Report - ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME_

Report Overview

Visited public
2023-11-03 22:00:34
Tags
URL
ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Finishing URL
ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
IP / ASN
52.19.101.114
#16509 AMAZON-02
Title
Cash App Prizes Spin & Win!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-03 09:31:26	447 B	1.7 kB	216.58.207.202
tt.stfilecamp.com	unknown	2021-09-06	2022-03-08 16:47:05	2023-10-30 05:48:25	862 B	6.7 kB	205.185.216.42
route.frest.pro	unknown	2022-10-19	2023-01-02 14:11:29	2023-10-31 19:45:17	523 B	750 B	104.21.77.196
ebll.giveawaywonders.info	unknown	2023-07-28	2023-07-28 16:46:52	2023-10-28 14:00:10	726 B	5.2 kB	52.19.101.114
stormtrk.com	289095	2019-05-15	2019-05-17 20:09:53	2023-11-03 03:59:35	801 B	1.2 kB	104.26.5.120
cdn-adef.akamaized.net	125719	2014-03-18	2018-02-06 08:56:01	2023-11-03 12:07:06	3.3 kB	196 kB	95.101.10.34
cdnjs.claudflare.io	unknown	2021-08-09	2021-08-12 10:01:46	2023-10-31 19:45:16	455 B	92 kB	206.189.196.86
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-03 09:30:40	545 B	12 kB	216.58.207.227
cdn.stfilecamp.com	400667	2021-09-06	2021-09-06 17:32:03	2023-11-03 03:59:36	1.2 kB	42 kB	205.185.216.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-03	medium	claudflare.io	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	cdn-adef.akamaized.net/landings/282977/1694508129/js/collector.js?1694508130	ScriptElement	5.6 kB	2023-06-20	2024-10-17
Pretty URL cdn-adef.akamaized.net/landings/282977/1694508129/js/collector.js?1694508130 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-20 06:01 Last Seen2024-10-17 14:06 Times Seen23 Hash f2b084c56561aec35e77c7bff672d092 fe6ace52724040f8b5814a2b6ca215b2c5c208a4 01263e02d9f2e53b49c8ae2cfd1f84b0a51f6680354d748d2bb8656ad04835d9 Loading...

	cdn.stfilecamp.com/multi_push.js	ScriptElement	1.1 kB	2023-03-07	2024-08-21
Pretty URL cdn.stfilecamp.com/multi_push.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2024-08-21 09:42 Times Seen51 Hash a50322f9d3f3fafe3fb02be02285e433 c0a894b3bfa545832c3ad1c2f145005d02e50ac4 cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99 Loading...

	cdn.stfilecamp.com/stormtrk.js	ScriptElement	6.8 kB	2023-03-12	2025-03-07
Pretty URL cdn.stfilecamp.com/stormtrk.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:32 Last Seen2025-03-07 06:00 Times Seen131 Hash 39e5f8ad757fe438c784e8d883e47ab0 6b2905489485100c83605f43186c5843031e1f3b e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a Loading...

	tt.stfilecamp.com/jsfiles/site-protect2.0.js	ScriptElement	3.1 kB	2023-03-07	2025-03-07
Pretty URL tt.stfilecamp.com/jsfiles/site-protect2.0.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-03-07 04:00 Times Seen89 Hash fc96ab06b0f9fcea6731405215ae5daf 8af9f27d895eb69754919a2fc0d74760fecd3860 9243e166cbcd628fd992eba59544ebf99328fd4db7c0c08c2fb28a7af14d759e Loading...

	tt.stfilecamp.com/jsfiles/second_back_multi.js	ScriptElement	2.2 kB	2023-03-07	2024-10-17
Pretty URL tt.stfilecamp.com/jsfiles/second_back_multi.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2024-10-17 14:06 Times Seen52 Hash 4034050f2be05cd41b77c4bb153f89eb 395187f1b6ad0a67fcdede70756a1c455903d84d 717b9e3b39eb201ec4cf8ade5f0ce9f2f2537b02b0b7f822ae159a8d1496df60 Loading...

	cdn.stfilecamp.com/fp.min.js	ScriptElement	32 kB	2023-04-06	2025-05-09
Pretty URL cdn.stfilecamp.com/fp.min.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-06 21:01 Last Seen2025-05-09 18:17 Times Seen568 Hash 198f2f5b0a649f41fe890c59d37319aa f24629687612889bb59f610df3879afcd766fb80 d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912 Loading...

	cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1694508130	ScriptElement	92 kB	2023-11-03	2024-08-20
Pretty URL cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1694508130 IP 206.189.196.86 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 23:00 Last Seen2024-08-20 21:02 Times Seen3 Hash 6491e22f0fa2682c4faa107ff8a1d522 8bc809a940b0fa8f1cb43c75ede719a508cb1ce8 38fd75bdb5735983290874ddd0721504caf69238ba0efc9fe4a0f0f84850e251 Loading...

	cdn-adef.akamaized.net/landings/282977/1694508129/js/main.js?1694508130	ScriptElement	1.8 kB	2023-11-03	2024-08-20
Pretty URL cdn-adef.akamaized.net/landings/282977/1694508129/js/main.js?1694508130 IP 95.101.10.34 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 23:00 Last Seen2024-08-20 21:02 Times Seen2 Hash 0125ef286ab13e3f7826727630341510 88488575985b6c59881cebc172b3e2152ac0a025 5e48b04aa3fb55ecc1610edae84e6686bcfbcdcebdd839cc959c76360de255a8 Loading...

HTTP Transactions (18)

URL IP Response Size

cdn-adef.akamaized.net/landings/282977/1694508129/js/main.js?1694508130

95.101.10.34

200 OK

576 B

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/282977/1694508129/js/main.js?1694508130
IP
95.101.10.34:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
576 B (576 bytes)
Hash
0125ef286ab13e3f7826727630341510
88488575985b6c59881cebc172b3e2152ac0a025
5e48b04aa3fb55ecc1610edae84e6686bcfbcdcebdd839cc959c76360de255a8

HTTP Headers

GET /landings/282977/1694508129/js/main.js?1694508130 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: otkW25L3V+mW1SVsPJiwH1sqF+92iGBPCudOX0AgxUCxxckmi94Dg5JIng6Di9Ix74+GyXDcgQo=
x-amz-request-id: K86A61HA472MCF9B
Last-Modified: Tue, 12 Sep 2023 08:42:12 GMT
ETag: "0125ef286ab13e3f7826727630341510"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 03 Nov 2023 22:00:17 GMT
Content-Length: 576
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/282977/1694508129/js/collector.js?1694508130

95.101.10.67

200 OK

1.3 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/282977/1694508129/js/collector.js?1694508130
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
1.3 kB (1291 bytes)
Hash
f2b084c56561aec35e77c7bff672d092
fe6ace52724040f8b5814a2b6ca215b2c5c208a4
01263e02d9f2e53b49c8ae2cfd1f84b0a51f6680354d748d2bb8656ad04835d9

HTTP Headers

GET /landings/282977/1694508129/js/collector.js?1694508130 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: cCjlSfavHU7kOB2b8IXcPebS0mJeLlavT9BEX2zICfaly7JtIEhhMhlMtV4Yta+S/FYsIXn9iJY=
x-amz-request-id: CGNCRW3Q028Z4AKK
Last-Modified: Tue, 12 Sep 2023 08:42:12 GMT
ETag: "f2b084c56561aec35e77c7bff672d092"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 03 Nov 2023 22:00:18 GMT
Content-Length: 1291
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/282977/1694508129/css/media.css?1694508130

95.101.10.34

200 OK

1.1 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/282977/1694508129/css/media.css?1694508130
IP
95.101.10.34:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text
Size
1.1 kB (1077 bytes)
Hash
a57e8a3fa47e6bc04f708aa503ee6367
6620fdbba02512e49acd14749729047d001732ca
e0af59a3b936b302ccace0a4d32a0a376e62e8d6b610bc24520de64a4b494d2c

HTTP Headers

GET /landings/282977/1694508129/css/media.css?1694508130 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: iG711YVaHBhD2ofZ+6oP2DP/Sd9JoA1YO2/QwhOcdwlzPYzGp1x8iasB+YGIGZwBV3Z59AD8+ro=
x-amz-request-id: CGN215XEX3YR9J1Q
Last-Modified: Tue, 12 Sep 2023 08:42:12 GMT
ETag: "a57e8a3fa47e6bc04f708aa503ee6367"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 03 Nov 2023 22:00:18 GMT
Content-Length: 1077
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-adef.akamaized.net/landings/282977/1694508129/css/style.css?1694508130

