02:46:27 GMT - Mon, 12 Aug 2024 02:46:26 GMT

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
3a2019ba52fd017715298924697fefa5
969f8e500a8acfd0be75a096dd38158b913c1bc0
2d730f2af797a445a4a83849eff1099362c48305aa739dec8359f04e8233a362

HTTP Headers

POST /bigoad/trackingview?it=1695088845597&title=Cash%20App%20%241000%20gift%20card&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fhllj.giftcardmagiczone.club%2Fc%2F18f94c5e59b1d51a%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__&host=hllj.giftcardmagiczone.club&cookie_id=BA1.1.1575649650.1695088846&session_id=BA1.1.3873168824.1695088846&pixel_id=902760083831232256&ts=1695088845608&extra=%7B%22action%22%3A%22init%22%2C%22wst%22%3A273%2C%22drt%22%3A1867%2C%22lgt%22%3A1884%7D HTTP/1.1
Host: api.imotech.video
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hllj.giftcardmagiczone.club
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: openresty/1.13.6.1
date: Tue, 19 Sep 2023 02:00:45 GMT
content-type: application/json
content-length: 104
bigotraceresponse: 00-dc884c47bb4074260f23c1605c77240e-0-00
X-Firefox-Spdy: h2

api.imotech.video/bigoad/trackingview?it=1695088845597&title=Cash%20App%20%241000%20gift%20card&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fhllj.giftcardmagiczone.club%2Fc%2F18f94c5e59b1d51a%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__&host=hllj.giftcardmagiczone.club&cookie_id=BA1.1.1575649650.1695088846&session_id=BA1.1.3873168824.1695088846&pixel_id=902760083831232256&ts=1695088845608&extra=%7B%22action%22%3A%22page_view%22%2C%22wst%22%3A273%2C%22drt%22%3A1867%2C%22lgt%22%3A1884%7D

164.90.105.98

200 OK

104 B

URL POST HTTP/2
api.imotech.video/bigoad/trackingview?it=1695088845597&title=Cash%20App%20%241000%20gift%20card&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fhllj.giftcardmagiczone.club%2Fc%2F18f94c5e59b1d51a%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__&host=hllj.giftcardmagiczone.club&cookie_id=BA1.1.1575649650.1695088846&session_id=BA1.1.3873168824.1695088846&pixel_id=902760083831232256&ts=1695088845608&extra=%7B%22action%22%3A%22page_view%22%2C%22wst%22%3A273%2C%22drt%22%3A1867%2C%22lgt%22%3A1884%7D
IP
164.90.105.98:443
ASN
#10122 BIGO TECHNOLOGY PTE. LTD.

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerGlobalSign nv-sa
Subject*.imotech.video
Fingerprint08:2D:1A:49:D3:E7:0E:CD:C5:00:C3:FA:2D:4F:D0:DB:9B:E6:6B:EE
ValidityWed, 12 Jul 2023 02:46:27 GMT - Mon, 12 Aug 2024 02:46:26 GMT

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
d0b3b566afd4418989e7eef091e32db8
55b3c67942ca147ba9b12a6fee7f6704587434bd
96a38c331c0b77f322ce4831b05266fd8bce2c41ee026fb0f690f0ab3e197425

HTTP Headers

POST /bigoad/trackingview?it=1695088845597&title=Cash%20App%20%241000%20gift%20card&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fhllj.giftcardmagiczone.club%2Fc%2F18f94c5e59b1d51a%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__&host=hllj.giftcardmagiczone.club&cookie_id=BA1.1.1575649650.1695088846&session_id=BA1.1.3873168824.1695088846&pixel_id=902760083831232256&ts=1695088845608&extra=%7B%22action%22%3A%22page_view%22%2C%22wst%22%3A273%2C%22drt%22%3A1867%2C%22lgt%22%3A1884%7D HTTP/1.1
Host: api.imotech.video
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hllj.giftcardmagiczone.club
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: openresty/1.13.6.1
date: Tue, 19 Sep 2023 02:00:45 GMT
content-type: application/json
content-length: 104
bigotraceresponse: 00-c4f1c13929fbd8db4303a5fc434394e9-0-00
X-Firefox-Spdy: h2

route.frest.pro/is_redirect

104.21.77.196

200 OK

17 B

URL POST HTTP/2
route.frest.pro/is_redirect
IP
104.21.77.196:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerGoogle Trust Services LLC
Subjectfrest.pro
FingerprintB4:E7:AB:D5:49:BE:E2:02:6A:C6:2E:14:CD:79:8F:26:35:70:80:AB
ValidityThu, 10 Aug 2023 14:53:11 GMT - Wed, 08 Nov 2023 14:53:10 GMT

