urlscan.io logo urlscan.io
SecurityTrails logo

r.linksprf.com Open in urlscan Pro
54.154.136.171  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ra-vpn.icoud.com/
Effective URL: https://r.linksprf.com/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&t=2t2pc%3A2%2F5w3.6i...
Submission: On October 09 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 14 HTTP transactions. The main IP is 54.154.136.171, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is r.linksprf.com. The Cisco Umbrella rank of the primary domain is 155135.
TLS certificate: Issued by R10 on September 19th 2024. Valid for: 3 months.
This is the only time r.linksprf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 13.248.148.254 16509 (AMAZON-02)
1 18.66.121.190 16509 (AMAZON-02)
1 2 3.209.119.177 14618 (AMAZON-AES)
2 85.13.154.109 34788 (NMM-AS D)
1 4 54.154.136.171 16509 (AMAZON-02)
14 6
4    13.248.148.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: aba1c1ff9d2ec5376.awsglobalaccelerator.com
ra-vpn.icoud.com
1    18.66.121.190 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-190.fra60.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    3.209.119.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-119-177.compute-1.amazonaws.com
varun-ysz.com
2    85.13.154.109 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd37834.kasserver.com
2.ew-verlag-analytics.com
4    54.154.136.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-136-171.eu-west-1.compute.amazonaws.com
r.linksprf.com
Apex Domain
Subdomains		 Transfer
4 linksprf.com
r.linksprf.com — Cisco Umbrella Rank: 155135
10 KB
4 icoud.com
ra-vpn.icoud.com
3 KB
2 ew-verlag-analytics.com
2.ew-verlag-analytics.com
2 KB
2 varun-ysz.com
varun-ysz.com — Cisco Umbrella Rank: 311193
4 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
0 billiger.de Failed
www.billiger.de Failed
0 googletagmanager.com Failed
www.googletagmanager.com Failed
14 7
Domain Requested by
4 r.linksprf.com 1 redirects 2.ew-verlag-analytics.com
r.linksprf.com
4 ra-vpn.icoud.com d38psrni17bvxu.cloudfront.net
ra-vpn.icoud.com
2 2.ew-verlag-analytics.com varun-ysz.com
2.ew-verlag-analytics.com
2 varun-ysz.com 1 redirects ra-vpn.icoud.com
1 d38psrni17bvxu.cloudfront.net ra-vpn.icoud.com
0 www.billiger.de Failed r.linksprf.com
0 www.googletagmanager.com Failed 2.ew-verlag-analytics.com
14 7

This site contains links to these domains. Also see Links.

Domain
blitzhandel24.com
Subject Issuer Validity Valid
ra-vpn.icoud.com
R10		 2024-10-09 -
2025-01-07		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
varun-ysz.com
Amazon RSA 2048 M02		 2024-09-30 -
2025-10-29		 a year crt.sh
2.ew-verlag-analytics.com
R11		 2024-08-29 -
2024-11-27		 3 months crt.sh
linksprf.com
R10		 2024-09-19 -
2024-12-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://r.linksprf.com/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&t=2t2pc%3A2%2F5w3.6i1ldg5rdd7%2F3odm0n4m%3Adilesia_iecdoeuf%3Fbcbt9jbAe64U1cf%263%3D23bkej72600u0K0J0E%3Dmo9%262k-sGPx5RbBpY1RwEkH7hEPfm0zTEMaSKdOPYezHrYR3GllE5rY0vt1vNIhT-B6gllkTdyUVsEgxmA0CsAChLoxKQ_t0d0q_SDWGMnP9acc98xFLJ1o6LNhfQOSiRLH8PWFdBUKlXG0Fct49PSvgam0kA_0PXC2JcT1zsXnUwC9RCAXkZiQhR8BJeJhXRi6x4PIy6wJ9aXlFEB7pKpdf7CjJe1dZvfWH8xJORsa-HMbOF67lT_QpTABl1_yQbYBHNm9r5vUHzH_X6RJ1WrAJhmR7B0-qsJFUiU-JvPNoWdXC2ikIVGZ8BBQVNReLydDfOEvyT49zfiaQIJC9qcyVjhsUPZsFEELz7rVFJMcnSgIlIgjvJ3U4y0-1k4_4w0i4e9p2P334K3j0HeR8%3D5m8l6d8me%2Fbps%2Fte_udo5%2F2odm2cbec.4e8ibl6b8w2wb%2Fbs1tfh&sct=0&ct=1728483303063&cu=e0b42932f31443e0be98b5b8f6e8deeb&w=4&e=1&cs=49c6783cdf4c3f91fe65e010a3546d13
Frame ID: 70D72F3F0E3A3D1EDFEFF9EDB3AC01D3
Requests: 13 HTTP requests in this frame

