Report - d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm

Report Overview

Submitted URL
d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq
IP
143.204.42.108
ASN
#16509 AMAZON-02
Submitted
2024-05-10 07:52:15
Access
public
Website Title
LP
Final URL
d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
d33t2t3w9vkbcw.cloudfront.net	unknown	2008-04-25	2024-02-06	2024-04-30	2.3 kB	1.0 MB	143.204.42.19
	unknown				1.2 kB	502 B	52.50.5.81
static.dcbprotect.com	unknown	2017-09-27	2023-07-23	2024-03-27	1.1 kB	1.1 kB	34.249.203.64
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	496 B	22 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	1.1 kB	95 kB	216.58.207.227
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	436 B	121 kB	142.250.74.40
d21as39bximhir.cloudfront.net	unknown	2008-04-25	2023-12-23	2024-04-16	1.4 kB	1.2 MB	143.204.42.161
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-09	338 B	942 B	54.230.218.11
notify.dcbprotect.com	112896	2017-09-27	2018-06-07	2024-04-17	578 B	248 B	34.253.248.174
d2vhk3w56tqrcl.cloudfront.net	unknown	2008-04-25	2023-04-30	2024-04-18	1.5 kB	161 kB	143.204.42.129

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 07:51:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-05-10 07:51:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-05-10 07:51:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2024-05-10 07:51:50	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq	49 B	2024-01-10	2024-05-14
Pretty URL d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq IP 143.204.42.129 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-10 09:10:37 Last Seen2024-05-14 23:34:37 Times Seen32 Hash d7373ccc12e8cf3ed9fd87cb9603717e 6041291383f8e9b786cdbda75693b6501a384968 ab35d6eae898bc751f174135e02b6dea3665be6d147f1b628b6b8dc4241b6cd7 Loading...

	d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq	1.9 kB	2024-03-01	2024-05-11
Pretty URL d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq IP 143.204.42.129 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-01 12:51:48 Last Seen2024-05-11 12:07:59 Times Seen13 Hash 90f3a362f836db9d8fe25cc9b2366430 9570e9258e07de63da56b6485bdfbfae9f894ddb 23efad8b677575bb95c44b7e3a1571fe3896fd88b860e90d1bb64ccb6affe32c Loading...

	d33t2t3w9vkbcw.cloudfront.net/assets_ua/demo-compiled.js	513 kB	2023-09-16	2024-05-19
Pretty URL d33t2t3w9vkbcw.cloudfront.net/assets_ua/demo-compiled.js IP 143.204.42.19 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-16 20:49:12 Last Seen2024-05-19 13:43:23 Times Seen124 Hash c58866e4779f86f4c413bd2d1f092204 9ed9d95035d311f712229cdb8851d20040cd9cc4 ffed5622033f4cd3a2f93a5693a7445e11c67d60d587bc07ccbde2afb4b3d2d1 Loading...

	d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq	104 kB	2024-05-10	2024-05-10
Pretty URL d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq IP 143.204.42.129 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 09:52:16 Last Seen2024-05-10 09:52:16 Times Seen1 Hash 6e1068db400866b93be23b5e6073ab99 81ba5b10935d1e8430507af77ade7423dc653c01 5ff6a7eac65a638b1b1f649abd46bb32fc368d21412328c01cfbe90bc08b7c4c Loading...

	d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq	32 kB	2024-05-10	2024-05-10
Pretty URL d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq IP 143.204.42.129 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 09:52:16 Last Seen2024-05-10 09:52:16 Times Seen1 Hash 42a838f8510672b0b66a679fd274ca2f 5664878170f3c3a7408805e3ce65455a54bf037a 1df6067f759205ea8828af1ebd7ec4307f0ffa8b44ef6749d4c8fa62fc96716e Loading...

	www.googletagmanager.com/gtag/js?id=G-F5LP1DJTFF	372 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-F5LP1DJTFF IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 09:52:16 Last Seen2024-05-10 09:52:16 Times Seen2 Hash 0dd3782a108517fb5f0117e30d0ef044 45aa2945d887dbea4f10104bad5b784352f7d8e5 f6bdf7f064772d833dacc451644a1bec9978e788beb2259f0375d1eb25e6f827 Loading...