95.101.10.34

200 OK

4.8 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/282977/1694508129/css/style.css?1694508130
IP
95.101.10.34:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
assembler source, ASCII text, with very long lines (351)
Size
4.8 kB (4781 bytes)
Hash
c65eeacfbcd13af77c5b675b0c545835
26ba654ca3f324ffc1ae9f9216f6c44b8ec5b8cb
c2f26b50c8216f9f89439cb114a247fbcd1cae59ca02bcd34db4de91c750bcb1

HTTP Headers

GET /landings/282977/1694508129/css/style.css?1694508130 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: RrORMkXmOIh7erstXS9LxCmHYu3d9vulNZLYQNuPJcsqeeRl51wugyLPl7pLmTqkYfNS5MaqGqQ=
x-amz-request-id: CGN5APMCT8V7ZSH7
Last-Modified: Tue, 12 Sep 2023 08:42:12 GMT
ETag: "c65eeacfbcd13af77c5b675b0c545835"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 03 Nov 2023 22:00:18 GMT
Content-Length: 4781
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

fonts.googleapis.com/css?family=Arimo&display=swap

216.58.207.202

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Arimo&display=swap
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
gzip compressed data, max compression\012- data
Size
1.1 kB (1079 bytes)
Hash
e4fd99f5b02ca7a77a521e26fa1867e4
3635ff1858ba65c46239e9406c5666a98bb402e2
36b498ce1819c808f33b4f35e9ca5c83746590e942d06e11e290b4c26d820a55

HTTP Headers

GET /css?family=Arimo&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Nov 2023 22:00:18 GMT
date: Fri, 03 Nov 2023 22:00:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1694508130

206.189.196.86

200 OK

92 kB

URL GET HTTP/1.1
cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1694508130
IP
206.189.196.86:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectcdnjs.claudflare.io
Fingerprint18:7C:79:BA:FF:48:8B:AA:43:33:E2:1F:F8:A6:0C:12:EA:07:A9:13
ValidityWed, 04 Oct 2023 20:01:27 GMT - Tue, 02 Jan 2024 20:01:26 GMT

File type
ASCII text, with very long lines (65447)
Size
92 kB (92047 bytes)
Hash
6491e22f0fa2682c4faa107ff8a1d522
8bc809a940b0fa8f1cb43c75ede719a508cb1ce8
38fd75bdb5735983290874ddd0721504caf69238ba0efc9fe4a0f0f84850e251

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/jquery/3.6.0/d/jquery.min.js?1694508130 HTTP/1.1
Host: cdnjs.claudflare.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Fri, 03 Nov 2023 22:00:18 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 92047
Connection: keep-alive
Cache-Control: public, max-age=43200
Expires: Sat, 04 Nov 2023 10:00:18 GMT

cdn-adef.akamaized.net/landings/282977/1694508129/images/game-img.png

95.101.10.67

200 OK

158 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/282977/1694508129/images/game-img.png
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 115 x 3680, 8-bit/color RGBA, non-interlaced\012- data
Size
158 kB (158350 bytes)
Hash
8d976513889737a83d1ce02a431fc577
39f2e38f5c509d83f2cee82288c94b0a1d21a841
5ef9f547e8d246555cc3c68e761108fd3c5d1d324b557d07546c86d9c4a2926e

HTTP Headers

GET /landings/282977/1694508129/images/game-img.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-adef.akamaized.net/landings/282977/1694508129/css/style.css?1694508130
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 9R6JRQO0qNa1GqRSOBqFUWXKiHy/6BiwMVEiOkcPOxZmbvEyL07HdpXmTTCpc1r5ZSO62MQ6Ogg=
x-amz-request-id: AGVWJF4KQ5E3J0B9
Last-Modified: Tue, 12 Sep 2023 08:42:11 GMT
ETag: "8d976513889737a83d1ce02a431fc577"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 158350
Date: Fri, 03 Nov 2023 22:00:19 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

fonts.gstatic.com/s/arimo/v29/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2