File type
JSON data\012- , ASCII text
Size
17 B (17 bytes)
Hash
6dec798efb56f56f33660938f6249ff6
e889219883cef38754dc1e5df7ca5277b3b314c8
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4

HTTP Headers

POST /is_redirect HTTP/1.1
Host: route.frest.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 10
Origin: https://hllj.giftcardmagiczone.club
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 19 Sep 2023 02:00:45 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSpYrj6uEXZuNJCyAx5Y92ZH26GQSp3Zi38yZWQftdlKigCY20wa5E%2BUp9d7nQG0YSNcg6s%2F8IfUxsKNy17LK%2B%2F9kr8ombzPV4O%2ByzJrptu0CPhHwg11BhLXoDU5dep4uOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 808e3ca40fe01c02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/images/favicon.ico

23.36.76.96

200 OK

4.1 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/images/favicon.ico
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: mzbDFFn0Yhqdz4XL9s4sX6yByljdNVrKhKiK+UtK4DVRgNzfBI6OtL7EakQiGwqEsC19uC++cQI=
x-amz-request-id: 78F19547EBC3B810
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
X-Akamai-EW-Subworker: 8096267
Date: Tue, 19 Sep 2023 02:00:46 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn.stfilecamp.com/stormtrk.js

205.185.216.10

200 OK

6.8 kB

URL GET HTTP/2
cdn.stfilecamp.com/stormtrk.js
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
Fingerprint3A:B5:4A:38:D5:22:E3:C4:74:C2:7C:AC:3E:A3:12:57:E9:0F:ED:84
ValiditySun, 27 Aug 2023 15:00:54 GMT - Sat, 25 Nov 2023 15:00:53 GMT

File type
ASCII text
Size
6.8 kB (6807 bytes)
Hash
39e5f8ad757fe438c784e8d883e47ab0
6b2905489485100c83605f43186c5843031e1f3b
e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a

HTTP Headers

GET /stormtrk.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 19 Sep 2023 02:00:46 GMT
cache-control: max-age=3600
content-length: 6807
content-type: text/javascript
last-modified: Sat, 24 Dec 2022 08:48:24 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "39e5f8ad757fe438c784e8d883e47ab0"
x-amz-request-id: tx00000cf0a43f119bf5b85-00650900ce-3bdc3aed-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1695088845.dop221.sk1.t,1695088845.cds217.sk1.hn,1695088846.cds014.sk1.pr
X-Firefox-Spdy: h2

tt.stfilecamp.com/jsfiles/second_back_multi_bigo.js

205.185.216.42

200 OK

2.3 kB

URL GET HTTP/2
tt.stfilecamp.com/jsfiles/second_back_multi_bigo.js
IP
205.185.216.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
Fingerprint08:EF:24:ED:D7:F1:09:BB:18:AB:11:91:32:F6:90:FD:A3:21:A1:14
ValidityWed, 30 Aug 2023 07:04:21 GMT - Tue, 28 Nov 2023 07:04:20 GMT

File type
HTML document, ASCII text
Size
2.3 kB (2307 bytes)
Hash
96af925d55cad494665471c73ac01b04
5d2b1c06d2edb1a1ba9a5335c5dbb73c508b879b
1109fbd42583528695ba5995a756fd0fd09a992a85f50e54862e4b13c1cf75c2

HTTP Headers

GET /jsfiles/second_back_multi_bigo.js HTTP/1.1
Host: tt.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 19 Sep 2023 02:00:46 GMT
cache-control: max-age=3600
content-length: 2307
content-type: text/javascript
last-modified: Mon, 27 Feb 2023 13:49:23 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "96af925d55cad494665471c73ac01b04"
x-amz-request-id: tx00000000000001dc379fa-00650900ce-7871d902-nyc3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1695088845.dop018.sk1.t,1695088845.cds247.sk1.hn,1695088846.cds239.sk1.pr
X-Firefox-Spdy: h2

stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Fhllj.giftcardmagiczone.club%2Fc%2F18f94c5e59b1d51a%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__

172.67.69.203

200 OK

32 kB

URL GET HTTP/2
stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Fhllj.giftcardmagiczone.club%2Fc%2F18f94c5e59b1d51a%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__
IP
172.67.69.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint12:CF:2B:DC:A1:B5:77:12:91:68:E8:DD:F0:22:9A:1B:06:84:6A:74
ValidityFri, 09 Dec 2022 00:00:00 GMT - Sat, 09 Dec 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (491)
Size
32 kB (32050 bytes)
Hash
5f38d3696704f2f204522355924ae071
41e5ddbc4d125747727a5fd3e496472880699712
30bb3b7290ccdc5b61d17791e980291c21879801693ec29363452fb163a11d3b

HTTP Headers

GET /api/1.0/ping/pong?location=https%3A%2F%2Fhllj.giftcardmagiczone.club%2Fc%2F18f94c5e59b1d51a%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__ HTTP/1.1
Host: stormtrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hllj.giftcardmagiczone.club
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 19 Sep 2023 02:00:46 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQf47br7rI5W6PHtgXoT3xADi5OEej5X1KNUc8HSYoRppJa4efHHOvI3bsPCDE9vXiVLmwae%2BvC2JIn3RTF21kUeNgBskK9DOOc0tkGD7mf%2F9yR3Tsbj4Sxc%2F3Ejvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 808e3ca9a87fb524-OSL
content-encoding: br
X-Firefox-Spdy: h2

api.imotech.video/bigoad/trackingview?it=1695088845597&title=Cash%20App%20%241000%20gift%20card&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fhllj.giftcardmagiczone.club%2Fc%2F18f94c5e59b1d51a%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__&host=hllj.giftcardmagiczone.club&cookie_id=BA1.1.1575649650.1695088846&session_id=BA1.1.3873168824.1695088846&pixel_id=902760083831232256&ts=1695088858912&extra=%7B%22action%22%3A%22leave%22%2C%22type%22%3A1%2C%22wst%22%3A273%2C%22drt%22%3A1867%2C%22tdt%22%3A3085%2C%22lgt%22%3A15187%7D

164.90.105.98

104 B

URL
api.imotech.video/bigoad/trackingview?it=1695088845597&title=Cash%20App%20%241000%20gift%20card&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fhllj.giftcardmagiczone.club%2Fc%2F18f94c5e59b1d51a%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__&host=hllj.giftcardmagiczone.club&cookie_id=BA1.1.1575649650.1695088846&session_id=BA1.1.3873168824.1695088846&pixel_id=902760083831232256&ts=1695088858912&extra=%7B%22action%22%3A%22leave%22%2C%22type%22%3A1%2C%22wst%22%3A273%2C%22drt%22%3A1867%2C%22tdt%22%3A3085%2C%22lgt%22%3A15187%7D
IP
164.90.105.98:0
ASN
#10122 BIGO TECHNOLOGY PTE. LTD.

Certificate
IssuerGlobalSign nv-sa
Subject*.imotech.video
Fingerprint08:2D:1A:49:D3:E7:0E:CD:C5:00:C3:FA:2D:4F:D0:DB:9B:E6:6B:EE
ValidityWed, 12 Jul 2023 02:46:27 GMT - Mon, 12 Aug 2024 02:46:26 GMT

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
011e57ff5b0447eba33ef89d78652c59
7a071e1f28f3bcc05f35a5e182c90442de5096d9
98735300fe8c2703e2ad49e03dcfa4f596b70005443b50b1956466877af76ac6