	d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq	3.1 kB	2024-05-10	2024-05-19
Pretty URL d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq IP 143.204.42.129 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 09:52:16 Last Seen2024-05-19 13:43:23 Times Seen2 Hash 971e85bd2724726772ec71dff9e45ffe 843313a7d057cb2107215ac44457c40fccd121ec 7b459e1efa5c32149a61f63efbd11e63a6c86e74facaee45c1926b797db5edb9 Loading...

	d33t2t3w9vkbcw.cloudfront.net/jquery.min.js	268 kB	2023-03-07	2024-05-19
Pretty URL d33t2t3w9vkbcw.cloudfront.net/jquery.min.js IP 143.204.42.19 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:04 Last Seen2024-05-19 13:43:23 Times Seen478 Hash 9c3a8d5bf79a2b2c25b4d9f99fbf6db2 481a2ffd3f04c9bd3434f2798f3cee263b0d90a2 229e46dacf0660ed1687a853b0b9568e1410c92164579337336c83fc591bd4d2 Loading...

HTTP Transactions (20)

	URL	IP	Response	Size
	d2vhk3w56tqrcl.cloudfront.net/assets_ua/subpage.png	143.204.42.129	200 OK	8.7 kB
URL GET HTTP/2 d2vhk3w56tqrcl.cloudfront.net/assets_ua/subpage.png IP 143.204.42.129:443 ASN #16509 AMAZON-02 Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type PNG image data, 350 x 393, 8-bit/color RGBA, non-interlaced Size 8.7 kB (8715 bytes) Hash e0f3837582795e7f5405c042c358fbf2 f08cf1b56020b2b073d9067f01b5c0a5698b322a 641fb17be0e06afda9b93f7b9fb7d9dd3eafd202bd4c19aa77c968f1c84456ef HTTP Headers GET /assets_ua/subpage.png HTTP/1.1 Host: d2vhk3w56tqrcl.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK content-type: image/png content-length: 8715 last-modified: Fri, 24 Nov 2023 11:05:33 GMT x-amz-version-id: null server: AmazonS3 date: Fri, 10 May 2024 03:11:07 GMT etag: "e0f3837582795e7f5405c042c358fbf2" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 5EvUwnIZgppDgS9lYciir-Vfi7yH-E6S0FBgXGhWqus7IdaK7Yz8-A== age: 17368 X-Firefox-Spdy: h2`

	www.googletagmanager.com/gtag/js?id=G-F5LP1DJTFF	142.250.74.40	200 OK	120 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-F5LP1DJTFF IP 142.250.74.40:443 ASN #15169 GOOGLE Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT File type JavaScript source, ASCII text, with very long lines (11345) Size 120 kB (119971 bytes) Hash 0dd3782a108517fb5f0117e30d0ef044 45aa2945d887dbea4f10104bad5b784352f7d8e5 f6bdf7f064772d833dacc451644a1bec9978e788beb2259f0375d1eb25e6f827 HTTP Headers `GET /gtag/js?id=G-F5LP1DJTFF HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 10 May 2024 07:51:50 GMT expires: Fri, 10 May 2024 07:51:50 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 119971 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2	216.58.207.227	200 OK	47 kB
URL GET HTTP/2 fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT File type Web Open Font Format (Version 2), TrueType, length 46704, version 1.0 Size 47 kB (46704 bytes) Hash 30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 HTTP Headers GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://d2vhk3w56tqrcl.cloudfront.net DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 46704 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 06 May 2024 10:54:17 GMT expires: Tue, 06 May 2025 10:54:17 GMT cache-control: public, max-age=31536000 last-modified: Wed, 13 Sep 2023 23:49:07 GMT content-type: font/woff2 age: 334653 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2	216.58.207.227	200 OK	47 kB
URL GET HTTP/2 fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT File type Web Open Font Format (Version 2), TrueType, length 46704, version 1.0 Size 47 kB (46704 bytes) Hash 30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 HTTP Headers GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://d2vhk3w56tqrcl.cloudfront.net DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 46704 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 06 May 2024 10:54:17 GMT expires: Tue, 06 May 2025 10:54:17 GMT cache-control: public, max-age=31536000 last-modified: Wed, 13 Sep 2023 23:49:07 GMT content-type: font/woff2 age: 334653 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	d33t2t3w9vkbcw.cloudfront.net/loadingtab.gif	143.204.42.19	200 OK	79 kB
URL GET HTTP/2 d33t2t3w9vkbcw.cloudfront.net/loadingtab.gif IP 143.204.42.19:443 ASN #16509 AMAZON-02 Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type GIF image data, version 89a, 200 x 200 Size 79 kB (79350 bytes) Hash af24492c9928dbeb89f4539823771602 b24c17d56ab9aa6b20b5721a97ef6e7b527d941c a68751c0201528c2fdacf26806fc38ee7a8a4cfd9a51c08b878a318fa432524e HTTP Headers `GET /loadingtab.gif HTTP/1.1 Host: d33t2t3w9vkbcw.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/gif content-length: 79350 last-modified: Mon, 05 Feb 2024 11:17:30 GMT x-amz-version-id: null server: AmazonS3 date: Fri, 10 May 2024 00:34:44 GMT etag: "af24492c9928dbeb89f4539823771602" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: iej6P4wlMf6iYp9QKYEOhCsshlDcNA8GPA4zZUWVrnJPPwskFdYyLg== age: 26345 X-Firefox-Spdy: h2`

