ilimumf.com Open in urlscan Pro
3.125.239.17 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://limit-insurance.com/
Effective URL:
https://ilimumf.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3N0b3Jlc2VhcmNoLm5ldC9saW5rcz9pZHc9NzEzNjFcdTAwMjZzdWJpZD03ekh...
Submission: On July 22 via api (July 22nd 2024, 3:33:09 am UTC) from BE — Scanned from IT

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 8 domains to perform 9 HTTP transactions. The main IP is 3.125.239.17, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is ilimumf.com.
TLS certificate: Issued by R10 on June 24th 2024. Valid for: 3 months.

This is the only time ilimumf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	72.52.178.23 72.52.178.23	32244 (LIQUIDWEB) (LIQUIDWEB)
2 5	64.190.63.136 64.190.63.136	47846 (SEDO-AS) (SEDO-AS)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	52.22.173.18 52.22.173.18	14618 (AMAZON-AES) (AMAZON-AES)
1 1	172.67.161.46 172.67.161.46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.125.239.17 3.125.239.17	16509 (AMAZON-02) (AMAZON-02)
9	5

1 72.52.178.23 (United States) 1 redirects

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com

limit-insurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.190.63.136 (Germany) 2 redirects

ASN47846 (SEDO-AS, DE)

ww1.limit-insurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (New York, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.sedodna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.173.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-173-18.compute-1.amazonaws.com

heimi-lwx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
priam-hsj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.161.46 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

geotrkclknow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.239.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com

ilimumf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	limit-insurance.com 3 redirects limit-insurance.com ww1.limit-insurance.com	4 KB
2	ilimumf.com ilimumf.com	4 KB
1	geotrkclknow.com 1 redirects geotrkclknow.com	2 KB
1	priam-hsj.com priam-hsj.com — Cisco Umbrella Rank: 632916	1 KB
1	heimi-lwx.com heimi-lwx.com — Cisco Umbrella Rank: 312066	3 KB
1	sedodna.com 1 redirects xml.sedodna.com — Cisco Umbrella Rank: 318008	308 B
1	sedoparking.com img.sedoparking.com — Cisco Umbrella Rank: 50581	15 KB
0	storesearch.net Failed storesearch.net Failed
9	8

	Domain	Requested by
5	ww1.limit-insurance.com	2 redirects ww1.limit-insurance.com
2	ilimumf.com	priam-hsj.com
1	geotrkclknow.com	1 redirects
1	priam-hsj.com	heimi-lwx.com
1	heimi-lwx.com	ww1.limit-insurance.com
1	xml.sedodna.com	1 redirects
1	img.sedoparking.com
1	limit-insurance.com	1 redirects
0	storesearch.net Failed
9	9

This site contains links to these domains. Also see Links.

Domain
storesearch.net

Subject Issuer	Validity	Valid
zeropark.com Amazon RSA 2048 M02	`2024-06-11` - `2025-07-09`	a year	crt.sh
priam-hsj.com Amazon RSA 2048 M03	`2024-07-12` - `2025-08-10`	a year	crt.sh
ilimumf.com R10	`2024-06-24` - `2024-09-22`	3 months	crt.sh

This page contains 1 frames:

Frame: https://storesearch.net/links?idw=71361&subid=7zHiq4fuGNv6
Frame ID: 33631628FF856FF11C6880C776048883
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Redirection...

Page URL History Show full URLs

http://limit-insurance.com/ HTTP 307
https://limit-insurance.com/ HTTP 307
http://limit-insurance.com/ HTTP 302
http://ww1.limit-insurance.com/?usid=17&utid=33693416080 HTTP 307
https://ww1.limit-insurance.com/?usid=17&utid=33693416080 HTTP 307
http://ww1.limit-insurance.com/?usid=17&utid=33693416080 Page URL
http://ww1.limit-insurance.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DolPUpbqXC4o... HTTP 302
http://ww1.limit-insurance.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DolPUpbqXC4o... HTTP 302
http://xml.sedodna.com/click?i=olPUpbqXC4o_0 HTTP 307
https://xml.sedodna.com/click?i=olPUpbqXC4o_0 HTTP 302
http://heimi-lwx.com/zclkvisitor/1a6e9786-47db-11ef-b119-120cae531c73/9232f590-d991-493f-b95d-d38... HTTP 307
https://heimi-lwx.com/zclkvisitor/1a6e9786-47db-11ef-b119-120cae531c73/9232f590-d991-493f-b95d-d38... Page URL
https://priam-hsj.com/zclkredirect?visitid=1a6e9786-47db-11ef-b119-120cae531c73&type=js&browserWid... Page URL
https://geotrkclknow.com/rot/k5qYlA25FNmyRUip?extid=zr1a6e978647db11efb119120cae531c739bc8b28241d743a... HTTP 302
https://ilimumf.com/click?trvid=32496&extid=zr1a6e978647db11efb119120cae531c739bc8b28241d743ada4... Page URL
https://ilimumf.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3N0b3Jlc2VhcmNoLm5ldC9saW5rcz9pZHc9NzEzNjF... Page URL

