Report - ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME_

Report Overview

Visited public
2023-10-24 06:00:37
Tags
Submit Tags
URL
ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Finishing URL
ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
IP / ASN
52.19.101.114
#16509 AMAZON-02
Title
Get your CASH - Cash App BONUS

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.stfilecamp.com	400667	2021-09-06	2021-09-06 17:32:03	2023-10-23 15:51:42	1.3 kB	42 kB	205.185.216.42
ebll.giveawaywonders.info	unknown	2023-07-28	2023-07-28 16:46:52	2023-10-16 14:00:24	724 B	128 kB	52.19.101.114
stormtrk.com	289095	2019-05-15	2019-05-17 20:09:53	2023-10-23 15:51:41	799 B	33 kB	172.67.69.203
cdn-adef.akamaized.net	125719	2014-03-18	2018-02-06 08:56:01	2023-10-23 11:03:32	3.7 kB	212 kB	95.101.10.67
cdnjs.claudflare.io	unknown	2021-08-09	2021-08-12 10:01:46	2023-10-23 04:00:19	455 B	92 kB	206.189.196.86
route.frest.pro	unknown	2022-10-19	2023-01-02 14:11:29	2023-10-23 04:00:20	522 B	750 B	172.67.211.109
tt.stfilecamp.com	unknown	2021-09-06	2022-03-08 16:47:05	2023-10-23 04:00:20	1.3 kB	488 kB	205.185.216.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-10-24	medium	claudflare.io	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	tt.stfilecamp.com/jsfiles/second_back_multi.js	ScriptElement	2.2 kB	2023-03-07	2025-06-22
Pretty URL tt.stfilecamp.com/jsfiles/second_back_multi.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-22 16:01 Times Seen53 Hash 4034050f2be05cd41b77c4bb153f89eb 395187f1b6ad0a67fcdede70756a1c455903d84d 717b9e3b39eb201ec4cf8ade5f0ce9f2f2537b02b0b7f822ae159a8d1496df60 Loading...

	cdn.stfilecamp.com/fp.min.js	ScriptElement	32 kB	2023-04-06	2025-07-02
Pretty URL cdn.stfilecamp.com/fp.min.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-06 21:01 Last Seen2025-07-02 05:31 Times Seen570 Hash 198f2f5b0a649f41fe890c59d37319aa f24629687612889bb59f610df3879afcd766fb80 d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912 Loading...

	cdn-adef.akamaized.net/landings/282973/1695017115/js/main.js?1695017115	ScriptElement	9.8 kB	2023-10-24	2023-10-24
Pretty URL cdn-adef.akamaized.net/landings/282973/1695017115/js/main.js?1695017115 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 08:00 Last Seen2023-10-24 08:00 Times Seen1 Hash 618a817cee303fef0de8c20f35c405fd 52b2adc75ee68703aea53bbd0f263cb0334b636f 371d06549c2db2e8cf5522e5ea527d14884aa10be5846267ebe26caf82581007 Loading...

	cdn-adef.akamaized.net/landings/282973/1695017115/js/collector.js?1695017115	ScriptElement	5.6 kB	2023-06-20	2024-10-17
Pretty URL cdn-adef.akamaized.net/landings/282973/1695017115/js/collector.js?1695017115 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-20 06:01 Last Seen2024-10-17 14:06 Times Seen23 Hash f2b084c56561aec35e77c7bff672d092 fe6ace52724040f8b5814a2b6ca215b2c5c208a4 01263e02d9f2e53b49c8ae2cfd1f84b0a51f6680354d748d2bb8656ad04835d9 Loading...

	cdn.stfilecamp.com/multi_push.js	ScriptElement	1.1 kB	2023-03-07	2024-08-21
Pretty URL cdn.stfilecamp.com/multi_push.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2024-08-21 09:42 Times Seen51 Hash a50322f9d3f3fafe3fb02be02285e433 c0a894b3bfa545832c3ad1c2f145005d02e50ac4 cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99 Loading...

	cdn.stfilecamp.com/stormtrk.js	ScriptElement	6.8 kB	2023-03-12	2025-06-22
Pretty URL cdn.stfilecamp.com/stormtrk.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:32 Last Seen2025-06-22 16:01 Times Seen132 Hash 39e5f8ad757fe438c784e8d883e47ab0 6b2905489485100c83605f43186c5843031e1f3b e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a Loading...

	cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1695017115	ScriptElement	92 kB	2023-09-04	2023-10-28
Pretty URL cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1695017115 IP 206.189.196.86 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-04 00:00 Last Seen2023-10-28 16:01 Times Seen7 Hash 1306c912aae7b57e3c17ddbbd9ca5b0b 284bcb9b9d3f5a95bdbd201dab54be553c39c3a0 37a2ebdad04b9ed279eba7e94aa70ddc44e3565501ee45bd4cca7f89db40a2b9 Loading...

	cdn-adef.akamaized.net/landings/282973/1695017115/js/canvas-scratch.js?1695017115	ScriptElement	5.5 kB	2023-10-24	2023-10-24
Pretty URL cdn-adef.akamaized.net/landings/282973/1695017115/js/canvas-scratch.js?1695017115 IP 95.101.10.67 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 08:00 Last Seen2023-10-24 08:00 Times Seen1 Hash 9542357999c1126ef3e135834cb4edce d00700ad5e4e2926cb7a1bda482ca6ea744270bb 0121e9faf5a03c9ba14fc39fd0017d95043bb08572d4a5f4ccc2082232a880ec Loading...

	tt.stfilecamp.com/jsfiles/site-protect2.0.js	ScriptElement	3.1 kB	2023-03-07	2025-06-22
Pretty URL tt.stfilecamp.com/jsfiles/site-protect2.0.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-22 16:01 Times Seen90 Hash fc96ab06b0f9fcea6731405215ae5daf 8af9f27d895eb69754919a2fc0d74760fecd3860 9243e166cbcd628fd992eba59544ebf99328fd4db7c0c08c2fb28a7af14d759e Loading...

HTTP Transactions (18)

URL IP Response Size

GET cdn-adef.akamaized.net/landings/282973/1695017115/js/canvas-scratch.js?1695017115

95.101.10.67

200 OK

1.6 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/282973/1695017115/js/canvas-scratch.js?1695017115
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text
Size
1.6 kB (1609 bytes)
Hash
9542357999c1126ef3e135834cb4edce
d00700ad5e4e2926cb7a1bda482ca6ea744270bb
0121e9faf5a03c9ba14fc39fd0017d95043bb08572d4a5f4ccc2082232a880ec

HTTP Headers

GET /landings/282973/1695017115/js/canvas-scratch.js?1695017115 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: IOqC7bzH4bR53PnBcR2irJ80C2BFR1qf82zBZViOiNgnwnYS8D5hsKnTDvAwUZfUG6zI4Oe6LKI=
x-amz-request-id: A3SG2B04TRXW5NYN
Last-Modified: Mon, 18 Sep 2023 06:05:18 GMT
ETag: "9542357999c1126ef3e135834cb4edce"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 24 Oct 2023 06:00:20 GMT
Content-Length: 1609
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET cdn-adef.akamaized.net/landings/282973/1695017115/css/style.css?1695017115

95.101.10.67

200 OK

2.0 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/282973/1695017115/css/style.css?1695017115
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
2.0 kB (1975 bytes)
Hash
c8f7b25c97765aaf3c242455b883e7a2
c8cbf3c59989d7a5ee78cc852a36bb3ea35944c7
81be0604266623b867104c069d2260cff3e33fc4cee6a7178aeb6a20b24ef60e

HTTP Headers

GET /landings/282973/1695017115/css/style.css?1695017115 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: jxH910GH/qcHV4N/4cdeZwS07B8EDzwrqQAj58GcZaB8nT8NMnoLR6nGfervDIt2hC7uKYryNsA=
x-amz-request-id: 9XEQ06QZ9WG6D3BX
Last-Modified: Mon, 18 Sep 2023 06:05:18 GMT
ETag: "c8f7b25c97765aaf3c242455b883e7a2"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 24 Oct 2023 06:00:20 GMT
Content-Length: 1975
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET cdn-adef.akamaized.net/landings/282973/1695017115/js/main.js?1695017115

95.101.10.67

200 OK

5.0 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/282973/1695017115/js/main.js?1695017115
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (3559), with CRLF line terminators
Size
5.0 kB (5037 bytes)
Hash
618a817cee303fef0de8c20f35c405fd
52b2adc75ee68703aea53bbd0f263cb0334b636f
371d06549c2db2e8cf5522e5ea527d14884aa10be5846267ebe26caf82581007

HTTP Headers

GET /landings/282973/1695017115/js/main.js?1695017115 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: S2YwprGDk5+SQkhEGHLXdqcPz0hlIt+C9Zzw7fNLooUP6+y+rpS7monNCiquVN8lOW0GR2OEk1k=
x-amz-request-id: X75JJPS9FK1C2CNH
Last-Modified: Mon, 18 Sep 2023 06:05:18 GMT
ETag: "618a817cee303fef0de8c20f35c405fd"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 24 Oct 2023 06:00:20 GMT
Content-Length: 5037
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET cdn-adef.akamaized.net/landings/282973/1695017115/js/collector.js?1695017115

95.101.10.67

200 OK

1.3 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/282973/1695017115/js/collector.js?1695017115
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
1.3 kB (1291 bytes)
Hash
f2b084c56561aec35e77c7bff672d092
fe6ace52724040f8b5814a2b6ca215b2c5c208a4
01263e02d9f2e53b49c8ae2cfd1f84b0a51f6680354d748d2bb8656ad04835d9

HTTP Headers

GET /landings/282973/1695017115/js/collector.js?1695017115 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: IjWua3LXsTLnL5Qg5yvUKAVXVhcg3LfygXQ6HeXYVJeEDlHZuebbcPoeUKqtPPdt/AS6pf1Wyjg=
x-amz-request-id: X75PRDEM0MWQ0YVX
Last-Modified: Mon, 18 Sep 2023 06:05:18 GMT
ETag: "f2b084c56561aec35e77c7bff672d092"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 24 Oct 2023 06:00:20 GMT
Content-Length: 1291
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1695017115

206.189.196.86

200 OK

92 kB

URL GET HTTP/1.1
cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1695017115
IP
206.189.196.86:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectcdnjs.claudflare.io
Fingerprint18:7C:79:BA:FF:48:8B:AA:43:33:E2:1F:F8:A6:0C:12:EA:07:A9:13
ValidityWed, 04 Oct 2023 20:01:27 GMT - Tue, 02 Jan 2024 20:01:26 GMT

File type
ASCII text, with very long lines (65447)
Size
92 kB (92013 bytes)
Hash
1306c912aae7b57e3c17ddbbd9ca5b0b
284bcb9b9d3f5a95bdbd201dab54be553c39c3a0
37a2ebdad04b9ed279eba7e94aa70ddc44e3565501ee45bd4cca7f89db40a2b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/jquery/3.6.0/d/jquery.min.js?1695017115 HTTP/1.1
Host: cdnjs.claudflare.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Tue, 24 Oct 2023 06:00:21 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 92013
Connection: keep-alive
Cache-Control: public, max-age=43200
Expires: Tue, 24 Oct 2023 18:00:21 GMT

POST route.frest.pro/is_redirect

172.67.211.109

200 OK

17 B

URL POST HTTP/2
route.frest.pro/is_redirect
IP
172.67.211.109:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerGoogle Trust Services LLC
Subjectfrest.pro
FingerprintA1:6D:80:97:81:5F:7D:81:A1:3A:F7:AD:B0:7C:80:EF:AF:09:8F:04
ValiditySun, 08 Oct 2023 16:23:46 GMT - Sat, 06 Jan 2024 16:23:45 GMT

File type
JSON data\012- , ASCII text
Size
17 B (17 bytes)
Hash
6dec798efb56f56f33660938f6249ff6
e889219883cef38754dc1e5df7ca5277b3b314c8
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4

HTTP Headers

POST /is_redirect HTTP/1.1
Host: route.frest.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 10
Origin: https://ebll.giveawaywonders.info
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 06:00:21 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BN7eXyaUKs0cvKwZeVFoQTNLSvVoc%2BvJwAVaeX%2FwxzsvOQi5zKvVGd5FQjoNyv7i4b0FJzk7aNrBddfkZolZ16gNuD4VSO%2FZFrnoe7WVDOSffaeBDQQYtcQKa%2BguySOdog%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81afffbe287b56a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET tt.stfilecamp.com/jsfiles/second_back_multi.js

205.185.216.10

200 OK

2.2 kB

URL GET HTTP/1.1
tt.stfilecamp.com/jsfiles/second_back_multi.js
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
Fingerprint6B:B2:F3:D7:42:0D:85:30:43:C7:AA:0A:52:05:37:3D:73:88:9B:9C
ValidityFri, 29 Sep 2023 07:01:52 GMT - Thu, 28 Dec 2023 07:01:51 GMT

File type
HTML document, ASCII text
Size
2.2 kB (2209 bytes)
Hash
4034050f2be05cd41b77c4bb153f89eb
395187f1b6ad0a67fcdede70756a1c455903d84d
717b9e3b39eb201ec4cf8ade5f0ce9f2f2537b02b0b7f822ae159a8d1496df60

HTTP Headers

GET /jsfiles/second_back_multi.js HTTP/1.1
Host: tt.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 24 Oct 2023 06:00:21 GMT
Connection: Keep-Alive
Cache-Control: max-age=588
Content-Length: 2209
Content-Type: text/javascript
Last-Modified: Mon, 27 Feb 2023 13:49:23 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "4034050f2be05cd41b77c4bb153f89eb"
x-amz-request-id: tx0000020e26841dccc4c75-00653751b1-7a135a4e-nyc3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1698127221.dop230.sk1.t,1698127221.cds251.sk1.shn,1698127221.dop230.sk1.t,1698127221.cds203.sk1.c

GET tt.stfilecamp.com/jsfiles/site-protect2.0.js

205.185.216.10

200 OK

3.1 kB

URL GET HTTP/1.1
tt.stfilecamp.com/jsfiles/site-protect2.0.js
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
Fingerprint6B:B2:F3:D7:42:0D:85:30:43:C7:AA:0A:52:05:37:3D:73:88:9B:9C
ValidityFri, 29 Sep 2023 07:01:52 GMT - Thu, 28 Dec 2023 07:01:51 GMT

File type
ASCII text
Size
3.1 kB (3137 bytes)
Hash
fc96ab06b0f9fcea6731405215ae5daf
8af9f27d895eb69754919a2fc0d74760fecd3860
9243e166cbcd628fd992eba59544ebf99328fd4db7c0c08c2fb28a7af14d759e

HTTP Headers

GET /jsfiles/site-protect2.0.js HTTP/1.1
Host: tt.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 24 Oct 2023 06:00:21 GMT
Connection: Keep-Alive
Cache-Control: max-age=423
Content-Length: 3137
Content-Type: text/javascript
Last-Modified: Mon, 27 Feb 2023 13:49:23 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "fc96ab06b0f9fcea6731405215ae5daf"
x-amz-request-id: tx00000412a6a208a929855-006537510c-7a135a4e-nyc3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1698127221.dop222.sk1.t,1698127221.cds018.sk1.shn,1698127221.dop222.sk1.t,1698127221.cds231.sk1.c

GET cdn.stfilecamp.com/multi_push.js

205.185.216.42

200 OK

1.1 kB

URL GET HTTP/1.1
cdn.stfilecamp.com/multi_push.js
IP
205.185.216.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
FingerprintC8:F2:82:03:44:08:54:DB:7D:D9:9F:D1:7D:8A:97:B3:4D:91:57:32
ValidityTue, 26 Sep 2023 11:10:19 GMT - Mon, 25 Dec 2023 11:10:18 GMT

File type
ASCII text
Size
1.1 kB (1072 bytes)
Hash
a50322f9d3f3fafe3fb02be02285e433
c0a894b3bfa545832c3ad1c2f145005d02e50ac4
cb763e10664b93ac12aaead7af7b0838195e45eb89f678ebb3f5776b147f5d99

HTTP Headers

GET /multi_push.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 24 Oct 2023 06:00:21 GMT
Connection: Keep-Alive
Cache-Control: max-age=2414
Content-Length: 1072
Content-Type: text/javascript
Last-Modified: Thu, 07 Jul 2022 14:21:23 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "a50322f9d3f3fafe3fb02be02285e433"
x-amz-request-id: tx00000b09ff077664b6b67-00653758d3-3c6f493d-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1698127221.dop001.sk1.t,1698127221.cds216.sk1.shn,1698127221.dop001.sk1.t,1698127221.cds203.sk1.c

GET cdn-adef.akamaized.net/landings/282973/1695017115/images/logo.png

95.101.10.67

200 OK

8.5 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/282973/1695017115/images/logo.png
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 300 x 68, 4-bit colormap, non-interlaced\012- data
Size
8.5 kB (8491 bytes)
Hash
a0157852d2a3d6e9aefbd7c23419e566
27d57dbdf88d42be5defcea6a1675d4932d13664
3b6b61919a663134edcdfe300b4de7e821ffa07cc72c15611988fb86fbba935c

HTTP Headers

GET /landings/282973/1695017115/images/logo.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Cp5dHdJuDbYoC4SMT0h1gRIFSpggWLRcCSwo8Pw0aySCSJBgyvLH7KrhwqWjhv7+BCrblZ8EU/4=
x-amz-request-id: 4Z9E9AS3TZV2RHZH
Last-Modified: Mon, 18 Sep 2023 06:05:17 GMT
ETag: "a0157852d2a3d6e9aefbd7c23419e566"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 8491
Date: Tue, 24 Oct 2023 06:00:21 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET cdn.stfilecamp.com/stormtrk.js

205.185.216.42

200 OK

6.8 kB

URL GET HTTP/1.1
cdn.stfilecamp.com/stormtrk.js
IP
205.185.216.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
FingerprintC8:F2:82:03:44:08:54:DB:7D:D9:9F:D1:7D:8A:97:B3:4D:91:57:32
ValidityTue, 26 Sep 2023 11:10:19 GMT - Mon, 25 Dec 2023 11:10:18 GMT

File type
ASCII text
Size
6.8 kB (6807 bytes)
Hash
39e5f8ad757fe438c784e8d883e47ab0
6b2905489485100c83605f43186c5843031e1f3b
e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a

HTTP Headers

GET /stormtrk.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 24 Oct 2023 06:00:21 GMT
Connection: Keep-Alive
Cache-Control: max-age=3598
Content-Length: 6807
Content-Type: text/javascript
Last-Modified: Sat, 24 Dec 2022 08:48:24 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "39e5f8ad757fe438c784e8d883e47ab0"
x-amz-request-id: tx000007859d352c11c52af-0065375d73-3c6f493d-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1698127221.dop001.sk1.t,1698127221.cds216.sk1.shn,1698127221.dop001.sk1.t,1698127221.cds014.sk1.c

GET cdn-adef.akamaized.net/landings/282973/1695017115/images/cardsAfter.png

95.101.10.67

200 OK

64 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/282973/1695017115/images/cardsAfter.png
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 997 x 902, 8-bit/color RGBA, non-interlaced\012- data
Size
64 kB (64163 bytes)
Hash
74d879117359c9c53532166769b154bc
237e6d57552b51d9476ca60f81d2f6c54e40bbf5
beec6ee62646521bf3edc212c162607c469346d31a3dfb9707593b4d3a636315

HTTP Headers

GET /landings/282973/1695017115/images/cardsAfter.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Ob+ckfS/HiyJvUlOgkcB8qJ/gPbVzpHJxYP+qUzaNKadx5l3c+pDnvE7C9HidxEAYu8/a168Hpk=
x-amz-request-id: 4Z91BTXANS17WN8K
Last-Modified: Mon, 18 Sep 2023 06:05:17 GMT
ETag: "74d879117359c9c53532166769b154bc"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 64163
Date: Tue, 24 Oct 2023 06:00:21 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__

52.19.101.114

200 OK

128 kB

URL User Request GET HTTP/2
ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
IP
52.19.101.114:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectebll.giveawaywonders.info
Fingerprint8D:3F:3A:B0:C8:E3:B6:53:C3:DF:B6:58:59:87:9D:1D:CF:4D:5F:2F
ValidityWed, 11 Oct 2023 02:30:19 GMT - Tue, 09 Jan 2024 02:30:18 GMT

File type
gzip compressed data, from Unix\012- data
Size
128 kB (127462 bytes)
Hash
7dddb44360004de4bde9e8150d479110
3db56f0d4e8a495026e61dc47dcef92a4c6edbc6
5e1612a9a2cbf8d4b2b91843da565dcd4995989b7dd3c3ebbded06cabfda818f

HTTP Headers

GET /c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__ HTTP/1.1
Host: ebll.giveawaywonders.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 06:00:20 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=65375d730004255f; Path=/; Expires=Sat, 23 Dec 2023 06:00:19 GMT; Secure; SameSite=None
unique_id2=65375d7300042eff; Path=/; Expires=Mon, 22 Jan 2024 06:00:19 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Tue, 24 Oct 2023 06:00:19 GMT; Secure; SameSite=None
65375d7300042eff_sl=[282973]; Path=/; Expires=Tue, 07 Nov 2023 06:00:19 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

GET tt.stfilecamp.com/static/group.png

205.185.216.10

200 OK

480 kB

URL GET HTTP/1.1
tt.stfilecamp.com/static/group.png
IP
205.185.216.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
Fingerprint6B:B2:F3:D7:42:0D:85:30:43:C7:AA:0A:52:05:37:3D:73:88:9B:9C
ValidityFri, 29 Sep 2023 07:01:52 GMT - Thu, 28 Dec 2023 07:01:51 GMT

File type
PNG image data, 998 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size
480 kB (480395 bytes)
Hash
75ce79eb698adf7e83f690015001cd47
fd5a7554d7d29f2c2c7a2903f1e8fe4ae0539287
4b10ee63368f4b594655c205b9b8fc1c424adf3731cf65d297771235d0f50b18

HTTP Headers

GET /static/group.png HTTP/1.1
Host: tt.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 24 Oct 2023 06:00:22 GMT
Connection: Keep-Alive
Cache-Control: max-age=3600
Content-Length: 480395
Content-Type: image/png
Last-Modified: Mon, 11 Sep 2023 13:10:42 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "75ce79eb698adf7e83f690015001cd47"
x-amz-request-id: tx00000ad20fced6cf963ed-0065375d76-7a12c411-nyc3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1698127221.dop010.sk1.t,1698127221.cds239.sk1.shn,1698127221.dop010.sk1.t,1698127222.cds255.sk1.pr

GET cdn-adef.akamaized.net/images/favicon.ico

95.101.10.67

200 OK

4.1 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/images/favicon.ico
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: IjvSRVcJlrA8KRtuHCIvySb7T9M4setamspkp4J4t5oLIH6qyzaHxu8PdVPZHXMCPnB1SRcSZOs=
x-amz-request-id: 9B7689322D7626CA
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
X-Akamai-EW-Subworker: 8096267
Date: Tue, 24 Oct 2023 06:00:22 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Febll.giveawaywonders.info%2Fc%2F3ce18fee530dec67%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__

172.67.69.203

200 OK

32 kB

URL GET HTTP/2
stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Febll.giveawaywonders.info%2Fc%2F3ce18fee530dec67%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__
IP
172.67.69.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint12:CF:2B:DC:A1:B5:77:12:91:68:E8:DD:F0:22:9A:1B:06:84:6A:74
ValidityFri, 09 Dec 2022 00:00:00 GMT - Sat, 09 Dec 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (489)
Size
32 kB (32048 bytes)
Hash
2711dd78cc2d6ed73a43d3382ffb70bf
d9e3c4e529ab8ef6d74e0bb30cd307366b7a1dde
d55a70b105814c85a4ede40292d0b632efd661c77dbbaf4fc4caf48067dc7954

HTTP Headers

GET /api/1.0/ping/pong?location=https%3A%2F%2Febll.giveawaywonders.info%2Fc%2F3ce18fee530dec67%3Fcid%3D__SID__%26sub1%3D__CAMPAIGN_NAME__%26sub2%3D__SID__%26sub3%3D__GROUP_NAME__%26sub4%3D__AD_ID__%26sub5%3D__APPID__%26sub6%3D__GAID__%26sub7%3D__AD_EXT__%26source_id%3D__PUBLISHER_ID__%26aff_sub%3D__CAMPAIGN_NAME__%26s1%3D__CAMPAIGN_NAME__%26sid%3D__CAMPAIGN_NAME__ HTTP/1.1
Host: stormtrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ebll.giveawaywonders.info
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 06:00:22 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2B9YzQwDFrYN3WojEDtD1%2FbZRfIyMuloIRGeaMOBSAXbOnOnniHncrH%2FrmLkhspI3NiCbVwpyoo8eh9WY9ol7VFn2w1z1aZJZxO%2BzcEjpqaKD8yEq1i3Ae0DuXlAAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81afffc13e13568f-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET cdn.stfilecamp.com/fp.min.js

205.185.216.42

200 OK

32 kB

URL GET HTTP/1.1
cdn.stfilecamp.com/fp.min.js
IP
205.185.216.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerLet's Encrypt
Subjectstfilecamp.com
FingerprintC8:F2:82:03:44:08:54:DB:7D:D9:9F:D1:7D:8A:97:B3:4D:91:57:32
ValidityTue, 26 Sep 2023 11:10:19 GMT - Mon, 25 Dec 2023 11:10:18 GMT

File type

Size
32 kB (31705 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 24 Oct 2023 06:00:22 GMT
Connection: Keep-Alive
Cache-Control: max-age=129
Content-Length: 31705
Content-Type: text/javascript
Last-Modified: Mon, 13 Jun 2022 11:23:14 GMT
Accept-Ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx000002fd6778593289174-0065374fe7-3c6f4933-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1698127221.dop001.sk1.t,1698127221.cds216.sk1.shn,1698127222.dop001.sk1.t,1698127222.cds237.sk1.c

GET cdn-adef.akamaized.net/landings/282973/1695017115/images/modalImg.png

95.101.10.67

200 OK

121 kB

URL GET HTTP/1.1
cdn-adef.akamaized.net/landings/282973/1695017115/images/modalImg.png
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://ebll.giveawaywonders.info/c/3ce18fee530dec67?cid=__SID__&sub1=__CAMPAIGN_NAME__&sub2=__SID__&sub3=__GROUP_NAME__&sub4=__AD_ID__&sub5=__APPID__&sub6=__GAID__&sub7=__AD_EXT__&source_id=__PUBLISHER_ID__&aff_sub=__CAMPAIGN_NAME__&s1=__CAMPAIGN_NAME__&sid=__CAMPAIGN_NAME__
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 599 x 364, 8-bit/color RGBA, non-interlaced\012- data
Size
121 kB (121134 bytes)
Hash
9baf931fb00cffaf06a4f35d2278c84f
9080ebaa1e91376a8612cadd92ea4853a363b1da
57a7519e652fc50a895fd9e0b98c449188af8d27d7fde2a5294d7e1c80aec4ac

HTTP Headers

GET /landings/282973/1695017115/images/modalImg.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebll.giveawaywonders.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: J2oM7AnQrqwXg9UORPYzR9qMiTQWk7ik76ccl9PfhvPLvkq5NsH5v4uD1uUC8TMxyaDqR152amI=
x-amz-request-id: 4Z99N7HDM02YPNTR
Last-Modified: Mon, 18 Sep 2023 06:05:17 GMT
ETag: "9baf931fb00cffaf06a4f35d2278c84f"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 121134
Date: Tue, 24 Oct 2023 06:00:21 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (18)

URL GET HTTP/1.1

IP

ASN