HTTP Headers

POST /bigoad/trackingview?it=1695088845597&title=Cash%20App%20%241000%20gift%20card&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fhllj.giftcardmagiczone.club%2Fc%2F18f94c5e59b1d51a%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__&host=hllj.giftcardmagiczone.club&cookie_id=BA1.1.1575649650.1695088846&session_id=BA1.1.3873168824.1695088846&pixel_id=902760083831232256&ts=1695088858912&extra=%7B%22action%22%3A%22leave%22%2C%22type%22%3A1%2C%22wst%22%3A273%2C%22drt%22%3A1867%2C%22tdt%22%3A3085%2C%22lgt%22%3A15187%7D HTTP/1.1
Host: api.imotech.video
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hllj.giftcardmagiczone.club
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: openresty/1.13.6.1
date: Tue, 19 Sep 2023 02:00:58 GMT
content-type: application/json
content-length: 104
bigotraceresponse: 00-1886121786fb1a8929b128c2abfd2810-0-00
X-Firefox-Spdy: h2

cdn.stfilecamp.com/fp.min.js

205.185.216.10

200 OK

32 kB

URL GET HTTP/2
cdn.stfilecamp.com/fp.min.js
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
Fingerprint3A:B5:4A:38:D5:22:E3:C4:74:C2:7C:AC:3E:A3:12:57:E9:0F:ED:84
ValiditySun, 27 Aug 2023 15:00:54 GMT - Sat, 25 Nov 2023 15:00:53 GMT

File type

Size
32 kB (31705 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 19 Sep 2023 02:00:47 GMT
cache-control: max-age=3600
content-length: 31705
content-type: text/javascript
last-modified: Mon, 13 Jun 2022 11:23:14 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx00000be136f87e3b3a578-00650900cf-3bdc3aca-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1695088846.dop221.sk1.t,1695088846.cds217.sk1.hn,1695088847.cds237.sk1.pr
X-Firefox-Spdy: h2

api.imotech.video/ad/pixelfile.html

164.90.105.98

200 OK

1.9 kB

URL GET HTTP/2
api.imotech.video/ad/pixelfile.html
IP
164.90.105.98:443
ASN
#10122 BIGO TECHNOLOGY PTE. LTD.

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerGlobalSign nv-sa
Subject*.imotech.video
Fingerprint08:2D:1A:49:D3:E7:0E:CD:C5:00:C3:FA:2D:4F:D0:DB:9B:E6:6B:EE
ValidityWed, 12 Jul 2023 02:46:27 GMT - Mon, 12 Aug 2024 02:46:26 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1954), with no line terminators
Size
1.9 kB (1888 bytes)
Hash
a68c3fd612781cf83ba376590dcc0d98
8b105bb0d774d95049b96a8dba785276789cde39
d3d89a8fe5379c59c594b886d54504462d96fba4e8e86ec32107b26124b0681f

HTTP Headers

GET /ad/pixelfile.html HTTP/1.1
Host: api.imotech.video
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.13.6.1
date: Tue, 19 Sep 2023 02:00:45 GMT
content-type: text/html;charset=utf-8
bigotraceresponse: 00-838c682e07b40e493b469668f2ad2622-0-00
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/landings/279025/1691599176/images/visa-logo-sq.png

23.36.76.96

200 OK

16 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/279025/1691599176/images/visa-logo-sq.png
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://hllj.giftcardmagiczone.club/c/18f94c5e59b1d51a?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 174 x 172, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16103 bytes)
Hash
ddb1a54620ba3a4424cb262e457ddbd9
0b0278f1dab8754cba8f1ab74e333f7a69e6f999
1fcf40f6f008f09af6b9d5e62a611d9b7c9920b37c5cbfb99621ffcc97243c95

HTTP Headers

GET /landings/279025/1691599176/images/visa-logo-sq.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hllj.giftcardmagiczone.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: XRJ9ngOLmcq5G0CZPs1LnqEkQzFS/RqJlE5fOGWohM0BJbuiDNM/uHJat4f1RWBSUJxI/KtJyk8=
x-amz-request-id: 305SVFS4V8W7QJ5R
Last-Modified: Wed, 09 Aug 2023 16:39:37 GMT
ETag: "ddb1a54620ba3a4424cb262e457ddbd9"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 16103
Date: Tue, 19 Sep 2023 02:00:45 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by