Page Statistics

9
Requests

33 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

5
IPs

2
Countries

26 kB
Transfer

22 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://storesearch.net/links?idw=71361&subid=7zHiq4fuGNv6

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://limit-insurance.com/ HTTP 307
https://limit-insurance.com/ HTTP 307
http://limit-insurance.com/ HTTP 302
http://ww1.limit-insurance.com/?usid=17&utid=33693416080 HTTP 307
https://ww1.limit-insurance.com/?usid=17&utid=33693416080 HTTP 307
http://ww1.limit-insurance.com/?usid=17&utid=33693416080 Page URL
http://ww1.limit-insurance.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DolPUpbqXC4o_0&v=MGQzOGNhMDQxMjE1ZWRiM2U3NWZkZTExODViMmVlN2QJMQl3dzEubGltaXQtaW5zdXJhbmNlLmNvbTY2OWRkMmVmYWYyYTIwLjg1NzQ4Mjg3CXd3MS5saW1pdC1pbnN1cmFuY2UuY29tNjY5ZGQyZWZhZjJlNjEuNzYyNDMxMTkJMTcyMTYxOTE4NAlhZF82M18w&l=OAliMWIwYjBiZjlhMjBiZTgxZjBjMWZhOGM4MTg5NjQ4NwkwCTI3CTAJOWY3YjViMzU1NzA4ZGM1ZjZhZWJjOTk5NDgwYmQ1M2IJNTkzMjIxMzEzCWxpbWl0LWluc3VyYW5jZQkwCTYzCTExCTIxCTE3MjE2MTkxODQJMC4wMDE3NDcJTgkwCTEJMAkxMjA1CTU4MjE5MjI5NAkxODUuMTk4LjYyLjEyNgkw HTTP 302
http://ww1.limit-insurance.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DolPUpbqXC4o_0&v=MGQzOGNhMDQxMjE1ZWRiM2U3NWZkZTExODViMmVlN2QJMQl3dzEubGltaXQtaW5zdXJhbmNlLmNvbTY2OWRkMmVmYWYyYTIwLjg1NzQ4Mjg3CXd3MS5saW1pdC1pbnN1cmFuY2UuY29tNjY5ZGQyZWZhZjJlNjEuNzYyNDMxMTkJMTcyMTYxOTE4NAlhZF82M18w&l=OAliMWIwYjBiZjlhMjBiZTgxZjBjMWZhOGM4MTg5NjQ4NwkwCTI3CTAJOWY3YjViMzU1NzA4ZGM1ZjZhZWJjOTk5NDgwYmQ1M2IJNTkzMjIxMzEzCWxpbWl0LWluc3VyYW5jZQkwCTYzCTExCTIxCTE3MjE2MTkxODQJMC4wMDE3NDcJTgkwCTEJMAkxMjA1CTU4MjE5MjI5NAkxODUuMTk4LjYyLjEyNgkw HTTP 302
http://xml.sedodna.com/click?i=olPUpbqXC4o_0 HTTP 307
https://xml.sedodna.com/click?i=olPUpbqXC4o_0 HTTP 302
http://heimi-lwx.com/zclkvisitor/1a6e9786-47db-11ef-b119-120cae531c73/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7 HTTP 307
https://heimi-lwx.com/zclkvisitor/1a6e9786-47db-11ef-b119-120cae531c73/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7 Page URL
https://priam-hsj.com/zclkredirect?visitid=1a6e9786-47db-11ef-b119-120cae531c73&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome Page URL
https://geotrkclknow.com/rot/k5qYlA25FNmyRUip?extid=zr1a6e978647db11efb119120cae531c739bc8b28241d743ada460f27684dc135b083763495f27c4a0cc&cost=0.003500&targid=xray-uts-1exw7nenmg&sczp=porraceous-llama HTTP 302
https://ilimumf.com/click?trvid=32496&extid=zr1a6e978647db11efb119120cae531c739bc8b28241d743ada460f27684dc135b083763495f27c4a0cc&cost=0.003500&targid=xray-uts-1exw7nenmg&sczp=porraceous-llama&vsid=VWGS77XL&asid=as6cpdrfb&dsid=D781665 Page URL
https://ilimumf.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3N0b3Jlc2VhcmNoLm5ldC9saW5rcz9pZHc9NzEzNjFcdTAwMjZzdWJpZD03ekhpcTRmdUdOdjYiLCJSZWRpcmVjdFdvcmRpbmciOiIgIiwiUmVkaXJlY3RUaXRsZSI6IlJlZGlyZWN0aW9uLi4uIiwiUmVkaXJlY3RMaW5rVGV4dCI6IiAiLCJJbnN0YWxsSWQiOjIwMDF9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://limit-insurance.com/ HTTP 307
https://limit-insurance.com/ HTTP 307
http://limit-insurance.com/ HTTP 302
http://ww1.limit-insurance.com/?usid=17&utid=33693416080 HTTP 307
https://ww1.limit-insurance.com/?usid=17&utid=33693416080 HTTP 307
http://ww1.limit-insurance.com/?usid=17&utid=33693416080

Request Chain 4

http://ww1.limit-insurance.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DolPUpbqXC4o_0&v=MGQzOGNhMDQxMjE1ZWRiM2U3NWZkZTExODViMmVlN2QJMQl3dzEubGltaXQtaW5zdXJhbmNlLmNvbTY2OWRkMmVmYWYyYTIwLjg1NzQ4Mjg3CXd3MS5saW1pdC1pbnN1cmFuY2UuY29tNjY5ZGQyZWZhZjJlNjEuNzYyNDMxMTkJMTcyMTYxOTE4NAlhZF82M18w&l=OAliMWIwYjBiZjlhMjBiZTgxZjBjMWZhOGM4MTg5NjQ4NwkwCTI3CTAJOWY3YjViMzU1NzA4ZGM1ZjZhZWJjOTk5NDgwYmQ1M2IJNTkzMjIxMzEzCWxpbWl0LWluc3VyYW5jZQkwCTYzCTExCTIxCTE3MjE2MTkxODQJMC4wMDE3NDcJTgkwCTEJMAkxMjA1CTU4MjE5MjI5NAkxODUuMTk4LjYyLjEyNgkw HTTP 302
http://ww1.limit-insurance.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DolPUpbqXC4o_0&v=MGQzOGNhMDQxMjE1ZWRiM2U3NWZkZTExODViMmVlN2QJMQl3dzEubGltaXQtaW5zdXJhbmNlLmNvbTY2OWRkMmVmYWYyYTIwLjg1NzQ4Mjg3CXd3MS5saW1pdC1pbnN1cmFuY2UuY29tNjY5ZGQyZWZhZjJlNjEuNzYyNDMxMTkJMTcyMTYxOTE4NAlhZF82M18w&l=OAliMWIwYjBiZjlhMjBiZTgxZjBjMWZhOGM4MTg5NjQ4NwkwCTI3CTAJOWY3YjViMzU1NzA4ZGM1ZjZhZWJjOTk5NDgwYmQ1M2IJNTkzMjIxMzEzCWxpbWl0LWluc3VyYW5jZQkwCTYzCTExCTIxCTE3MjE2MTkxODQJMC4wMDE3NDcJTgkwCTEJMAkxMjA1CTU4MjE5MjI5NAkxODUuMTk4LjYyLjEyNgkw HTTP 302
http://xml.sedodna.com/click?i=olPUpbqXC4o_0 HTTP 307
https://xml.sedodna.com/click?i=olPUpbqXC4o_0 HTTP 302
http://heimi-lwx.com/zclkvisitor/1a6e9786-47db-11ef-b119-120cae531c73/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7 HTTP 307
https://heimi-lwx.com/zclkvisitor/1a6e9786-47db-11ef-b119-120cae531c73/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7

Request Chain 6

https://geotrkclknow.com/rot/k5qYlA25FNmyRUip?extid=zr1a6e978647db11efb119120cae531c739bc8b28241d743ada460f27684dc135b083763495f27c4a0cc&cost=0.003500&targid=xray-uts-1exw7nenmg&sczp=porraceous-llama HTTP 302
https://ilimumf.com/click?trvid=32496&extid=zr1a6e978647db11efb119120cae531c739bc8b28241d743ada460f27684dc135b083763495f27c4a0cc&cost=0.003500&targid=xray-uts-1exw7nenmg&sczp=porraceous-llama&vsid=VWGS77XL&asid=as6cpdrfb&dsid=D781665

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
ww1.limit-insurance.com/
Redirect Chain

http://limit-insurance.com/
https://limit-insurance.com/
http://limit-insurance.com/
http://ww1.limit-insurance.com/?usid=17&utid=33693416080
https://ww1.limit-insurance.com/?usid=17&utid=33693416080
http://ww1.limit-insurance.com/?usid=17&utid=33693416080

2 KB
2 KB

802ms
730ms

Document
text/html

64.190.63.136
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1.limit-insurance.com/?usid=17&utid=33693416080
Protocol: HTTP/1.1
Server: 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Jul 2024 03:33:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 22 Jul 2024 03:33:03 GMT
pragma: no-cache
server: Parking/1.0
transfer-encoding: chunked
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_Z+nMkXt/1R+I8dG4CXqO+ggm1LstAwnz8oMhZyE6k4Hic0w7JuMkwqnFrcrn2YsVaxhRjET3Rd6hs7uCSbwMxw==
x-cache-miss-from: parking-7dd794b687-j9wwm

Redirect headers

Location: http://ww1.limit-insurance.com/?usid=17&utid=33693416080
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 441 js_preloader.gif
ww1.limit-insurance.com/img.sedoparking.com/images/ 0
94 B 88ms
86ms Image
text/plain 64.190.63.136
SEDO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww1.limit-insurance.com/img.sedoparking.com/images/js_preloader.gif
Requested by: Host: ww1.limit-insurance.com
URL: http://ww1.limit-insurance.com/?usid=17&utid=33693416080
Protocol: HTTP/1.1
Server: 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash

Request headers

Referer: http://ww1.limit-insurance.com/?usid=17&utid=33693416080
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 03:33:04 GMT
content-length: 0
server: Parking/1.0

GET
H/1.1 200
OK tsc.php
ww1.limit-insurance.com/search/ 0
181 B 83ms
83ms XHR
text/html 64.190.63.136
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1.limit-insurance.com/search/tsc.php?200=NTkzMjIxMzEz&21=MTg1LjE5OC42Mi4xMjY=&681=MTcyMTYxOTE4NDViOTRkNDA3NDMyMDc4OWY5YjBjODdlODUyOTM5NDVi&crc=1f4f5db4d7913eecc06b5d9f69a1c3b3d4d48490&cv=1
Requested by: Host: ww1.limit-insurance.com
URL: http://ww1.limit-insurance.com/?usid=17&utid=33693416080
Protocol: HTTP/1.1
Server: 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash

Request headers

Referer: http://ww1.limit-insurance.com/?usid=17&utid=33693416080
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 03:33:04 GMT
x-cache-miss-from: parking-7dd794b687-hfxxc
server: Parking/1.0
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sedo_logo.png
img.sedoparking.com/templates/logos/ 15 KB
15 KB 126ms
114ms Other
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: http://img.sedoparking.com/templates/logos/sedo_logo.png
Protocol: HTTP/1.1
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash

Request headers

Referer: http://ww1.limit-insurance.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 03:33:04 GMT
x-cf-tsc: 1718797536
X-CF3: H
CF4ttl: 31533602.000
X-CF1: 11696:fB.fra2:cf:nom:cacheN.fra2-01:H
X-CF-ReqID: ed5b04c688e16706ff7da1003d41f59c
Connection: keep-alive
Content-Length: 15086
X-CF2: H
Last-Modified: Mon, 11 Jan 2021 07:44:34 GMT
Server: CFS 1124
X-CFF: B
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CFHash: "def00c11b1596db4efee6a9fbe64fc27"
Cache-Control: max-age=604800
CF4Age: 2397
Accept-Ranges: bytes
Expires: Mon, 29 Jul 2024 03:33:04 GMT

GET
H2

200

9232f590-d991-493f-b95d-d38c0c6cdd28 Show response
heimi-lwx.com/zclkvisitor/1a6e9786-47db-11ef-b119-120cae531c73/
Redirect Chain

http://ww1.limit-insurance.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DolPUpbqXC4o_0&v=MGQzOGNhMDQxMjE1ZWRiM2U3NWZkZTExODViMmVlN2QJMQl3dzEubGltaXQtaW5zdXJhbmNlLmNvbTY2OWRkM...
http://ww1.limit-insurance.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DolPUpbqXC4o_0&v=MGQzOGNhMDQxMjE1ZWRiM2U3NWZkZTExODViMmVlN2QJMQl3dzEubGltaXQtaW5zdXJhbmNlLmNvbTY2OWRkM...
http://xml.sedodna.com/click?i=olPUpbqXC4o_0
https://xml.sedodna.com/click?i=olPUpbqXC4o_0
http://heimi-lwx.com/zclkvisitor/1a6e9786-47db-11ef-b119-120cae531c73/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7
https://heimi-lwx.com/zclkvisitor/1a6e9786-47db-11ef-b119-120cae531c73/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7

3 KB
3 KB

663ms
132ms

Document
text/html

52.22.173.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://heimi-lwx.com/zclkvisitor/1a6e9786-47db-11ef-b119-120cae531c73/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7

Requested by

Host: ww1.limit-insurance.com
URL: http://ww1.limit-insurance.com/?usid=17&utid=33693416080

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.173.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-173-18.compute-1.amazonaws.com

Software

Resource Hash

5b75e3461ef63242c91a24168d6f506ac3f5cb9dda68207f63c653b3f6b837f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: http://ww1.limit-insurance.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 3088
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Mon, 22 Jul 2024 03:33:06 GMT
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Location: https://heimi-lwx.com/zclkvisitor/1a6e9786-47db-11ef-b119-120cae531c73/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 zclkredirect
priam-hsj.com/ 619 B
1 KB 463ms
128ms Document
text/html 52.22.173.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://priam-hsj.com/zclkredirect?visitid=1a6e9786-47db-11ef-b119-120cae531c73&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome

Requested by

Host: heimi-lwx.com
URL: https://heimi-lwx.com/zclkvisitor/1a6e9786-47db-11ef-b119-120cae531c73/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=e93d8640-4dca-11ee-8404-123f4a2b6bb7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.173.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-173-18.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: https://heimi-lwx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 619
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Mon, 22 Jul 2024 03:33:07 GMT
redirected: JS
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'

GET
H2

200

click Show response
ilimumf.com/
Redirect Chain

https://geotrkclknow.com/rot/k5qYlA25FNmyRUip?extid=zr1a6e978647db11efb119120cae531c739bc8b28241d743ada460f27684dc135b083763495f27c4a0cc&cost=0.003500&targid=xray-uts-1exw7nenmg&sczp=porraceous-llama
https://ilimumf.com/click?trvid=32496&extid=zr1a6e978647db11efb119120cae531c739bc8b28241d743ada460f27684dc135b083763495f27c4a0cc&cost=0.003500&targid=xray-uts-1exw7nenmg&sczp=porraceous-llama&vsid=...

997 B
3 KB

281ms
55ms

Document
text/html

3.125.239.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ilimumf.com/click?trvid=32496&extid=zr1a6e978647db11efb119120cae531c739bc8b28241d743ada460f27684dc135b083763495f27c4a0cc&cost=0.003500&targid=xray-uts-1exw7nenmg&sczp=porraceous-llama&vsid=VWGS77XL&asid=as6cpdrfb&dsid=D781665
Requested by: Host: priam-hsj.com
URL: https://priam-hsj.com/zclkredirect?visitid=1a6e9786-47db-11ef-b119-120cae531c73&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.125.239.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0aa8b574ce920d1f521f345b41c11a3ff4a4968b3c28fe018fb40c9ffe11dcbf

Request headers

Referer: https://priam-hsj.com/zclkredirect?visitid=1a6e9786-47db-11ef-b119-120cae531c73&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length: 997
content-type: text/html; charset=utf-8
date: Mon, 22 Jul 2024 03:33:08 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8a705e14af7f0fee-MRS
content-type: text/html; charset=utf-8
date: Mon, 22 Jul 2024 03:33:08 GMT
location: https://ilimumf.com/click?trvid=32496&extid=zr1a6e978647db11efb119120cae531c739bc8b28241d743ada460f27684dc135b083763495f27c4a0cc&cost=0.003500&targid=xray-uts-1exw7nenmg&sczp=porraceous-llama&vsid=VWGS77XL&asid=as6cpdrfb&dsid=D781665
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yivNbk869cxv%2FVx8HTD1SHcb2Pev6eY09do2Vf3OlPwy2NIjh8X%2FuQvXedw4hNp4T7PDnZcN0AZIaVi0ltTA7P5R8jh%2BoWQ5UuYC8QVhZDiwgS0sFhtQ1%2F1gVqol7oe5sijN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 Primary Request double Show response
ilimumf.com/ 640 B
820 B 42ms
40ms Document
text/html 3.125.239.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ilimumf.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3N0b3Jlc2VhcmNoLm5ldC9saW5rcz9pZHc9NzEzNjFcdTAwMjZzdWJpZD03ekhpcTRmdUdOdjYiLCJSZWRpcmVjdFdvcmRpbmciOiIgIiwiUmVkaXJlY3RUaXRsZSI6IlJlZGlyZWN0aW9uLi4uIiwiUmVkaXJlY3RMaW5rVGV4dCI6IiAiLCJJbnN0YWxsSWQiOjIwMDF9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.125.239.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dcbd42d97d60777c55d14bb4a098b045a5641a347ce6a2bdd77f62dd9ad94e29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length: 640
content-type: text/html; charset=utf-8
date: Mon, 22 Jul 2024 03:33:08 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: nginx

GET links
storesearch.net/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: storesearch.net
URL: https://storesearch.net/links?idw=71361&subid=7zHiq4fuGNv6

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ilimumf.com/	1970-01-20 22:56:51	Name: ClickDataNG Value: H4sIAAAAAAAA_7SU32_bNhDH_xXjnlpAkUX9oGQNRpElQBrUKYYl_fEwYKDIk82FIjWSUuy0_d8HSooXFHvdk83vfUneHT-nbzCiddJoqIHESZxABP7UI9RJBG5oHl7-c6NHtB4F1C1TDiPgSvLHWwE1lM_v5d95O9x8HClEIJhHqEmZEko2pKoi4Kzrmdzr4M7SfEMjkO7qt8vzWdZ45qWZDEWZ5xHYQWFYJRFYFNIi93foDyYYInBmsHyKZ1kEimkh9X6xL6tPVkENEIFpW7QhtimrJILGMs0Pi3eKzc6D972r12vnjUWHzPJDrNGvldSP7p0UT9uSZJT8MSRJSt3QSLH9qW5unIc6iZMkK0LWI-phbl7PTmbw_954NViLmp-ghk_31xDBYOWrFKSS3dC1MTfdeuryO29HKbZT6-YE8Oil2D5bwihuyormpWgIwbYhZEPShDMsMsLLbNPwqkmrNCeizDMmWE6TNi1plQtOsqJJqqykWb4p2rTkOUs4n88PtWznUpJkljyzeym2R8tOF4N3FwSPT6VG3e2XnvDnftsbaxlHM7gLpVjH5tDopNh-_nJzX5Zfd7PEgsQc5b2wbTNrImjXZUUoLSAC2V8KYdG5wGZVxGRTxTSNSUpfB-n8yoNDe7lH7aGGO_MslWLrIk5Wb74S8stqJ_VwXB0r-ifN364u-17hF2w-SL8usjLO6OrNh_cPd7topeQjrm6QP5q3q6uDNR2uSUrDYMTJ6p61zMplC4QnbtGihRp6K1l3cXB_hTcLI4Cj5HgeHhNKmHIIPLrP55GDwKN5ctMh833n3b9apsXsmYU7I1C9Fj6yDuc1n6-CK9YoXF_f70KHXA813CjTMLX63Qwe7QTpoL0N5N0-TCXs50xuH75_35muYVacgk3606LeScU0BIgtan8VeFwGy8q91Lv-leQt047xeZQd1HpQKgI-OG86qL8tIwIvYEEEePRoNVPTh-T_4BkiGJM5u5FADf_BbwiliyULr_kTxEHPl3ix_C7YjSXU8EJ2WFdQwxnrIGyghhemf_z4JwAA__9cCEqUcAUAAA==
			ilimumf.com/	1970-01-20 22:56:51	Name: ClickDataNgFall Value: H4sIAAAAAAAA_7SU32_bNhDH_xXjnlpAkUX9oGQNRpElQBrUKYYl_fEwYKDIk82FIjWSUuy0_d8HSooXFHvdk83vfUneHT-nbzCiddJoqIHESZxABP7UI9RJBG5oHl7-c6NHtB4F1C1TDiPgSvLHWwE1lM_v5d95O9x8HClEIJhHqEmZEko2pKoi4Kzrmdzr4M7SfEMjkO7qt8vzWdZ45qWZDEWZ5xHYQWFYJRFYFNIi93foDyYYInBmsHyKZ1kEimkh9X6xL6tPVkENEIFpW7QhtimrJILGMs0Pi3eKzc6D972r12vnjUWHzPJDrNGvldSP7p0UT9uSZJT8MSRJSt3QSLH9qW5unIc6iZMkK0LWI-phbl7PTmbw_954NViLmp-ghk_31xDBYOWrFKSS3dC1MTfdeuryO29HKbZT6-YE8Oil2D5bwihuyormpWgIwbYhZEPShDMsMsLLbNPwqkmrNCeizDMmWE6TNi1plQtOsqJJqqykWb4p2rTkOUs4n88PtWznUpJkljyzeym2R8tOF4N3FwSPT6VG3e2XnvDnftsbaxlHM7gLpVjH5tDopNh-_nJzX5Zfd7PEgsQc5b2wbTNrImjXZUUoLSAC2V8KYdG5wGZVxGRTxTSNSUpfB-n8yoNDe7lH7aGGO_MslWLrIk5Wb74S8stqJ_VwXB0r-ifN364u-17hF2w-SL8usjLO6OrNh_cPd7topeQjrm6QP5q3q6uDNR2uSUrDYMTJ6p61zMplC4QnbtGihRp6K1l3cXB_hTcLI4Cj5HgeHhNKmHIIPLrP55GDwKN5ctMh833n3b9apsXsmYU7I1C9Fj6yDuc1n6-CK9YoXF_f70KHXA813CjTMLX63Qwe7QTpoL0N5N0-TCXs50xuH75_35muYVacgk3606LeScU0BIgtan8VeFwGy8q91Lv-leQt047xeZQd1HpQKgI-OG86qL8tIwIvYEEEePRoNVPTh-T_4BkiGJM5u5FADf_BbwiliyULr_kTxEHPl3ix_C7YjSXU8EJ2WFdQwxnrIGyghhemf_z4JwAA__9cCEqUcAUAAA==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://ww1.limit-insurance.com/img.sedoparking.com/images/js_preloader.gif Message: Failed to load resource: the server responded with a status of 441 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

geotrkclknow.com
heimi-lwx.com
ilimumf.com
img.sedoparking.com
limit-insurance.com
priam-hsj.com
storesearch.net
ww1.limit-insurance.com
xml.sedodna.com
storesearch.net
172.67.161.46
173.239.53.32
205.234.175.175
3.125.239.17
52.22.173.18
64.190.63.136
72.52.178.23
0aa8b574ce920d1f521f345b41c11a3ff4a4968b3c28fe018fb40c9ffe11dcbf
5b75e3461ef63242c91a24168d6f506ac3f5cb9dda68207f63c653b3f6b837f2
dcbd42d97d60777c55d14bb4a098b045a5641a347ce6a2bdd77f62dd9ad94e29

ilimumf.com Open in urlscan Pro 3.125.239.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

33 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

5 IPs

2 Countries

26 kBTransfer

22 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

ilimumf.com Open in urlscan Pro
3.125.239.17 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

33 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

5
IPs

2
Countries

26 kB
Transfer

22 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions