dxv9ab0p31jil.cloudfront.net
Open in
urlscan Pro
2600:9000:269f:b600:6:fcb0:340:93a1
Public Scan
Effective URL: https://dxv9ab0p31jil.cloudfront.net/?SMCampaign=fb567c85-b398-410c-b87c-56ed6206092d&country=KW&Pub_ID=5964&ClickID=w865ht44b2bca7ru...
Submission: On January 30 via api from US — Scanned from US
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.
This is the only time dxv9ab0p31jil.cloudfront.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3032::6815:3c6c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:9000:269... 2600:9000:269f:b600:6:fcb0:340:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 3.161.213.71 3.161.213.71 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:823::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80b::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:36::181 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c09::9d | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.214.196.110 52.214.196.110 | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 7 |
ASN16509 (AMAZON-02, US)
dxv9ab0p31jil.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-71.yul62.r.cloudfront.net
click.afflink.mobi |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-196-110.eu-west-1.compute.amazonaws.com
notify.dcbprotect.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
afflink.mobi
click.afflink.mobi |
247 KB |
1 |
dcbprotect.com
notify.dcbprotect.com — Cisco Umbrella Rank: 434050 |
161 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79 |
263 B |
1 |
google.com
analytics.google.com — Cisco Umbrella Rank: 154 |
263 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
92 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28 |
1 KB |
1 |
cloudfront.net
dxv9ab0p31jil.cloudfront.net |
93 KB |
1 |
clickfreeexplre.com
1 redirects
exp.clickfreeexplre.com |
1 KB |
10 | 8 |
Domain | Requested by | |
---|---|---|
4 | click.afflink.mobi |
dxv9ab0p31jil.cloudfront.net
|
1 | notify.dcbprotect.com |
dxv9ab0p31jil.cloudfront.net
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
dxv9ab0p31jil.cloudfront.net
|
1 | fonts.googleapis.com |
dxv9ab0p31jil.cloudfront.net
|
1 | dxv9ab0p31jil.cloudfront.net | |
1 | exp.clickfreeexplre.com | 1 redirects |
10 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
click.afflink.mobi |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
*.afflink.mobi Amazon RSA 2048 M01 |
2023-05-15 - 2024-06-12 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.eu-west-1.prd.dcbprotect.com Amazon RSA 2048 M02 |
2023-03-17 - 2024-04-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://dxv9ab0p31jil.cloudfront.net/?SMCampaign=fb567c85-b398-410c-b87c-56ed6206092d&country=KW&Pub_ID=5964&ClickID=w865ht44b2bca7ru2r1v7o4q
Frame ID: 687ADB78C48D80E8A72C4084BC70DDD0
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
LPPage URL History Show full URLs
-
http://exp.clickfreeexplre.com/cb475c66-d7e7-49d0-95bf-8bb31af601e6?pub=5964&placement=5964-b313731z&cid=m7...
HTTP 302
https://dxv9ab0p31jil.cloudfront.net/?SMCampaign=fb567c85-b398-410c-b87c-56ed6206092d&country=KW&Pub_ID=5964&Clic... Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://exp.clickfreeexplre.com/cb475c66-d7e7-49d0-95bf-8bb31af601e6?pub=5964&placement=5964-b313731z&cid=m7327628868905336842
HTTP 302
https://dxv9ab0p31jil.cloudfront.net/?SMCampaign=fb567c85-b398-410c-b87c-56ed6206092d&country=KW&Pub_ID=5964&ClickID=w865ht44b2bca7ru2r1v7o4q Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
dxv9ab0p31jil.cloudfront.net/ Redirect Chain
|
249 KB 93 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loadingtab.gif
click.afflink.mobi/assets_ua/ |
77 KB 78 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
click.afflink.mobi/assets_ua/ |
262 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile.png
click.afflink.mobi/assets_ua/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
demo-compiled.js
click.afflink.mobi/assets_ua/ |
501 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
278 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 263 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 263 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
A220175542158091808684884026686622424280222842660
notify.dcbprotect.com/ |
0 161 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
99 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 string| mainlang number| AntifraudLastStatuscode function| $ function| jQuery boolean| fraudeur boolean| has_K911_script string| billing_url function| evina_notify function| phoneNumberParser string| AudienceFlag boolean| FBAllowed string| cgNotificationsLocaldata number| NextAction number| pincodelen number| otpstep boolean| isvcode number| vcodestep number| shows boolean| testflag number| IDEntity boolean| isHE string| scheme string| gclid string| step string| redirect object| _0xe3c7 string| otpnocountry_1 string| alreadysub_1 string| nocountryavailable_1 string| retargetaftervcode_1 string| appremoved_1 string| otperrorcamp_1 string| vcodeerrorcamp_1 string| otpnocountry_6 string| alreadysub_6 string| nocountryavailable_6 string| retargetaftervcode_6 string| otperrorcamp_6 string| vcodeerrorcamp_6 string| phomemn undefined| btnElement undefined| response undefined| pinplaceholder undefined| Afscript undefined| script object| Allowed_countries string| country boolean| checkiffallback string| mainerror string| servicename object| phArray function| isga function| validatebefore object| ph2Array function| doaction function| getParameterByName function| changelang function| replaceUrlParam function| showloading_2 boolean| SLAFlow function| showloading function| removeloading function| showdiv1 function| cgNotificationsLocal number| slacounter function| checkantifraud1 number| counterSLA number| smsflag function| callaction function| closepage function| uuidv4 function| onInputFocus function| onInputBlur function| isWebView function| checkvcodeinput function| checklength boolean| laststatus function| onInputChange object| modal object| btn undefined| span function| removeerrors boolean| isonlineconv string| src string| acc string| label string| IDPubType function| callpixelpostback function| gtag function| fireevents function| loadsocialmpix object| CloseBtn_countries object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.exp.clickfreeexplre.com/ | Name: cb475c66-d7e7-49d0-95bf-8bb31af601e6-v4 Value: 8412GaHd6XqY-rHy8mEyL9i3ugtVc0cnftA2PgKIfBU |
|
.exp.clickfreeexplre.com/ | Name: cc-v4 Value: lsjpZixGKGAKX7xgSLakxB%2FUdEpF8RQPcD4Pe4N6tr2y%2BoZ298r87Xyb7WaHKKSLxG7KjecRr9ETWB0jIciFihVLut87UD0N8H2UX8tfKK%2BWeLXNtadvkBvLbDx9X2xzRtQubSafaUGZRiiNdUgvfA%3D%3D |
|
.dxv9ab0p31jil.cloudfront.net/ | Name: _ga_F5LP1DJTFF Value: GS1.1.1706658635.1.0.1706658635.60.0.0 |
|
.dxv9ab0p31jil.cloudfront.net/ | Name: _ga Value: GA1.1.273269888.1706658636 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
click.afflink.mobi
dxv9ab0p31jil.cloudfront.net
exp.clickfreeexplre.com
fonts.googleapis.com
notify.dcbprotect.com
stats.g.doubleclick.net
www.googletagmanager.com
2001:4860:4802:36::181
2600:9000:269f:b600:6:fcb0:340:93a1
2606:4700:3032::6815:3c6c
2607:f8b0:4004:c09::9d
2607:f8b0:4006:80b::2008
2607:f8b0:4006:823::200a
3.161.213.71
52.214.196.110
060721ba5c3e08e20a4d97807af810c93b43f0667cd1cd04988d7457234af7f4
229e46dacf0660ed1687a853b0b9568e1410c92164579337336c83fc591bd4d2
2f4e286e67513032b85a12c9bed055b15624db83775c4452985232670d4c51dd
641fb17be0e06afda9b93f7b9fb7d9dd3eafd202bd4c19aa77c968f1c84456ef
9b8ebbcdeb36ba814b9c20f20b9cf6cc6fc1993849273aa849253a95638b9e43
a68751c0201528c2fdacf26806fc38ee7a8a4cfd9a51c08b878a318fa432524e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ffed5622033f4cd3a2f93a5693a7445e11c67d60d587bc07ccbde2afb4b3d2d1