216.58.207.227

200 OK

12 kB

URL GET HTTP/2
fonts.gstatic.com/s/arimo/v29/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11476, version 1.0\012- data
Size
12 kB (11476 bytes)
Hash
5eeb4847d263f2a0ca52d871b12e611c
c04bc1de9f79a1ce14ee752631852abd2cb8b04a
ee722fbe14fb1d4f9be819f751060dac917300406c95b2aa67289ba7f493b7ea

HTTP Headers

GET /s/arimo/v29/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ebll.giveawaywonders.info
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11476
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Oct 2023 05:42:38 GMT
expires: Wed, 30 Oct 2024 05:42:38 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:51:47 GMT
content-type: font/woff2
age: 317861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.stfilecamp.com/multi_push.js

205.185.216.10

200 OK

1.1 kB

URL GET HTTP/1.1
cdn.stfilecamp.com/multi_push.js
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
FingerprintB9:69:70:B1:52:5D:FE:AE:F0:24:90:58:7D:85:5B:38:3E:38:9C:4F
ValidityThu, 26 Oct 2023 11:10:00 GMT - Wed, 24 Jan 2024 11:09:59 GMT

File type
ASCII text
Size
1.1 kB (1072 bytes)
Hash
a50322f9d3f3fafe3fb02be02285e433
c0a894b3bfa545832c3ad1c2f145005d02e50ac4
cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99

HTTP Headers

GET /multi_push.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Nov 2023 22:00:19 GMT
Connection: Keep-Alive
Cache-Control: max-age=2481
Content-Length: 1072
Content-Type: text/javascript
Last-Modified: Thu, 07 Jul 2022 14:21:23 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "a50322f9d3f3fafe3fb02be02285e433"
x-amz-request-id: tx000009d08c7b162bbfa6d-0065456913-3c6f493d-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1699048819.dop226.sk1.t,1699048819.cds232.sk1.shn,1699048819.dop226.sk1.t,1699048819.cds203.sk1.c

tt.stfilecamp.com/jsfiles/second_back_multi.js

205.185.216.42

200 OK

2.2 kB

URL GET HTTP/1.1
tt.stfilecamp.com/jsfiles/second_back_multi.js
IP
205.185.216.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
Fingerprint5E:7D:F2:17:40:08:20:A8:E8:71:5B:32:46:A8:70:D2:72:13:54:F5
ValiditySun, 29 Oct 2023 07:01:27 GMT - Sat, 27 Jan 2024 07:01:26 GMT

File type
HTML document, ASCII text
Size
2.2 kB (2209 bytes)
Hash
4034050f2be05cd41b77c4bb153f89eb
395187f1b6ad0a67fcdede70756a1c455903d84d
717b9e3b39eb201ec4cf8ade5f0ce9f2f2537b02b0b7f822ae159a8d1496df60

HTTP Headers

GET /jsfiles/second_back_multi.js HTTP/1.1
Host: tt.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Nov 2023 22:00:19 GMT
Connection: Keep-Alive
Cache-Control: max-age=2480
Content-Length: 2209
Content-Type: text/javascript
Last-Modified: Mon, 27 Feb 2023 13:49:23 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "4034050f2be05cd41b77c4bb153f89eb"
x-amz-request-id: tx00000fd4a990463e15ebf-0065456913-7a12c411-nyc3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1699048819.dop022.sk1.t,1699048819.cds206.sk1.shn,1699048819.dop022.sk1.t,1699048819.cds203.sk1.c

cdn.stfilecamp.com/stormtrk.js

205.185.216.10

200 OK

6.8 kB

URL GET HTTP/1.1
cdn.stfilecamp.com/stormtrk.js
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
FingerprintB9:69:70:B1:52:5D:FE:AE:F0:24:90:58:7D:85:5B:38:3E:38:9C:4F
ValidityThu, 26 Oct 2023 11:10:00 GMT - Wed, 24 Jan 2024 11:09:59 GMT

File type
ASCII text
Size
6.8 kB (6807 bytes)
Hash
39e5f8ad757fe438c784e8d883e47ab0
6b2905489485100c83605f43186c5843031e1f3b
e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a

HTTP Headers

GET /stormtrk.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Nov 2023 22:00:19 GMT
Connection: Keep-Alive
Cache-Control: max-age=40
Content-Length: 6807
Content-Type: text/javascript
Last-Modified: Sat, 24 Dec 2022 08:48:24 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "39e5f8ad757fe438c784e8d883e47ab0"
x-amz-request-id: tx00000640829a297abdf52-0065455f8b-3c6f4933-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1699048819.dop226.sk1.t,1699048819.cds232.sk1.shn,1699048819.dop226.sk1.t,1699048819.cds014.sk1.c

cdn-adef.akamaized.net/landings/282977/1694508129/images/grattis.png

95.101.10.34

200 OK

22 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/282977/1694508129/images/grattis.png
IP
95.101.10.34:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 489 x 219, 8-bit/color RGBA, interlaced\012- data
Size
22 kB (22529 bytes)
Hash
eeac6e64b5bcb38ba41cfdb057d9f4a2
36e036e49eb0f07bc537c82f3e2e4eb20f2afb78
a443b8040d01dee426ab4e6421b83a7aca8a82a0ae2140ce8e24feed106b5968

HTTP Headers

GET /landings/282977/1694508129/images/grattis.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: q1bmrPiak8NMK6TvTVsTEkuMUKJcV3wjoz9198Ke3sDav2x6ir5D/vC+NaxixcGIvhh6CXeTRKo=
x-amz-request-id: ES9ADAPM5154E26F
Last-Modified: Tue, 12 Sep 2023 08:42:11 GMT
ETag: "eeac6e64b5bcb38ba41cfdb057d9f4a2"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 22529
Date: Fri, 03 Nov 2023 22:00:19 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

tt.stfilecamp.com/jsfiles/site-protect2.0.js

205.185.216.42

200 OK

3.1 kB

URL GET HTTP/1.1
tt.stfilecamp.com/jsfiles/site-protect2.0.js
IP
205.185.216.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
Fingerprint5E:7D:F2:17:40:08:20:A8:E8:71:5B:32:46:A8:70:D2:72:13:54:F5
ValiditySun, 29 Oct 2023 07:01:27 GMT - Sat, 27 Jan 2024 07:01:26 GMT

File type
ASCII text
Size
3.1 kB (3137 bytes)
Hash
fc96ab06b0f9fcea6731405215ae5daf
8af9f27d895eb69754919a2fc0d74760fecd3860
9243e166cbcd628fd992eba59544ebf99328fd4db7c0c08c2fb28a7af14d759e

HTTP Headers

GET /jsfiles/site-protect2.0.js HTTP/1.1
Host: tt.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Nov 2023 22:00:19 GMT
Connection: Keep-Alive
Cache-Control: max-age=3600
Content-Length: 3137
Content-Type: text/javascript
Last-Modified: Mon, 27 Feb 2023 13:49:23 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "fc96ab06b0f9fcea6731405215ae5daf"
x-amz-request-id: tx00000d90a92b3a623f326-0065456d73-7a12c4b1-nyc3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1699048819.dop226.sk1.t,1699048819.cds222.sk1.shn,1699048819.dop226.sk1.t,1699048819.cds231.sk1.pr

route.frest.pro/is_redirect

104.21.77.196

200 OK

17 B

URL POST HTTP/2
route.frest.pro/is_redirect
IP
104.21.77.196:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerGoogle Trust Services LLC
Subjectfrest.pro
FingerprintA1:6D:80:97:81:5F:7D:81:A1:3A:F7:AD:B0:7C:80:EF:AF:09:8F:04
ValiditySun, 08 Oct 2023 16:23:46 GMT - Sat, 06 Jan 2024 16:23:45 GMT

File type
JSON data\012- , ASCII text
Size
17 B (17 bytes)
Hash
6dec798efb56f56f33660938f6249ff6
e889219883cef38754dc1e5df7ca5277b3b314c8
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4

HTTP Headers

POST /is_redirect HTTP/1.1
Host: route.frest.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 296
Origin: https://ebll.giveawaywonders.info
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 Nov 2023 22:00:19 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLvvLLhlIcibevhQU5wdFQWDZmc92596DvMBHEnx%2FquibNqlG79nj4vaJVroXyKHFvpFDnWdx7QUB1rLuG%2FEWkfACcl%2Feka2g%2FHCAtrYeoss3gdfN59KiW%2F2LS3qc6sImBA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8207e3b25b530b49-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn-adef.akamaized.net/images/favicon.ico

