urlscan.io logo urlscan.io
SecurityTrails logo

r.linksprf.com Open in urlscan Pro
63.33.119.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://py.appleidapple.com/
Effective URL: https://r.linksprf.com/v2/go?t=1t3pa%3A8%2Fdt8g5.ee4keofrbu3.dea%2F1i%3DeIeurrhhoi.bsp1F2%250o8.9c9t6l.ni-%3DaPrDvtwN.v...
Submission: On August 30 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 13 HTTP transactions. The main IP is 63.33.119.172, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is r.linksprf.com. The Cisco Umbrella rank of the primary domain is 103090.
TLS certificate: Issued by R11 on June 21st 2024. Valid for: 3 months.
This is the only time r.linksprf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.178.50 61969 (TEAMINTER...)
1 18.66.121.190 16509 (AMAZON-02)
1 2 34.202.155.158 14618 (AMAZON-AES)
2 85.13.154.109 34788 (NMM-AS D)
1 142.250.185.200 15169 (GOOGLE)
1 2 63.33.119.172 16509 (AMAZON-02)
13 7
4    185.53.178.50 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
py.appleidapple.com
1    18.66.121.190 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-190.fra60.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    34.202.155.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-155-158.compute-1.amazonaws.com
heimi-lwx.com
bhask-bbh.com
2    85.13.154.109 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd37834.kasserver.com
2.ew-verlag-analytics.com
1    142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net
www.googletagmanager.com
2    63.33.119.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-119-172.eu-west-1.compute.amazonaws.com
r.linksprf.com
Apex Domain
Subdomains		 Transfer
4 appleidapple.com
py.appleidapple.com
3 KB
2 linksprf.com
r.linksprf.com — Cisco Umbrella Rank: 103090
3 KB
2 ew-verlag-analytics.com
2.ew-verlag-analytics.com
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 Failed
105 KB
1 bhask-bbh.com
bhask-bbh.com
681 B
1 heimi-lwx.com
heimi-lwx.com — Cisco Umbrella Rank: 312066
3 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
0 kelkoogroup.net Failed
it-go.kelkoogroup.net Failed
13 8
Domain Requested by
4 py.appleidapple.com d38psrni17bvxu.cloudfront.net
py.appleidapple.com
2 r.linksprf.com 1 redirects 2.ew-verlag-analytics.com
2 2.ew-verlag-analytics.com heimi-lwx.com
2.ew-verlag-analytics.com
1 www.googletagmanager.com 2.ew-verlag-analytics.com
1 bhask-bbh.com 1 redirects
1 heimi-lwx.com py.appleidapple.com
1 d38psrni17bvxu.cloudfront.net py.appleidapple.com
0 it-go.kelkoogroup.net Failed r.linksprf.com
13 8

This site contains no links.

Subject Issuer Validity Valid
py.appleidapple.com
R11		 2024-08-30 -
2024-11-28		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
zeropark.com
Amazon RSA 2048 M02		 2024-06-11 -
2025-07-09		 a year crt.sh
2.ew-verlag-analytics.com
R10		 2024-06-28 -
2024-09-26		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
linksprf.com
R11		 2024-06-21 -
2024-09-19		 3 months crt.sh

This page contains 1 frames:

Frame: https://it-go.kelkoogroup.net/sitesearchGo?.ts=1725038594966&.sig=lPMD1tbNNvy137sFOh0yY3JKdKg-&affiliationId=96966630&comId=100523782&country=it&offerId=32ab055fcc3ccb82b3e74a23e7cf5314&searchId=1076100371009183_1725038594868_4928663&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000164788c5ef2e99d1448b2bbffc81d07f1404b&publisherTrafficType=content&originReferer=https%3A%2F%2F2.ew-verlag-analytics.com%2F&publisherSubId=512afd93dbff4e04aeb5984d583af311
Frame ID: 7BDD02C1CF38FC256396442FF166B296
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Please wait

Page URL History Show full URLs

  1. https://py.appleidapple.com/ Page URL
  2. http://heimi-lwx.com/zclkvisitor/4ca4d4f0-66fb-11ef-805e-0affec5a1cd9/85aefdc2-9ed0-48aa-922d-60f... HTTP 307
    https://heimi-lwx.com/zclkvisitor/4ca4d4f0-66fb-11ef-805e-0affec5a1cd9/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://bhask-bbh.com/zclkredirect?visitid=4ca4d4f0-66fb-11ef-805e-0affec5a1cd9&type=js&browserWid... HTTP 302
    https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clic... Page URL
  4. https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=sexyavenue.com&country=IT&clickid=zr4ca4d4f066fb1... Page URL
  5. https://r.linksprf.com/v1/redirect?type=linkId&id=f1358b0797ff440f8d5bfa00eadb9fb1&api_key=1e7fb0dd... HTTP 302
    https://r.linksprf.com/v2/go?t=1t3pa%3A8%2Fdt8g5.ee4keofrbu3.dea%2F1i%3DeIeurrhhoi.bsp1F2%250o8.9c9... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

13
Requests

69 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

116 kB
Transfer

333 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://py.appleidapple.com/ Page URL
  2. http://heimi-lwx.com/zclkvisitor/4ca4d4f0-66fb-11ef-805e-0affec5a1cd9/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff HTTP 307
    https://heimi-lwx.com/zclkvisitor/4ca4d4f0-66fb-11ef-805e-0affec5a1cd9/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff Page URL
  3. https://bhask-bbh.com/zclkredirect?visitid=4ca4d4f0-66fb-11ef-805e-0affec5a1cd9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome HTTP 302
    https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zr4ca4d4f066fb11ef805e0affec5a1cd97bb4d8f4e1574420bcec793794ed816e084714714810de6b83&keyword=apple&traffic_type=DOMAIN&visit_cost=0.018000&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux&region=MILANO&source=lateritious-falcon&target=november-our-1ewgr7pned&visitor_type=NON-ADULT Page URL
  4. https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=sexyavenue.com&country=IT&clickid=zr4ca4d4f066fb11ef805e0affec5a1cd97bb4d8f4e1574420bcec793794ed816e084714714810de6b83 Page URL
  5. https://r.linksprf.com/v1/redirect?type=linkId&id=f1358b0797ff440f8d5bfa00eadb9fb1&api_key=1e7fb0ddf65d39c10211469ba4e9dd3a&site_id=512afd93dbff4e04aeb5984d583af311&dch=feed&ad_t=advertiser&url=sexyavenue.com&country=IT&type=url&source=ew-verlag.de&yk_tag=zr4ca4d4f066fb11ef805e0affec5a1cd97bb4d8f4e1574420bcec793794ed816e084714714810de6b83 HTTP 302
    https://r.linksprf.com/v2/go?t=1t3pa%3A8%2Fdt8g5.ee4keofrbu3.dea%2F1i%3DeIeurrhhoi.bsp1F2%250o8.9c9t6l.ni-%3DaPrDvtwN.vF1%2572FAh%25yp3tK%3DKe-eaefnlgari%26nndt9o9%3D6p3T%26iofIr%3Dr0h5i3b8p%26bo0n1r7%3Ddt8offbr2d834ad0952ce3cc884b1e04423evcd5k1i%26Ceershldu1%267u1t0s7a0a9d8d_a7b5c315e4d68_-9f8964%26be-v6cd%3D469t3k8n%3DdI1e3oe%26e3-e6ibr4s53-62244a8589948c0b2%261d3e1P0r1m3%3D0r6e0p%3DbIicharsl4c3If%3D7030a0703627b8c5cffe59b124%3DbIbeffc%261i0yft4u4c%262u7l2s0e1Tdamfcc0y6e6c6n%3DeItootiiiiRff%26rgrdhJtYs03O%25sF32y2Neb-1eMllggasa%26y6i4s5c3m527%26%3Dutl%3FsGecSabsdt5s2tfn9pdofg4o0lakbo9-4i5%2F3sft1h&s=https%3A%2F%2F2.ew-verlag-analytics.com%2F&e=1&ai=4972060b9b5f40e3ba610d441e13d529&sct=1&ct=1725041502066&cu=8c5ef2e99d1448b2bbffc81d07f1404b&cs=b21d34a24515506936a6424503c7830e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://heimi-lwx.com/zclkvisitor/4ca4d4f0-66fb-11ef-805e-0affec5a1cd9/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff HTTP 307
  • https://heimi-lwx.com/zclkvisitor/4ca4d4f0-66fb-11ef-805e-0affec5a1cd9/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff
Request Chain 6
  • https://bhask-bbh.com/zclkredirect?visitid=4ca4d4f0-66fb-11ef-805e-0affec5a1cd9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome HTTP 302
  • https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zr4ca4d4f066fb11ef805e0affec5a1cd97bb4d8f4e1574420bcec793794ed816e084714714810de6b83&keyword=apple&traffic_type=DOMAIN&visit_cost=0.018000&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux&region=MILANO&source=lateritious-falcon&target=november-our-1ewgr7pned&visitor_type=NON-ADULT

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
py.appleidapple.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://py.appleidapple.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.50 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy nginx /
Resource Hash
38a0e1b8391b7f004897d2a915fc48a42bf8c4e488cf3135955e455dfe4d4fa3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":8443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 30 Aug 2024 18:11:38 GMT
host
{http.reverse_proxy.upstream.hostport}
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_sL68fJ3ad7I5aLRO3PE+WI6uJbfFpB8d2FmNLlf5S8mDwZUajoUt5pOa3HXxDaTVo03RYqHHiP5vEmGuSP6smQ==
x-buckets
bucket011
x-domain
appleidapple.com
x-forwarded-host
py.appleidapple.com
x-language
italian
x-redirect
zeropark_zeroclick
x-ssl-c
v1
x-ssl-proxy
v3
x-subdomain
py
x-template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: py.appleidapple.com
URL: https://py.appleidapple.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-121-190.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

Referer
https://py.appleidapple.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 04:36:43 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
age
48895
etag
"65fc1e7b-448"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1096
x-amz-cf-id
Lh2O5dJ8NH9nYNL3T13q6u5TEd0aiksoR3f6RnluRb8Jlnn02obpkQ==
track.php
py.appleidapple.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://py.appleidapple.com/track.php?domain=appleidapple.com&toggle=browserjs&uid=MTcyNTA0MTQ5Ny44ODM3Ojc1MGQ0ZWQ3M2EyZjY0ZDIzZTI3NTk0YzM4NTY4MTZjOTA1ZDlmMWIwOWE0OTIxMWNlZjUwNDVlM2UwZTI0M2I6NjZkMjBiNTlkN2JjNA%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.50 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

device-memory
8
rtt
200
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://py.appleidapple.com/
dpr
1
downlink
10
ect
4g

Response headers

date
Fri, 30 Aug 2024 18:11:38 GMT
content-encoding
gzip
x-ssl-proxy
v3
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
x-custom-track
browserjs
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-forwarded-host
py.appleidapple.com
x-ssl-c
v1
alt-svc
h3=":8443"; ma=2592000
ls.php
py.appleidapple.com/ 		16 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://py.appleidapple.com/ls.php?t=66d20b5a&token=07a7c044166b2d6d440d1c42f5f24d1d32a39a85
Requested by
Host: py.appleidapple.com
URL: https://py.appleidapple.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.50 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

device-memory
8
rtt
150
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://py.appleidapple.com/
dpr
1
downlink
10
ect
4g

Response headers

date
Fri, 30 Aug 2024 18:11:38 GMT
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_QSLxZEaVCsFOWKxbiTSxny7XabkEzm06doqslmDgx8C5cXvom51WkT9YvF1s3i4OMUGbEb0R3+hHUjrke4eCfQ==
x-ssl-c
v1
alt-svc
h3=":8443"; ma=2592000
x-ssl-proxy
v3
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
accept-ch-lifetime
30
charset
utf-8
x-forwarded-host
py.appleidapple.com
x-log-success
66d20b5aa24bef76ae0c0982
track.php
py.appleidapple.com/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://py.appleidapple.com/track.php?click=be040c2a9818d4929be142d49a673c3cd7644887&domain=appleidapple.com&uid=MTcyNTA0MTQ5Ny44ODM3Ojc1MGQ0ZWQ3M2EyZjY0ZDIzZTI3NTk0YzM4NTY4MTZjOTA1ZDlmMWIwOWE0OTIxMWNlZjUwNDVlM2UwZTI0M2I6NjZkMjBiNTlkN2JjNA%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NmQyMGI1OWQ3YjkzfHx8MTcyNTA0MTQ5OC4xODAxfGVhODQ5YzViZjA3YjEyNjEzNDgxZjQ5MzQ1M2ZhY2I3MTM3NmM0YjV8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwwN2E3YzA0NDE2NmIyZDZkNDQwZDFjNDJmNWYyNGQxZDMyYTM5YTg1fDB8fDB8MHx8fA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.50 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

device-memory
8
rtt
150
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://py.appleidapple.com/
dpr
1
downlink
10
ect
4g

Response headers

date
Fri, 30 Aug 2024 18:11:38 GMT
content-encoding
gzip
x-ssl-proxy
v3
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
x-custom-track
none
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-forwarded-host
py.appleidapple.com
x-ssl-c
v1
x-view-match
true
alt-svc
h3=":8443"; ma=2592000
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
heimi-lwx.com/zclkvisitor/4ca4d4f0-66fb-11ef-805e-0affec5a1cd9/
Redirect Chain
  • http://heimi-lwx.com/zclkvisitor/4ca4d4f0-66fb-11ef-805e-0affec5a1cd9/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff
  • https://heimi-lwx.com/zclkvisitor/4ca4d4f0-66fb-11ef-805e-0affec5a1cd9/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heimi-lwx.com/zclkvisitor/4ca4d4f0-66fb-11ef-805e-0affec5a1cd9/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff
Requested by
Host: py.appleidapple.com
URL: https://py.appleidapple.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.155.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-155-158.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://py.appleidapple.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Fri, 30 Aug 2024 18:11:39 GMT

Redirect headers

Location
https://heimi-lwx.com/zclkvisitor/4ca4d4f0-66fb-11ef-805e-0affec5a1cd9/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff
Non-Authoritative-Reason
HttpsUpgrades
track_generic_keyword.php
2.ew-verlag-analytics.com/scripts/jump/
Redirect Chain
  • https://bhask-bbh.com/zclkredirect?visitid=4ca4d4f0-66fb-11ef-805e-0affec5a1cd9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zr4ca4d4f066fb11ef805e0affec5a1cd97bb4d8f4e1574420bcec793794ed816e084714714810de6b8...
2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zr4ca4d4f066fb11ef805e0affec5a1cd97bb4d8f4e1574420bcec793794ed816e084714714810de6b83&keyword=apple&traffic_type=DOMAIN&visit_cost=0.018000&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux&region=MILANO&source=lateritious-falcon&target=november-our-1ewgr7pned&visitor_type=NON-ADULT
Requested by
Host: heimi-lwx.com
URL: https://heimi-lwx.com/zclkvisitor/4ca4d4f0-66fb-11ef-805e-0affec5a1cd9/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.154.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd37834.kasserver.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=600000

Request headers

Referer
https://heimi-lwx.com/zclkvisitor/4ca4d4f0-66fb-11ef-805e-0affec5a1cd9/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 30 Aug 2024 18:11:40 GMT
server
Apache
strict-transport-security
max-age=600000
vary
Accept-Encoding,User-Agent

Redirect headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
date
Fri, 30 Aug 2024 18:11:40 GMT
location
https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zr4ca4d4f066fb11ef805e0affec5a1cd97bb4d8f4e1574420bcec793794ed816e084714714810de6b83&keyword=apple&traffic_type=DOMAIN&visit_cost=0.018000&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux&region=MILANO&source=lateritious-falcon&target=november-our-1ewgr7pned&visitor_type=NON-ADULT
js
www.googletagmanager.com/gtag/ 		0
0
go.php
2.ew-verlag-analytics.com/scripts/jump/ 		3 KB
770 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=sexyavenue.com&country=IT&clickid=zr4ca4d4f066fb11ef805e0affec5a1cd97bb4d8f4e1574420bcec793794ed816e084714714810de6b83
Requested by
Host: 2.ew-verlag-analytics.com
URL: https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zr4ca4d4f066fb11ef805e0affec5a1cd97bb4d8f4e1574420bcec793794ed816e084714714810de6b83&keyword=apple&traffic_type=DOMAIN&visit_cost=0.018000&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux&region=MILANO&source=lateritious-falcon&target=november-our-1ewgr7pned&visitor_type=NON-ADULT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.154.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd37834.kasserver.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=600000

Request headers

Referer
https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zr4ca4d4f066fb11ef805e0affec5a1cd97bb4d8f4e1574420bcec793794ed816e084714714810de6b83&keyword=apple&traffic_type=DOMAIN&visit_cost=0.018000&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux&region=MILANO&source=lateritious-falcon&target=november-our-1ewgr7pned&visitor_type=NON-ADULT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 30 Aug 2024 18:11:41 GMT
server
Apache
strict-transport-security
max-age=600000
vary
Accept-Encoding,User-Agent
js
www.googletagmanager.com/gtag/ 		320 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F12LFHCSHD
Requested by
Host: 2.ew-verlag-analytics.com
URL: https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=sexyavenue.com&country=IT&clickid=zr4ca4d4f066fb11ef805e0affec5a1cd97bb4d8f4e1574420bcec793794ed816e084714714810de6b83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://2.ew-verlag-analytics.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 18:11:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107073
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Aug 2024 18:11:41 GMT
Primary Request go
r.linksprf.com/v2/
Redirect Chain
  • https://r.linksprf.com/v1/redirect?type=linkId&id=f1358b0797ff440f8d5bfa00eadb9fb1&api_key=1e7fb0ddf65d39c10211469ba4e9dd3a&site_id=512afd93dbff4e04aeb5984d583af311&dch=feed&ad_t=advertiser&url=sex...
  • https://r.linksprf.com/v2/go?t=1t3pa%3A8%2Fdt8g5.ee4keofrbu3.dea%2F1i%3DeIeurrhhoi.bsp1F2%250o8.9c9t6l.ni-%3DaPrDvtwN.vF1%2572FAh%25yp3tK%3DKe-eaefnlgari%26nndt9o9%3D6p3T%26iofIr%3Dr0h5i3b8p%26bo0n...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.linksprf.com/v2/go?t=1t3pa%3A8%2Fdt8g5.ee4keofrbu3.dea%2F1i%3DeIeurrhhoi.bsp1F2%250o8.9c9t6l.ni-%3DaPrDvtwN.vF1%2572FAh%25yp3tK%3DKe-eaefnlgari%26nndt9o9%3D6p3T%26iofIr%3Dr0h5i3b8p%26bo0n1r7%3Ddt8offbr2d834ad0952ce3cc884b1e04423evcd5k1i%26Ceershldu1%267u1t0s7a0a9d8d_a7b5c315e4d68_-9f8964%26be-v6cd%3D469t3k8n%3DdI1e3oe%26e3-e6ibr4s53-62244a8589948c0b2%261d3e1P0r1m3%3D0r6e0p%3DbIicharsl4c3If%3D7030a0703627b8c5cffe59b124%3DbIbeffc%261i0yft4u4c%262u7l2s0e1Tdamfcc0y6e6c6n%3DeItootiiiiRff%26rgrdhJtYs03O%25sF32y2Neb-1eMllggasa%26y6i4s5c3m527%26%3Dutl%3FsGecSabsdt5s2tfn9pdofg4o0lakbo9-4i5%2F3sft1h&s=https%3A%2F%2F2.ew-verlag-analytics.com%2F&e=1&ai=4972060b9b5f40e3ba610d441e13d529&sct=1&ct=1725041502066&cu=8c5ef2e99d1448b2bbffc81d07f1404b&cs=b21d34a24515506936a6424503c7830e
Requested by
Host: 2.ew-verlag-analytics.com
URL: https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=sexyavenue.com&country=IT&clickid=zr4ca4d4f066fb11ef805e0affec5a1cd97bb4d8f4e1574420bcec793794ed816e084714714810de6b83
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.33.119.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-119-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f271a23ab922e56a372d736a041cfe46d30be98301d2482abfd39f03d4955e2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=sexyavenue.com&country=IT&clickid=zr4ca4d4f066fb11ef805e0affec5a1cd97bb4d8f4e1574420bcec793794ed816e084714714810de6b83
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-length
2582
content-type
text/html;charset=UTF-8
date
Fri, 30 Aug 2024 18:11:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

content-length
0
date
Fri, 30 Aug 2024 18:11:42 GMT
location
/v2/go?t=1t3pa%3A8%2Fdt8g5.ee4keofrbu3.dea%2F1i%3DeIeurrhhoi.bsp1F2%250o8.9c9t6l.ni-%3DaPrDvtwN.vF1%2572FAh%25yp3tK%3DKe-eaefnlgari%26nndt9o9%3D6p3T%26iofIr%3Dr0h5i3b8p%26bo0n1r7%3Ddt8offbr2d834ad0952ce3cc884b1e04423evcd5k1i%26Ceershldu1%267u1t0s7a0a9d8d_a7b5c315e4d68_-9f8964%26be-v6cd%3D469t3k8n%3DdI1e3oe%26e3-e6ibr4s53-62244a8589948c0b2%261d3e1P0r1m3%3D0r6e0p%3DbIicharsl4c3If%3D7030a0703627b8c5cffe59b124%3DbIbeffc%261i0yft4u4c%262u7l2s0e1Tdamfcc0y6e6c6n%3DeItootiiiiRff%26rgrdhJtYs03O%25sF32y2Neb-1eMllggasa%26y6i4s5c3m527%26%3Dutl%3FsGecSabsdt5s2tfn9pdofg4o0lakbo9-4i5%2F3sft1h&s=https%3A%2F%2F2.ew-verlag-analytics.com%2F&e=1&ai=4972060b9b5f40e3ba610d441e13d529&sct=1&ct=1725041502066&cu=8c5ef2e99d1448b2bbffc81d07f1404b&cs=b21d34a24515506936a6424503c7830e
strict-transport-security
max-age=31536000; includeSubDomains
sitesearchGo
it-go.kelkoogroup.net/ 		0
0
favicon.ico
r.linksprf.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-F12LFHCSHD
Domain
it-go.kelkoogroup.net
URL
https://it-go.kelkoogroup.net/sitesearchGo?.ts=1725038594966&.sig=lPMD1tbNNvy137sFOh0yY3JKdKg-&affiliationId=96966630&comId=100523782&country=it&offerId=32ab055fcc3ccb82b3e74a23e7cf5314&searchId=1076100371009183_1725038594868_4928663&service=36&tokenId=1833e9e4-d66b-4b54-92f4-a85d9e41ccbb&addedParams=true&publisherClickId=v0304000164788c5ef2e99d1448b2bbffc81d07f1404b&publisherTrafficType=content&originReferer=https%3A%2F%2F2.ew-verlag-analytics.com%2F&publisherSubId=512afd93dbff4e04aeb5984d583af311
Domain
r.linksprf.com
URL
https://r.linksprf.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
2.ew-verlag-analytics.com/ Name: uhash
Value: 804cc538c75dc81944cff9f29aed974e155601c8f3bf34ad54c14b1556b68ee9
.ew-verlag-analytics.com/ Name: _ga
Value: GA1.1.1731777960.1725041502
.linksprf.com/ Name: ykuid
Value: ca8e0d233df74f8abe28a333f6598f46
r.linksprf.com/ Name: JSESSIONID
Value: 9B376136818BE4B1495841C8EB69647E
.ew-verlag-analytics.com/ Name: _ga_F12LFHCSHD
Value: GS1.1.1725041502.1.0.1725041502.0.0.0