r.linksprf.com
Open in
urlscan Pro
54.154.136.171
Public Scan
Effective URL: https://r.linksprf.com/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&t=2t2pc%3A2%2F5w3.6i...
Submission: On October 09 via automatic, source certstream-suspicious — Scanned from IT
Summary
TLS certificate: Issued by R10 on September 19th 2024. Valid for: 3 months.
This is the only time r.linksprf.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 13.248.148.254 13.248.148.254 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.66.121.190 18.66.121.190 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 3.209.119.177 3.209.119.177 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 85.13.154.109 85.13.154.109 | 34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68) | |
1 4 | 54.154.136.171 54.154.136.171 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 6 |
ASN16509 (AMAZON-02, US)
PTR: aba1c1ff9d2ec5376.awsglobalaccelerator.com
ra-vpn.icoud.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-190.fra60.r.cloudfront.net
d38psrni17bvxu.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-119-177.compute-1.amazonaws.com
varun-ysz.com |
ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd37834.kasserver.com
2.ew-verlag-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-136-171.eu-west-1.compute.amazonaws.com
r.linksprf.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
linksprf.com
1 redirects
r.linksprf.com — Cisco Umbrella Rank: 155135 |
10 KB |
4 |
icoud.com
ra-vpn.icoud.com |
3 KB |
2 |
ew-verlag-analytics.com
2.ew-verlag-analytics.com |
2 KB |
2 |
varun-ysz.com
1 redirects
varun-ysz.com — Cisco Umbrella Rank: 311193 |
4 KB |
1 |
cloudfront.net
d38psrni17bvxu.cloudfront.net |
1 KB |
0 |
billiger.de
Failed
www.billiger.de Failed |
|
0 |
googletagmanager.com
Failed
www.googletagmanager.com Failed |
|
14 | 7 |
Domain | Requested by | |
---|---|---|
4 | r.linksprf.com |
1 redirects
2.ew-verlag-analytics.com
r.linksprf.com |
4 | ra-vpn.icoud.com |
d38psrni17bvxu.cloudfront.net
ra-vpn.icoud.com |
2 | 2.ew-verlag-analytics.com |
varun-ysz.com
2.ew-verlag-analytics.com |
2 | varun-ysz.com |
1 redirects
ra-vpn.icoud.com
|
1 | d38psrni17bvxu.cloudfront.net |
ra-vpn.icoud.com
|
0 | www.billiger.de Failed |
r.linksprf.com
|
0 | www.googletagmanager.com Failed |
2.ew-verlag-analytics.com
|
14 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
blitzhandel24.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ra-vpn.icoud.com R10 |
2024-10-09 - 2025-01-07 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2024-07-30 - 2025-07-03 |
a year | crt.sh |
varun-ysz.com Amazon RSA 2048 M02 |
2024-09-30 - 2025-10-29 |
a year | crt.sh |
2.ew-verlag-analytics.com R11 |
2024-08-29 - 2024-11-27 |
3 months | crt.sh |
linksprf.com R10 |
2024-09-19 - 2024-12-18 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://r.linksprf.com/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&t=2t2pc%3A2%2F5w3.6i1ldg5rdd7%2F3odm0n4m%3Adilesia_iecdoeuf%3Fbcbt9jbAe64U1cf%263%3D23bkej72600u0K0J0E%3Dmo9%262k-sGPx5RbBpY1RwEkH7hEPfm0zTEMaSKdOPYezHrYR3GllE5rY0vt1vNIhT-B6gllkTdyUVsEgxmA0CsAChLoxKQ_t0d0q_SDWGMnP9acc98xFLJ1o6LNhfQOSiRLH8PWFdBUKlXG0Fct49PSvgam0kA_0PXC2JcT1zsXnUwC9RCAXkZiQhR8BJeJhXRi6x4PIy6wJ9aXlFEB7pKpdf7CjJe1dZvfWH8xJORsa-HMbOF67lT_QpTABl1_yQbYBHNm9r5vUHzH_X6RJ1WrAJhmR7B0-qsJFUiU-JvPNoWdXC2ikIVGZ8BBQVNReLydDfOEvyT49zfiaQIJC9qcyVjhsUPZsFEELz7rVFJMcnSgIlIgjvJ3U4y0-1k4_4w0i4e9p2P334K3j0HeR8%3D5m8l6d8me%2Fbps%2Fte_udo5%2F2odm2cbec.4e8ibl6b8w2wb%2Fbs1tfh&sct=0&ct=1728483303063&cu=e0b42932f31443e0be98b5b8f6e8deeb&w=4&e=1&cs=49c6783cdf4c3f91fe65e010a3546d13
Frame ID: 70D72F3F0E3A3D1EDFEFF9EDB3AC01D3
Requests: 13 HTTP requests in this frame
Frame:
https://www.billiger.de/common/modules/api/cmodul?mc=tRjHAj6KU3cP&p=e3ikwj_2k0-uyKUJJEjmI9I2S-cGJxVR7BLYERsEPHshjPymqzCEIaaKfO9YTzvrORDGyle5NYQvB1ZNVhk-26XlWkNdvU-sigFms0-sBCRLhxAQWtJd6q_SzWUM5P9aNcB8bFyJ1oBLThQQTS7RFHbPHFaBRKJX80Wcv4dPevja70dAK07XE2lca1Js6nIw496CRXhZeQBR8hJiJkXAiRxCPUyXwz9TXJFCBPp_pkfmCgJS19ZtfFHGxlOUsd-WM8OL6ilO_fpNA6l1_LQxY9Hcm9rnvGHDH_X0R01_rKJomh7A0CqAJxUEUVJyPToldgCBiTIIGv8tB0VrRELld3fYEHye4PzdiSQMJT90cfVEh7UkZwF1Epzbr5FPMsnkg&log=v030400016474e0b42932f31443e0be98b5b8f6e8deeb_site_id:5420dd23b7cd458db1668325b2bc12f2
Frame ID: DB3FA6B1D5CAACFEA0E92EF8ED06DD7B
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Please waitPage URL History Show full URLs
- https://ra-vpn.icoud.com/ Page URL
- https://varun-ysz.com/zclkvisitor/ddc9c554-8648-11ef-9319-0affd34d9ebf/85aefdc2-9ed0-48aa-922d-60f... Page URL
-
https://varun-ysz.com/zclkredirect?visitid=ddc9c554-8648-11ef-9319-0affd34d9ebf&type=js&browserWid...
HTTP 302
https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clic... Page URL
- https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=blitzhandel24.com&country=IT&clickid=zrddc9c55486... Page URL
-
https://r.linksprf.com/v1/redirect?type=linkId&id=ba27e95d495f45c4982937dcb3763b73&api_key=795547c6...
HTTP 302
https://r.linksprf.com/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: here
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ra-vpn.icoud.com/ Page URL
- https://varun-ysz.com/zclkvisitor/ddc9c554-8648-11ef-9319-0affd34d9ebf/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff Page URL
-
https://varun-ysz.com/zclkredirect?visitid=ddc9c554-8648-11ef-9319-0affd34d9ebf&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
HTTP 302
https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16&keyword=apple%2Ccloud+storage%2Cicloud&traffic_type=DOMAIN&visit_cost=0.017600&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux®ion=MILANO&source=lateritious-falcon&target=romeo-mot-5bc03u33t&visitor_type=NON-ADULT Page URL
- https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=blitzhandel24.com&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16 Page URL
-
https://r.linksprf.com/v1/redirect?type=linkId&id=ba27e95d495f45c4982937dcb3763b73&api_key=795547c62279bb61d42fb8cb6d195899&site_id=5420dd23b7cd458db1668325b2bc12f2&dch=feed&ad_t=advertiser&url=blitzhandel24.com&country=IT&type=url&source=ew-verlag.de&yk_tag=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16
HTTP 302
https://r.linksprf.com/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&t=2t2pc%3A2%2F5w3.6i1ldg5rdd7%2F3odm0n4m%3Adilesia_iecdoeuf%3Fbcbt9jbAe64U1cf%263%3D23bkej72600u0K0J0E%3Dmo9%262k-sGPx5RbBpY1RwEkH7hEPfm0zTEMaSKdOPYezHrYR3GllE5rY0vt1vNIhT-B6gllkTdyUVsEgxmA0CsAChLoxKQ_t0d0q_SDWGMnP9acc98xFLJ1o6LNhfQOSiRLH8PWFdBUKlXG0Fct49PSvgam0kA_0PXC2JcT1zsXnUwC9RCAXkZiQhR8BJeJhXRi6x4PIy6wJ9aXlFEB7pKpdf7CjJe1dZvfWH8xJORsa-HMbOF67lT_QpTABl1_yQbYBHNm9r5vUHzH_X6RJ1WrAJhmR7B0-qsJFUiU-JvPNoWdXC2ikIVGZ8BBQVNReLydDfOEvyT49zfiaQIJC9qcyVjhsUPZsFEELz7rVFJMcnSgIlIgjvJ3U4y0-1k4_4w0i4e9p2P334K3j0HeR8%3D5m8l6d8me%2Fbps%2Fte_udo5%2F2odm2cbec.4e8ibl6b8w2wb%2Fbs1tfh&sct=0&ct=1728483303063&cu=e0b42932f31443e0be98b5b8f6e8deeb&w=4&e=1&cs=49c6783cdf4c3f91fe65e010a3546d13 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://varun-ysz.com/zclkredirect?visitid=ddc9c554-8648-11ef-9319-0affd34d9ebf&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome HTTP 302
- https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16&keyword=apple%2Ccloud+storage%2Cicloud&traffic_type=DOMAIN&visit_cost=0.017600&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux®ion=MILANO&source=lateritious-falcon&target=romeo-mot-5bc03u33t&visitor_type=NON-ADULT
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
ra-vpn.icoud.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track.php
ra-vpn.icoud.com/ |
0 92 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls.php
ra-vpn.icoud.com/ |
16 B 367 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track.php
ra-vpn.icoud.com/ |
0 91 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
varun-ysz.com/zclkvisitor/ddc9c554-8648-11ef-9319-0affd34d9ebf/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track_generic_keyword.php
2.ew-verlag-analytics.com/scripts/jump/ Redirect Chain
|
2 KB 813 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
js
www.googletagmanager.com/gtag/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
go.php
2.ew-verlag-analytics.com/scripts/jump/ |
3 KB 761 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
js
www.googletagmanager.com/gtag/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
go
r.linksprf.com/v2/ Redirect Chain
|
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax-loader.gif
r.linksprf.com/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cmodul
www.billiger.de/common/modules/api/ Frame DB3F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
r.linksprf.com/ |
1 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.googletagmanager.com
- URL
- https://www.googletagmanager.com/gtag/js?id=G-F12LFHCSHD
- Domain
- www.googletagmanager.com
- URL
- https://www.googletagmanager.com/gtag/js?id=G-F12LFHCSHD
- Domain
- www.billiger.de
- URL
- https://www.billiger.de/common/modules/api/cmodul?mc=tRjHAj6KU3cP&p=e3ikwj_2k0-uyKUJJEjmI9I2S-cGJxVR7BLYERsEPHshjPymqzCEIaaKfO9YTzvrORDGyle5NYQvB1ZNVhk-26XlWkNdvU-sigFms0-sBCRLhxAQWtJd6q_SzWUM5P9aNcB8bFyJ1oBLThQQTS7RFHbPHFaBRKJX80Wcv4dPevja70dAK07XE2lca1Js6nIw496CRXhZeQBR8hJiJkXAiRxCPUyXwz9TXJFCBPp_pkfmCgJS19ZtfFHGxlOUsd-WM8OL6ilO_fpNA6l1_LQxY9Hcm9rnvGHDH_X0R01_rKJomh7A0CqAJxUEUVJyPToldgCBiTIIGv8tB0VrRELld3fYEHye4PzdiSQMJT90cfVEh7UkZwF1Epzbr5FPMsnkg&log=v030400016474e0b42932f31443e0be98b5b8f6e8deeb_site_id:5420dd23b7cd458db1668325b2bc12f2
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 03 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
2.ew-verlag-analytics.com/ | Name: uhash Value: 194cb1446ba4dbe6e56abfd4bf3c6874803b64d1d8c98ba10db9c9c1c5c6c93d |
|
.linksprf.com/ | Name: ykuid Value: 7af131184c564ad7ac408d83f7a61b80 |
|
r.linksprf.com/ | Name: JSESSIONID Value: AE5B2BF1CEA58C29A47804B0EA64DBE1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2.ew-verlag-analytics.com
d38psrni17bvxu.cloudfront.net
r.linksprf.com
ra-vpn.icoud.com
varun-ysz.com
www.billiger.de
www.googletagmanager.com
www.billiger.de
www.googletagmanager.com
13.248.148.254
18.66.121.190
3.209.119.177
54.154.136.171
85.13.154.109
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
567f3dc494f1024f6e1fc507babaf24ccc834f7fdae8c17c178bd71087335ff8
62c10a7d3c5b16efec304ea643d67152e4164963c046195ad6c3dc97ae41f781
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
bfbb99a61a0f33b6eb558dede49f993d84fec3fe7d3a9891aca109e15ffce96d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855