95.101.10.67

200 OK

4.1 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/images/favicon.ico
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: IjvSRVcJlrA8KRtuHCIvySb7T9M4setamspkp4J4t5oLIH6qyzaHxu8PdVPZHXMCPnB1SRcSZOs=
x-amz-request-id: 9B7689322D7626CA
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
X-Akamai-EW-Subworker: 8096267
Date: Fri, 03 Nov 2023 22:00:20 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn.stfilecamp.com/fp.min.js

205.185.216.10

200 OK

32 kB

URL GET HTTP/1.1
cdn.stfilecamp.com/fp.min.js
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
FingerprintB9:69:70:B1:52:5D:FE:AE:F0:24:90:58:7D:85:5B:38:3E:38:9C:4F
ValidityThu, 26 Oct 2023 11:10:00 GMT - Wed, 24 Jan 2024 11:09:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (31370)
Size
32 kB (31705 bytes)
Hash
198f2f5b0a649f41fe890c59d37319aa
f24629687612889bb59f610df3879afcd766fb80
d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912

HTTP Headers

GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Nov 2023 22:00:20 GMT
Connection: Keep-Alive
Cache-Control: max-age=561
Content-Length: 31705
Content-Type: text/javascript
Last-Modified: Mon, 13 Jun 2022 11:23:14 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx000007bebc807f985b1aa-0065456195-3c6f493d-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1699048819.dop226.sk1.t,1699048819.cds232.sk1.shn,1699048820.dop226.sk1.t,1699048820.cds237.sk1.c

ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__

52.19.101.114

200 OK

4.6 kB

URL User Request GET HTTP/2
ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
IP
52.19.101.114:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectebll.giveawaywonders.info
Fingerprint8D:3F:3A:B0:C8:E3:B6:53:C3:DF:B6:58:59:87:9D:1D:CF:4D:5F:2F
ValidityWed, 11 Oct 2023 02:30:19 GMT - Tue, 09 Jan 2024 02:30:18 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4789), with no line terminators
Size
4.6 kB (4616 bytes)
Hash
7d6e9b2ebc5d597800ff64a0bfda4b29
3049e33aa3bd86098d396a60676c7965d8d7f57f
a718f0b4d9086e218f7da71024d4054ed60a172e7e56da80c16df6b4d9f3af65

HTTP Headers

GET /c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__ HTTP/1.1
Host: ebll.giveawaywonders.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 03 Nov 2023 22:00:17 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=65456d71000684f3; Path=/; Expires=Tue, 02 Jan 2024 22:00:17 GMT; Secure; SameSite=None
unique_id2=65456d7100068c31; Path=/; Expires=Thu, 01 Feb 2024 22:00:17 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Fri, 03 Nov 2023 22:00:17 GMT; Secure; SameSite=None
65456d7100068c31_sl=[282977]; Path=/; Expires=Fri, 17 Nov 2023 22:00:17 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Febll.giveawaywonders.info%2Fc%2F3ce18fee530dec67%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__

104.26.5.120

200 OK

490 B

URL GET HTTP/2
stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Febll.giveawaywonders.info%2Fc%2F3ce18fee530dec67%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__
IP
104.26.5.120:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint12:CF:2B:DC:A1:B5:77:12:91:68:E8:DD:F0:22:9A:1B:06:84:6A:74
ValidityFri, 09 Dec 2022 00:00:00 GMT - Sat, 09 Dec 2023 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (511), with no line terminators
Size
490 B (490 bytes)
Hash
ee847ffc0cfe950136d18734d546a1c7
dc2206198f3160dd1f5aee483fdcf082da46d9b2
032306c7aff1835b5077f8f25b5ff2a5d61661a7195aa6ee6fbeb2f6821864af

HTTP Headers

GET /api/1.0/ping/pong?location=https%3A%2F%2Febll.giveawaywonders.info%2Fc%2F3ce18fee530dec67%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__ HTTP/1.1
Host: stormtrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ebll.giveawaywonders.info
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 Nov 2023 22:00:20 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWMChh6D9R4H1lUcxjspbhGEM42LN6zLpqvYxcBXSO5v2EjczA7GRxq5OPADTemBOGm6CCsMx1xpfefkZIsA3rur3HHDo7L5k8J6HbhghAyQqHdBjFzoxzMpqfGt2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8207e3b35d7c56c4-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (18)

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1