	d33t2t3w9vkbcw.cloudfront.net/assets_ua/loadingtab.gif	143.204.42.19	200 OK	79 kB
URL GET HTTP/2 d33t2t3w9vkbcw.cloudfront.net/assets_ua/loadingtab.gif IP 143.204.42.19:443 ASN #16509 AMAZON-02 Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type GIF image data, version 89a, 200 x 200 Size 79 kB (79350 bytes) Hash af24492c9928dbeb89f4539823771602 b24c17d56ab9aa6b20b5721a97ef6e7b527d941c a68751c0201528c2fdacf26806fc38ee7a8a4cfd9a51c08b878a318fa432524e HTTP Headers `GET /assets_ua/loadingtab.gif HTTP/1.1 Host: d33t2t3w9vkbcw.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/gif content-length: 79350 last-modified: Fri, 24 Nov 2023 10:05:53 GMT x-amz-version-id: null server: AmazonS3 date: Fri, 10 May 2024 04:58:16 GMT etag: "af24492c9928dbeb89f4539823771602" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: CImLwNRu6SEt5Syc2k8JnuhAnAHN7c5pIxgJfgi4UGY52JTLOKLsAQ== age: 10491 X-Firefox-Spdy: h2`

	d33t2t3w9vkbcw.cloudfront.net/loadingtab.gif	143.204.42.19	200 OK	79 kB
URL GET HTTP/2 d33t2t3w9vkbcw.cloudfront.net/loadingtab.gif IP 143.204.42.19:443 ASN #16509 AMAZON-02 Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type GIF image data, version 89a, 200 x 200 Size 79 kB (79350 bytes) Hash af24492c9928dbeb89f4539823771602 b24c17d56ab9aa6b20b5721a97ef6e7b527d941c a68751c0201528c2fdacf26806fc38ee7a8a4cfd9a51c08b878a318fa432524e HTTP Headers `GET /loadingtab.gif HTTP/1.1 Host: d33t2t3w9vkbcw.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/gif content-length: 79350 last-modified: Mon, 05 Feb 2024 11:17:30 GMT x-amz-version-id: null server: AmazonS3 date: Fri, 10 May 2024 00:34:44 GMT etag: "af24492c9928dbeb89f4539823771602" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: g2uQtPXX5iJnNE9aagvIxnXS0hp7B6rCcrU_GZPb80xi06HCCNBiag== age: 26345 X-Firefox-Spdy: h2`

	d21as39bximhir.cloudfront.net/NewThemesSDK/images/videobar-430.png	143.204.42.161	200 OK	9.4 kB
URL GET HTTP/2 d21as39bximhir.cloudfront.net/NewThemesSDK/images/videobar-430.png IP 143.204.42.161:443 ASN #16509 AMAZON-02 Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type PNG image data, 500 x 51, 8-bit/color RGBA, non-interlaced Size 9.4 kB (9363 bytes) Hash 810abc2da1cd75112901e2bde58cd0c2 a08763c9de6305efe49a397299100c23ea9b0a17 84ea634f70d0d304cbd5f3f4941c01806ffdbb1da450675853b27d95582e19fe HTTP Headers `GET /NewThemesSDK/images/videobar-430.png HTTP/1.1 Host: d21as39bximhir.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: image/png content-length: 9363 last-modified: Tue, 06 Feb 2024 18:28:05 GMT x-amz-version-id: null server: AmazonS3 date: Fri, 10 May 2024 05:49:12 GMT etag: "810abc2da1cd75112901e2bde58cd0c2" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: B5RaY4rHRtJ-xXyj54p4vZekirdPAgv2L6r050Rj94qP5ywR6eGzMA== age: 8130 X-Firefox-Spdy: h2`