Frame: https://www.billiger.de/common/modules/api/cmodul?mc=tRjHAj6KU3cP&p=e3ikwj_2k0-uyKUJJEjmI9I2S-cGJxVR7BLYERsEPHshjPymqzCEIaaKfO9YTzvrORDGyle5NYQvB1ZNVhk-26XlWkNdvU-sigFms0-sBCRLhxAQWtJd6q_SzWUM5P9aNcB8bFyJ1oBLThQQTS7RFHbPHFaBRKJX80Wcv4dPevja70dAK07XE2lca1Js6nIw496CRXhZeQBR8hJiJkXAiRxCPUyXwz9TXJFCBPp_pkfmCgJS19ZtfFHGxlOUsd-WM8OL6ilO_fpNA6l1_LQxY9Hcm9rnvGHDH_X0R01_rKJomh7A0CqAJxUEUVJyPToldgCBiTIIGv8tB0VrRELld3fYEHye4PzdiSQMJT90cfVEh7UkZwF1Epzbr5FPMsnkg&log=v030400016474e0b42932f31443e0be98b5b8f6e8deeb_site_id:5420dd23b7cd458db1668325b2bc12f2
Frame ID: DB3FA6B1D5CAACFEA0E92EF8ED06DD7B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Please wait

Page URL History Show full URLs

  1. https://ra-vpn.icoud.com/ Page URL
  2. https://varun-ysz.com/zclkvisitor/ddc9c554-8648-11ef-9319-0affd34d9ebf/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://varun-ysz.com/zclkredirect?visitid=ddc9c554-8648-11ef-9319-0affd34d9ebf&type=js&browserWid... HTTP 302
    https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clic... Page URL
  4. https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=blitzhandel24.com&country=IT&clickid=zrddc9c55486... Page URL
  5. https://r.linksprf.com/v1/redirect?type=linkId&id=ba27e95d495f45c4982937dcb3763b73&api_key=795547c6... HTTP 302
    https://r.linksprf.com/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&... Page URL

Page Statistics

14
Requests

79 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

18 kB
Transfer

20 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ra-vpn.icoud.com/ Page URL
  2. https://varun-ysz.com/zclkvisitor/ddc9c554-8648-11ef-9319-0affd34d9ebf/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff Page URL
  3. https://varun-ysz.com/zclkredirect?visitid=ddc9c554-8648-11ef-9319-0affd34d9ebf&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome HTTP 302
    https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16&keyword=apple%2Ccloud+storage%2Cicloud&traffic_type=DOMAIN&visit_cost=0.017600&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux&region=MILANO&source=lateritious-falcon&target=romeo-mot-5bc03u33t&visitor_type=NON-ADULT Page URL
  4. https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=blitzhandel24.com&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16 Page URL
  5. https://r.linksprf.com/v1/redirect?type=linkId&id=ba27e95d495f45c4982937dcb3763b73&api_key=795547c62279bb61d42fb8cb6d195899&site_id=5420dd23b7cd458db1668325b2bc12f2&dch=feed&ad_t=advertiser&url=blitzhandel24.com&country=IT&type=url&source=ew-verlag.de&yk_tag=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16 HTTP 302
    https://r.linksprf.com/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&t=2t2pc%3A2%2F5w3.6i1ldg5rdd7%2F3odm0n4m%3Adilesia_iecdoeuf%3Fbcbt9jbAe64U1cf%263%3D23bkej72600u0K0J0E%3Dmo9%262k-sGPx5RbBpY1RwEkH7hEPfm0zTEMaSKdOPYezHrYR3GllE5rY0vt1vNIhT-B6gllkTdyUVsEgxmA0CsAChLoxKQ_t0d0q_SDWGMnP9acc98xFLJ1o6LNhfQOSiRLH8PWFdBUKlXG0Fct49PSvgam0kA_0PXC2JcT1zsXnUwC9RCAXkZiQhR8BJeJhXRi6x4PIy6wJ9aXlFEB7pKpdf7CjJe1dZvfWH8xJORsa-HMbOF67lT_QpTABl1_yQbYBHNm9r5vUHzH_X6RJ1WrAJhmR7B0-qsJFUiU-JvPNoWdXC2ikIVGZ8BBQVNReLydDfOEvyT49zfiaQIJC9qcyVjhsUPZsFEELz7rVFJMcnSgIlIgjvJ3U4y0-1k4_4w0i4e9p2P334K3j0HeR8%3D5m8l6d8me%2Fbps%2Fte_udo5%2F2odm2cbec.4e8ibl6b8w2wb%2Fbs1tfh&sct=0&ct=1728483303063&cu=e0b42932f31443e0be98b5b8f6e8deeb&w=4&e=1&cs=49c6783cdf4c3f91fe65e010a3546d13 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://varun-ysz.com/zclkredirect?visitid=ddc9c554-8648-11ef-9319-0affd34d9ebf&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome HTTP 302
  • https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16&keyword=apple%2Ccloud+storage%2Cicloud&traffic_type=DOMAIN&visit_cost=0.017600&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux&region=MILANO&source=lateritious-falcon&target=romeo-mot-5bc03u33t&visitor_type=NON-ADULT

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ra-vpn.icoud.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ra-vpn.icoud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
Caddy nginx /
Resource Hash
567f3dc494f1024f6e1fc507babaf24ccc834f7fdae8c17c178bd71087335ff8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":50944"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 09 Oct 2024 14:14:59 GMT
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_n9UEKsw78/ZZNj/oEoiOuaHKbWeG1xzhtPgN3OQ+Sxo2e0PO93In+4usQOlcxi/PaEUxMxB0+rxUuicxtlzv7g==
x-buckets
bucket011,bucket088,bucket077
x-domain
icoud.com
x-language
italian
x-pcrew-blocked-reason
x-pcrew-ip-organization
Global Router
x-redirect
zeropark_zeroclick
x-subdomain
ra-vpn
x-template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: ra-vpn.icoud.com
URL: https://ra-vpn.icoud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-121-190.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ra-vpn.icoud.com/

Response headers

etag
"65fc1e7b-448"
age
45766
via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1096
x-amz-cf-id
yXCmRqPV91cYXrFmWR1vZvZRZRwfKVX6wxbX5w0DLVhDT5MuaQNNgw==
date
Wed, 09 Oct 2024 01:32:13 GMT
content-type
application/javascript
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
track.php
ra-vpn.icoud.com/ 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ra-vpn.icoud.com/track.php?domain=icoud.com&toggle=browserjs&uid=MTcyODQ4MzI5OC42ODg1OmM5OTRkMDgwYTUyMjVhZmQ1OGQ1OWZhMzVhOWE2OTkzYTU5N2IzOTllZDBmMTFkNGYzNTIyNmMzY2I5OGJlMzM6NjcwNjhmZTJhODE4Ng%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

viewport-width
1600
ect
4g
Referer
https://ra-vpn.icoud.com/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
rtt
200
downlink
10

Response headers

content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
browserjs
access-control-allow-origin
*
alt-svc
h3=":50944"; ma=2592000
date
Wed, 09 Oct 2024 14:14:59 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
ls.php
ra-vpn.icoud.com/ 		16 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ra-vpn.icoud.com/ls.php?t=67068fe3&token=7d9926b104cbad86e357a930526875ad906cb85d
Requested by
Host: ra-vpn.icoud.com
URL: https://ra-vpn.icoud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://ra-vpn.icoud.com/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
rtt
200
downlink
10

Response headers

access-control-max-age
86400
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
access-control-allow-methods
POST, OPTIONS
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_RwTNG23cqJwyW/yBhsk5OhzB+T/yobX8q2thcAP8iBotaTHXTYjcTQ/ihMGey1FsLxLT8AfRyUcaZ5pGn1yagg==
accept-ch-lifetime
30
x-log-success
67068fe336be1a2a3001d0da
access-control-allow-origin
alt-svc
h3=":50944"; ma=2592000
date
Wed, 09 Oct 2024 14:14:59 GMT
charset
utf-8
content-type
text/javascript;charset=UTF-8
server
Caddy, nginx
track.php
ra-vpn.icoud.com/ 		0
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ra-vpn.icoud.com/track.php?click=98491f79267b1fdef1b999ac50f8c51ad312f3a3&domain=icoud.com&uid=MTcyODQ4MzI5OC42ODg1OmM5OTRkMDgwYTUyMjVhZmQ1OGQ1OWZhMzVhOWE2OTkzYTU5N2IzOTllZDBmMTFkNGYzNTIyNmMzY2I5OGJlMzM6NjcwNjhmZTJhODE4Ng%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTEsYnVja2V0MDg4LGJ1Y2tldDA3N3x8fHx8fDY3MDY4ZmUyYTgxNWF8fHwxNzI4NDgzMjk5LjAwMjN8YWExODc1NGU2OTBiN2E1NzQzOTJmZDM0MDhlODM5YzY3Nzg3YzgzOXx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDdkOTkyNmIxMDRjYmFkODZlMzU3YTkzMDUyNjg3NWFkOTA2Y2I4NWR8MHx8MHwwfHx8&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://ra-vpn.icoud.com/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
rtt
200
downlink
10

Response headers

x-view-match
true
content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
none
access-control-allow-origin
*
alt-svc
h3=":50944"; ma=2592000
date
Wed, 09 Oct 2024 14:14:59 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
varun-ysz.com/zclkvisitor/ddc9c554-8648-11ef-9319-0affd34d9ebf/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://varun-ysz.com/zclkvisitor/ddc9c554-8648-11ef-9319-0affd34d9ebf/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff
Requested by
Host: ra-vpn.icoud.com
URL: https://ra-vpn.icoud.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.119.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-119-177.compute-1.amazonaws.com
Software
/
Resource Hash
62c10a7d3c5b16efec304ea643d67152e4164963c046195ad6c3dc97ae41f781
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://ra-vpn.icoud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Wed, 09 Oct 2024 14:15:00 GMT
track_generic_keyword.php
2.ew-verlag-analytics.com/scripts/jump/
Redirect Chain
  • https://varun-ysz.com/zclkredirect?visitid=ddc9c554-8648-11ef-9319-0affd34d9ebf&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c1...
2 KB
813 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16&keyword=apple%2Ccloud+storage%2Cicloud&traffic_type=DOMAIN&visit_cost=0.017600&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux&region=MILANO&source=lateritious-falcon&target=romeo-mot-5bc03u33t&visitor_type=NON-ADULT
Requested by
Host: varun-ysz.com
URL: https://varun-ysz.com/zclkvisitor/ddc9c554-8648-11ef-9319-0affd34d9ebf/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.154.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd37834.kasserver.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=600000

Request headers

Referer
https://varun-ysz.com/zclkvisitor/ddc9c554-8648-11ef-9319-0affd34d9ebf/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73debec0-92ce-11ee-858d-123af5e664ff
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 09 Oct 2024 14:15:01 GMT
server
Apache
strict-transport-security
max-age=600000
vary
Accept-Encoding,User-Agent

Redirect headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
date
Wed, 09 Oct 2024 14:15:01 GMT
location
https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16&keyword=apple%2Ccloud+storage%2Cicloud&traffic_type=DOMAIN&visit_cost=0.017600&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux&region=MILANO&source=lateritious-falcon&target=romeo-mot-5bc03u33t&visitor_type=NON-ADULT
js
www.googletagmanager.com/gtag/ 		0
0
go.php
2.ew-verlag-analytics.com/scripts/jump/ 		3 KB
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=blitzhandel24.com&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16
Requested by
Host: 2.ew-verlag-analytics.com
URL: https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16&keyword=apple%2Ccloud+storage%2Cicloud&traffic_type=DOMAIN&visit_cost=0.017600&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux&region=MILANO&source=lateritious-falcon&target=romeo-mot-5bc03u33t&visitor_type=NON-ADULT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.154.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd37834.kasserver.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=600000

Request headers

Referer
https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=apple&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16&keyword=apple%2Ccloud+storage%2Cicloud&traffic_type=DOMAIN&visit_cost=0.017600&browser=Chrome&campaign_id=2282342&campaign_name=apple+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=73debec0-92ce-11ee-858d-123af5e664ff&match=apple&os=Linux&region=MILANO&source=lateritious-falcon&target=romeo-mot-5bc03u33t&visitor_type=NON-ADULT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 09 Oct 2024 14:15:01 GMT
server
Apache
strict-transport-security
max-age=600000
vary
Accept-Encoding,User-Agent
js
www.googletagmanager.com/gtag/ 		0
0
Primary Request go
r.linksprf.com/v2/
Redirect Chain
  • https://r.linksprf.com/v1/redirect?type=linkId&id=ba27e95d495f45c4982937dcb3763b73&api_key=795547c62279bb61d42fb8cb6d195899&site_id=5420dd23b7cd458db1668325b2bc12f2&dch=feed&ad_t=advertiser&url=bli...
  • https://r.linksprf.com/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&t=2t2pc%3A2%2F5w3.6i1ldg5rdd7%2F3odm0n4m%3Adilesia_iecdoeuf%3Fbcbt9jbAe64U1cf%263%3D23bkej72600u0K...
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.linksprf.com/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&t=2t2pc%3A2%2F5w3.6i1ldg5rdd7%2F3odm0n4m%3Adilesia_iecdoeuf%3Fbcbt9jbAe64U1cf%263%3D23bkej72600u0K0J0E%3Dmo9%262k-sGPx5RbBpY1RwEkH7hEPfm0zTEMaSKdOPYezHrYR3GllE5rY0vt1vNIhT-B6gllkTdyUVsEgxmA0CsAChLoxKQ_t0d0q_SDWGMnP9acc98xFLJ1o6LNhfQOSiRLH8PWFdBUKlXG0Fct49PSvgam0kA_0PXC2JcT1zsXnUwC9RCAXkZiQhR8BJeJhXRi6x4PIy6wJ9aXlFEB7pKpdf7CjJe1dZvfWH8xJORsa-HMbOF67lT_QpTABl1_yQbYBHNm9r5vUHzH_X6RJ1WrAJhmR7B0-qsJFUiU-JvPNoWdXC2ikIVGZ8BBQVNReLydDfOEvyT49zfiaQIJC9qcyVjhsUPZsFEELz7rVFJMcnSgIlIgjvJ3U4y0-1k4_4w0i4e9p2P334K3j0HeR8%3D5m8l6d8me%2Fbps%2Fte_udo5%2F2odm2cbec.4e8ibl6b8w2wb%2Fbs1tfh&sct=0&ct=1728483303063&cu=e0b42932f31443e0be98b5b8f6e8deeb&w=4&e=1&cs=49c6783cdf4c3f91fe65e010a3546d13
Requested by
Host: 2.ew-verlag-analytics.com
URL: https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=blitzhandel24.com&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.154.136.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-136-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bfbb99a61a0f33b6eb558dede49f993d84fec3fe7d3a9891aca109e15ffce96d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=blitzhandel24.com&country=IT&clickid=zrddc9c554864811ef93190affd34d9ebff960e79e5e694b9b9a08bf1f199579c70856702aa110755c16
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length
5050
content-type
text/html;charset=UTF-8
date
Wed, 09 Oct 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

content-length
0
date
Wed, 09 Oct 2024 14:15:03 GMT
location
/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&t=2t2pc%3A2%2F5w3.6i1ldg5rdd7%2F3odm0n4m%3Adilesia_iecdoeuf%3Fbcbt9jbAe64U1cf%263%3D23bkej72600u0K0J0E%3Dmo9%262k-sGPx5RbBpY1RwEkH7hEPfm0zTEMaSKdOPYezHrYR3GllE5rY0vt1vNIhT-B6gllkTdyUVsEgxmA0CsAChLoxKQ_t0d0q_SDWGMnP9acc98xFLJ1o6LNhfQOSiRLH8PWFdBUKlXG0Fct49PSvgam0kA_0PXC2JcT1zsXnUwC9RCAXkZiQhR8BJeJhXRi6x4PIy6wJ9aXlFEB7pKpdf7CjJe1dZvfWH8xJORsa-HMbOF67lT_QpTABl1_yQbYBHNm9r5vUHzH_X6RJ1WrAJhmR7B0-qsJFUiU-JvPNoWdXC2ikIVGZ8BBQVNReLydDfOEvyT49zfiaQIJC9qcyVjhsUPZsFEELz7rVFJMcnSgIlIgjvJ3U4y0-1k4_4w0i4e9p2P334K3j0HeR8%3D5m8l6d8me%2Fbps%2Fte_udo5%2F2odm2cbec.4e8ibl6b8w2wb%2Fbs1tfh&sct=0&ct=1728483303063&cu=e0b42932f31443e0be98b5b8f6e8deeb&w=4&e=1&cs=49c6783cdf4c3f91fe65e010a3546d13
strict-transport-security
max-age=31536000; includeSubDomains
ajax-loader.gif
r.linksprf.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.linksprf.com/ajax-loader.gif
Requested by
Host: r.linksprf.com
URL: https://r.linksprf.com/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&t=2t2pc%3A2%2F5w3.6i1ldg5rdd7%2F3odm0n4m%3Adilesia_iecdoeuf%3Fbcbt9jbAe64U1cf%263%3D23bkej72600u0K0J0E%3Dmo9%262k-sGPx5RbBpY1RwEkH7hEPfm0zTEMaSKdOPYezHrYR3GllE5rY0vt1vNIhT-B6gllkTdyUVsEgxmA0CsAChLoxKQ_t0d0q_SDWGMnP9acc98xFLJ1o6LNhfQOSiRLH8PWFdBUKlXG0Fct49PSvgam0kA_0PXC2JcT1zsXnUwC9RCAXkZiQhR8BJeJhXRi6x4PIy6wJ9aXlFEB7pKpdf7CjJe1dZvfWH8xJORsa-HMbOF67lT_QpTABl1_yQbYBHNm9r5vUHzH_X6RJ1WrAJhmR7B0-qsJFUiU-JvPNoWdXC2ikIVGZ8BBQVNReLydDfOEvyT49zfiaQIJC9qcyVjhsUPZsFEELz7rVFJMcnSgIlIgjvJ3U4y0-1k4_4w0i4e9p2P334K3j0HeR8%3D5m8l6d8me%2Fbps%2Fte_udo5%2F2odm2cbec.4e8ibl6b8w2wb%2Fbs1tfh&sct=0&ct=1728483303063&cu=e0b42932f31443e0be98b5b8f6e8deeb&w=4&e=1&cs=49c6783cdf4c3f91fe65e010a3546d13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.154.136.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-136-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://r.linksprf.com/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&t=2t2pc%3A2%2F5w3.6i1ldg5rdd7%2F3odm0n4m%3Adilesia_iecdoeuf%3Fbcbt9jbAe64U1cf%263%3D23bkej72600u0K0J0E%3Dmo9%262k-sGPx5RbBpY1RwEkH7hEPfm0zTEMaSKdOPYezHrYR3GllE5rY0vt1vNIhT-B6gllkTdyUVsEgxmA0CsAChLoxKQ_t0d0q_SDWGMnP9acc98xFLJ1o6LNhfQOSiRLH8PWFdBUKlXG0Fct49PSvgam0kA_0PXC2JcT1zsXnUwC9RCAXkZiQhR8BJeJhXRi6x4PIy6wJ9aXlFEB7pKpdf7CjJe1dZvfWH8xJORsa-HMbOF67lT_QpTABl1_yQbYBHNm9r5vUHzH_X6RJ1WrAJhmR7B0-qsJFUiU-JvPNoWdXC2ikIVGZ8BBQVNReLydDfOEvyT49zfiaQIJC9qcyVjhsUPZsFEELz7rVFJMcnSgIlIgjvJ3U4y0-1k4_4w0i4e9p2P334K3j0HeR8%3D5m8l6d8me%2Fbps%2Fte_udo5%2F2odm2cbec.4e8ibl6b8w2wb%2Fbs1tfh&sct=0&ct=1728483303063&cu=e0b42932f31443e0be98b5b8f6e8deeb&w=4&e=1&cs=49c6783cdf4c3f91fe65e010a3546d13

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
3208
date
Wed, 09 Oct 2024 14:15:03 GMT
etag
W/"3208-1726817340000"
content-type
image/gif
last-modified
Fri, 20 Sep 2024 07:29:00 GMT
cmodul
www.billiger.de/common/modules/api/ Frame DB3F 		0
0
favicon.ico
r.linksprf.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://r.linksprf.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.154.136.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-136-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://r.linksprf.com/v2/go?ai=16d966b7ec2b440e94f4f35699836dfe&eu=mtcp4%2Flbdiazhtnle%2F2%3A.toh&t=2t2pc%3A2%2F5w3.6i1ldg5rdd7%2F3odm0n4m%3Adilesia_iecdoeuf%3Fbcbt9jbAe64U1cf%263%3D23bkej72600u0K0J0E%3Dmo9%262k-sGPx5RbBpY1RwEkH7hEPfm0zTEMaSKdOPYezHrYR3GllE5rY0vt1vNIhT-B6gllkTdyUVsEgxmA0CsAChLoxKQ_t0d0q_SDWGMnP9acc98xFLJ1o6LNhfQOSiRLH8PWFdBUKlXG0Fct49PSvgam0kA_0PXC2JcT1zsXnUwC9RCAXkZiQhR8BJeJhXRi6x4PIy6wJ9aXlFEB7pKpdf7CjJe1dZvfWH8xJORsa-HMbOF67lT_QpTABl1_yQbYBHNm9r5vUHzH_X6RJ1WrAJhmR7B0-qsJFUiU-JvPNoWdXC2ikIVGZ8BBQVNReLydDfOEvyT49zfiaQIJC9qcyVjhsUPZsFEELz7rVFJMcnSgIlIgjvJ3U4y0-1k4_4w0i4e9p2P334K3j0HeR8%3D5m8l6d8me%2Fbps%2Fte_udo5%2F2odm2cbec.4e8ibl6b8w2wb%2Fbs1tfh&sct=0&ct=1728483303063&cu=e0b42932f31443e0be98b5b8f6e8deeb&w=4&e=1&cs=49c6783cdf4c3f91fe65e010a3546d13

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-length
1085
date
Wed, 09 Oct 2024 14:15:04 GMT
content-type
text/html;charset=utf-8
content-language
en

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-F12LFHCSHD
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-F12LFHCSHD
Domain
www.billiger.de
URL
https://www.billiger.de/common/modules/api/cmodul?mc=tRjHAj6KU3cP&p=e3ikwj_2k0-uyKUJJEjmI9I2S-cGJxVR7BLYERsEPHshjPymqzCEIaaKfO9YTzvrORDGyle5NYQvB1ZNVhk-26XlWkNdvU-sigFms0-sBCRLhxAQWtJd6q_SzWUM5P9aNcB8bFyJ1oBLThQQTS7RFHbPHFaBRKJX80Wcv4dPevja70dAK07XE2lca1Js6nIw496CRXhZeQBR8hJiJkXAiRxCPUyXwz9TXJFCBPp_pkfmCgJS19ZtfFHGxlOUsd-WM8OL6ilO_fpNA6l1_LQxY9Hcm9rnvGHDH_X0R01_rKJomh7A0CqAJxUEUVJyPToldgCBiTIIGv8tB0VrRELld3fYEHye4PzdiSQMJT90cfVEh7UkZwF1Epzbr5FPMsnkg&log=v030400016474e0b42932f31443e0be98b5b8f6e8deeb_site_id:5420dd23b7cd458db1668325b2bc12f2

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

3 Cookies

Domain/Path Name / Value
2.ew-verlag-analytics.com/ Name: uhash
Value: 194cb1446ba4dbe6e56abfd4bf3c6874803b64d1d8c98ba10db9c9c1c5c6c93d
.linksprf.com/ Name: ykuid
Value: 7af131184c564ad7ac408d83f7a61b80
r.linksprf.com/ Name: JSESSIONID
Value: AE5B2BF1CEA58C29A47804B0EA64DBE1

1 Console Messages

Source Level URL
Text
network error URL: https://r.linksprf.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()