	d21as39bximhir.cloudfront.net/NewThemesSDK/images/phone-411.png	143.204.42.161	200 OK	905 B
URL GET HTTP/2 d21as39bximhir.cloudfront.net/NewThemesSDK/images/phone-411.png IP 143.204.42.161:443 ASN #16509 AMAZON-02 Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type PNG image data, 72 x 128, 8-bit/color RGBA, non-interlaced Size 905 B (905 bytes) Hash a428a81265ed05424fa9edbf9d610c99 bf4eca237ecc5e0cc1c9075a99c6ca187a488f32 bc54c7d457b75be382c0314b5959499a0c2086b6c3e1f91f03c7975bb32ea0bf HTTP Headers `GET /NewThemesSDK/images/phone-411.png HTTP/1.1 Host: d21as39bximhir.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: image/png content-length: 905 last-modified: Thu, 11 Jan 2024 11:40:25 GMT x-amz-version-id: null server: AmazonS3 date: Fri, 10 May 2024 05:49:11 GMT etag: "a428a81265ed05424fa9edbf9d610c99" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: ETB4-QdkedOao7aP1weEaKwfNgUMJt9SlC0LDL2V435kvBh0DzYlEg== age: 14164 X-Firefox-Spdy: h2`

	d21as39bximhir.cloudfront.net/NewThemesSDK/images/img-430.png	143.204.42.161	200 OK	1.2 MB
URL GET HTTP/2 d21as39bximhir.cloudfront.net/NewThemesSDK/images/img-430.png IP 143.204.42.161:443 ASN #16509 AMAZON-02 Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type PNG image data, 1200 x 630, 8-bit/color RGB, non-interlaced Size 1.2 MB (1179113 bytes) Hash 4f5db488feea0fa8f13e3c19f36e7432 f76c22ccff58bd800a2da0b9928bb9afa34c94dd 6a73287752fbdc689f40257abfe4114656bdf3f860bd69e65ff405b1debdb433 HTTP Headers `GET /NewThemesSDK/images/img-430.png HTTP/1.1 Host: d21as39bximhir.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: image/png content-length: 1179113 last-modified: Tue, 06 Feb 2024 18:28:03 GMT x-amz-version-id: null server: AmazonS3 date: Fri, 10 May 2024 06:56:52 GMT etag: "4f5db488feea0fa8f13e3c19f36e7432" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: E9RwGKJpqO1QBeXIaRod6jHJ4j30EqBOSOgSRCRm3AZOgIWczLJZUA== age: 14164 X-Firefox-Spdy: h2`

	ocsp.r2m03.amazontrust.com/	54.230.218.11		471 B
URL ocsp.r2m03.amazontrust.com/ IP 54.230.218.11:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 4b8f98bbbf0bd9f7794aa933c52bd2b8 ae2a997337417e098eb41551b82d8a7d32efc91a 0e4d2fbeeb9238f0763f9a59f90b4e89ca2ff138cdd336036f96bc6d476a883d HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m03.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=7200 Date: Fri, 10 May 2024 07:51:50 GMT Last-Modified: Fri, 10 May 2024 07:14:49 GMT Server: ECAcc (ska/F6D2) X-Cache: Miss from cloudfront Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: XB-Mbob-i-WnKV0FK3XCaCePAxLq8lT5ukF8ezLu3iWv-D0PwsEZ3g== Age: 2222`

	ws.dcbprotect.com:8080/	52.50.5.81		0 B
URL ws.dcbprotect.com:8080/ IP 52.50.5.81:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: ws.dcbprotect.com:8080 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: https://d2vhk3w56tqrcl.cloudfront.net Sec-WebSocket-Protocol: echo-protocol Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: pBRtn0tDBuuLCpAgDRRpog== DNT: 1 Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols upgrade: websocket connection: Upgrade sec-websocket-accept: FHd9QaoJl47vLQQJ0/2LFpL4rdQ= sec-websocket-protocol: echo-protocol origin: https://d2vhk3w56tqrcl.cloudfront.net date: Fri, 10 May 2024 07:51:50 GMT`

	static.dcbprotect.com/f/img.ico	34.249.203.64	200 OK	2 B
URL GET HTTP/1.1 static.dcbprotect.com/f/img.ico IP 34.249.203.64:443 ASN #16509 AMAZON-02 Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerLet's Encrypt Subjectstatic.dcbprotect.com FingerprintDB:B9:04:50:3A:98:56:A3:7E:F2:B9:72:56:0B:FF:EB:52:DA:40:1A ValiditySun, 05 May 2024 06:05:56 GMT - Sat, 03 Aug 2024 06:05:55 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers GET /f/img.ico HTTP/1.1 Host: static.dcbprotect.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Language: A1279450407639382668606088884460486088024224280624 Origin: https://d2vhk3w56tqrcl.cloudfront.net DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Accept-Ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version, Viewport-Width, Width, Downlink Access-Control-Allow-Origin: * Cache-Control: no-cache Etag: 6d6b74ebe37daf0184a5fbf5de5e9e0ba09c7e137c2bfb0048a2774479206519e747ce4691025c6b65092901a536b9828f659a65a96bf99307b3f3122d4f33c7 Date: Fri, 10 May 2024 07:51:51 GMT Content-Length: 2 Content-Type: text/plain; charset=utf-8 Connection: close

	static.dcbprotect.com/f/img.ico	34.249.203.64	200 OK	2 B
URL GET HTTP/1.1 static.dcbprotect.com/f/img.ico IP 34.249.203.64:443 ASN #16509 AMAZON-02 Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerLet's Encrypt Subjectstatic.dcbprotect.com FingerprintDB:B9:04:50:3A:98:56:A3:7E:F2:B9:72:56:0B:FF:EB:52:DA:40:1A ValiditySun, 05 May 2024 06:05:56 GMT - Sat, 03 Aug 2024 06:05:55 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers GET /f/img.ico HTTP/1.1 Host: static.dcbprotect.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Language: A1279450407639382668606088884460486088024224280624 Origin: https://d2vhk3w56tqrcl.cloudfront.net DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Accept-Ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version, Viewport-Width, Width, Downlink Access-Control-Allow-Origin: * Cache-Control: no-cache Etag: 6d6b74ebe37daf0184a5fbf5de5e9e0ba09c7e137c2bfb0048a2774479206519e747ce4691025c6b65092901a536b9828f659a65a96bf99307b3f3122d4f33c7 Date: Fri, 10 May 2024 07:51:51 GMT Content-Length: 2 Content-Type: text/plain; charset=utf-8 Connection: close

	d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq	143.204.42.129	200 OK	151 kB
URL User Request GET HTTP/2 d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq IP 143.204.42.129:443 ASN #16509 AMAZON-02 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type Size 151 kB (151165 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq HTTP/1.1 Host: d2vhk3w56tqrcl.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK content-type: text/html; charset=UTF-8 vary: Accept-Encoding date: Fri, 10 May 2024 07:51:49 GMT x-powered-by: PHP/7.3.33 apigw-requestid: Xi3DXgkPliAEPig= content-encoding: gzip x-cache: Miss from cloudfront via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 6KanPQJVM5ardZd7uwk3wlNUbRZ7z7DIZExlwgwF3lHsEN1loVygFQ== X-Firefox-Spdy: h2`

	fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap	142.250.74.106	200 OK	22 kB
URL GET HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT File type ASCII text Size 22 kB (21726 bytes) Hash 9842b200db0dffb68c6b53eaacc8c0bc 66b0afafc96a0f5ae9dd9e969d0c407200cec696 90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7 HTTP Headers `GET /css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 10 May 2024 07:51:50 GMT date: Fri, 10 May 2024 07:51:50 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	d33t2t3w9vkbcw.cloudfront.net/assets_ua/demo-compiled.js	143.204.42.19	200 OK	513 kB
URL GET HTTP/2 d33t2t3w9vkbcw.cloudfront.net/assets_ua/demo-compiled.js IP 143.204.42.19:443 ASN #16509 AMAZON-02 Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (1338) Size 513 kB (512919 bytes) Hash c58866e4779f86f4c413bd2d1f092204 9ed9d95035d311f712229cdb8851d20040cd9cc4 ffed5622033f4cd3a2f93a5693a7445e11c67d60d587bc07ccbde2afb4b3d2d1 HTTP Headers `GET /assets_ua/demo-compiled.js HTTP/1.1 Host: d33t2t3w9vkbcw.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/javascript last-modified: Fri, 24 Nov 2023 10:05:50 GMT x-amz-version-id: null server: AmazonS3 content-encoding: gzip date: Fri, 10 May 2024 06:32:52 GMT etag: W/"c58866e4779f86f4c413bd2d1f092204" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: uxx_VFhHY_Pvy0B8gZicZnA66StyMe43VGGOHb6vqSv0z-ykq1i3KA== age: 17155 X-Firefox-Spdy: h2`

	notify.dcbprotect.com/A1279450407639382668606088884460486088024224280624	34.253.248.174	200 OK	0 B
URL POST HTTP/2 notify.dcbprotect.com/A1279450407639382668606088884460486088024224280624 IP 34.253.248.174:443 ASN #16509 AMAZON-02 Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerAmazon Subject.eu-west-1.prd.dcbprotect.com FingerprintB8:8F:C4:23:5B:B1:93:38:86:4C:70:7D:65:17:7F:88:D3:52:99:71 ValidityTue, 02 Apr 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /A1279450407639382668606088884460486088024224280624 HTTP/1.1 Host: notify.dcbprotect.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 15015 Origin: https://d2vhk3w56tqrcl.cloudfront.net DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Fri, 10 May 2024 07:51:51 GMT content-type: text/html; charset=UTF-8 access-control-allow-origin: * access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept content-encoding: gzip X-Firefox-Spdy: h2`

	d33t2t3w9vkbcw.cloudfront.net/jquery.min.js	143.204.42.19	200 OK	268 kB
URL GET HTTP/2 d33t2t3w9vkbcw.cloudfront.net/jquery.min.js IP 143.204.42.19:443 ASN #16509 AMAZON-02 Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type JavaScript source, ASCII text Size 268 kB (268038 bytes) Hash 9c3a8d5bf79a2b2c25b4d9f99fbf6db2 481a2ffd3f04c9bd3434f2798f3cee263b0d90a2 229e46dacf0660ed1687a853b0b9568e1410c92164579337336c83fc591bd4d2 HTTP Headers `GET /jquery.min.js HTTP/1.1 Host: d33t2t3w9vkbcw.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2vhk3w56tqrcl.cloudfront.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/javascript last-modified: Mon, 05 Feb 2024 11:17:30 GMT x-amz-version-id: null server: AmazonS3 content-encoding: gzip date: Fri, 10 May 2024 05:26:08 GMT etag: W/"9c3a8d5bf79a2b2c25b4d9f99fbf6db2" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 800FoLok7SsVcSPLYv6Uy6pESwzf1lctkgJmfGEzoOWse-ciYS6uLQ== age: 8784 X-Firefox-Spdy: h2`

	ws.dcbprotect.com:8080/	52.50.5.81	101 Switching Protocols	0 B
URL GET HTTP/1.1 ws.dcbprotect.com:8080/ IP 52.50.5.81:8080 ASN #16509 AMAZON-02 Requested by https://d2vhk3w56tqrcl.cloudfront.net/?SMCampaign=0ae73e5c-fb7a-43df-a5b4-bb4a152a0905&ClickID=812558009665335296&Pub_ID=8054054&Aff_ID=6973320&extra=0.005600&extra1=YOUR_Dynamic_Parameter_IF_Needed&utm_source=affiliate&utm_medium=cpc&utm_campaign=8054054&utm_content={adgroupid}&utm_term={keyword}&themeid=430&country=iq Certificate IssuerAmazon Subject.eu-west-1.prd.dcbprotect.com FingerprintB8:8F:C4:23:5B:B1:93:38:86:4C:70:7D:65:17:7F:88:D3:52:99:71 ValidityTue, 02 Apr 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: ws.dcbprotect.com:8080 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: https://d2vhk3w56tqrcl.cloudfront.net Sec-WebSocket-Protocol: echo-protocol Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: pBRtn0tDBuuLCpAgDRRpog== DNT: 1 Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols upgrade: websocket connection: Upgrade sec-websocket-accept: FHd9QaoJl47vLQQJ0/2LFpL4rdQ= sec-websocket-protocol: echo-protocol origin: https://d2vhk3w56tqrcl.cloudfront.net date: Fri, 10 May 2024 07:51:50 GMT`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML