urlscan.io logo urlscan.io
SecurityTrails logo

www.epto.it Open in urlscan Pro
151.11.49.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bookings.micrososft.com/
Effective URL: https://www.epto.it/oki-c824n-p-47074204.html?utm_campaign=cpc&utm_term=47074204&utm_medium=comparatore&utm_epto=050...
Submission Tags: @phishunt_io
Submission: On July 16 via api from DE — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 14 domains to perform 51 HTTP transactions. The main IP is 151.11.49.70, located in Italy and belongs to GENESYS-AS, IT. The main domain is www.epto.it.
TLS certificate: Issued by R10 on July 10th 2024. Valid for: 3 months.
This is the only time www.epto.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.178.34 61969 (TEAMINTER...)
1 18.66.121.138 16509 (AMAZON-02)
1 54.205.103.129 14618 (AMAZON-AES)
1 44.194.155.73 14618 (AMAZON-AES)
2 85.13.154.109 34788 (NMM-AS D)
1 172.217.16.200 15169 (GOOGLE)
1 3 18.202.86.139 16509 (AMAZON-02)
1 1 88.99.112.2 24940 (HETZNER-AS)
1 5 95.211.116.26 60781 (LEASEWEB-...)
2 3.161.82.87 16509 (AMAZON-02)
1 142.250.185.206 15169 (GOOGLE)
1 151.11.49.70 24994 (GENESYS-AS)
51 12
4    185.53.178.34 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
bookings.micrososft.com
1    18.66.121.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-138.fra60.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
1    54.205.103.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-103-129.compute-1.amazonaws.com
heimi-lwx.com
1    44.194.155.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-155-73.compute-1.amazonaws.com
priam-hsj.com
2    85.13.154.109 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd37834.kasserver.com
2.ew-verlag-analytics.com
1    172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f200.1e100.net
www.googletagmanager.com
3    18.202.86.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-86-139.eu-west-1.compute.amazonaws.com
r.linksprf.com
1    88.99.112.2 (Aachen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: app1.yadore.com
api.yadore.com
5    95.211.116.26 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-mx-vip.kelkoo.com
it-go.kelkoogroup.net
2    3.161.82.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-87.fra56.r.cloudfront.net
dd.kelkoogroup.net
1    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
www.google-analytics.com
1    151.11.49.70 (Italy)

ASN24994 (GENESYS-AS, IT)
PTR: serverwebepto1.interhost.it
www.epto.it
Apex Domain
Subdomains		 Transfer
7 kelkoogroup.net
it-go.kelkoogroup.net
dd.kelkoogroup.net — Cisco Umbrella Rank: 383318
67 KB
4 micrososft.com
bookings.micrososft.com
3 KB
3 linksprf.com
r.linksprf.com — Cisco Umbrella Rank: 103090
5 KB
2 ew-verlag-analytics.com
2.ew-verlag-analytics.com
2 KB
1 epto.it
www.epto.it
images.epto.it Failed
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
258 B
1 yadore.com
api.yadore.com — Cisco Umbrella Rank: 401560
429 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 Failed
104 KB
1 priam-hsj.com
priam-hsj.com — Cisco Umbrella Rank: 632916
2 KB
1 heimi-lwx.com
heimi-lwx.com — Cisco Umbrella Rank: 312066
3 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
0 paypal.com Failed
www.paypal.com Failed
0 scalapay.com Failed
cdn.scalapay.com Failed
0 heidipay.com Failed
upstream.heidipay.com Failed
51 14
Domain Requested by
5 it-go.kelkoogroup.net 1 redirects r.linksprf.com
it-go.kelkoogroup.net
4 bookings.micrososft.com d38psrni17bvxu.cloudfront.net
bookings.micrososft.com
3 r.linksprf.com 1 redirects 2.ew-verlag-analytics.com
2 dd.kelkoogroup.net it-go.kelkoogroup.net
dd.kelkoogroup.net
2 2.ew-verlag-analytics.com priam-hsj.com
2.ew-verlag-analytics.com
1 www.epto.it it-go.kelkoogroup.net
www.epto.it
1 www.google-analytics.com it-go.kelkoogroup.net
1 api.yadore.com 1 redirects
1 www.googletagmanager.com 2.ew-verlag-analytics.com
1 priam-hsj.com heimi-lwx.com
1 heimi-lwx.com bookings.micrososft.com
1 d38psrni17bvxu.cloudfront.net bookings.micrososft.com
0 www.paypal.com Failed www.epto.it
0 cdn.scalapay.com Failed www.epto.it
0 upstream.heidipay.com Failed www.epto.it
0 images.epto.it Failed www.epto.it
51 16

This site contains no links.

Subject Issuer Validity Valid
bookings.micrososft.com
R11		 2024-07-16 -
2024-10-14		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
zeropark.com
Amazon RSA 2048 M02		 2024-06-11 -
2025-07-09		 a year crt.sh
priam-hsj.com
Amazon RSA 2048 M03		 2024-07-12 -
2025-08-10		 a year crt.sh
2.ew-verlag-analytics.com
R10		 2024-06-28 -
2024-09-26		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
linksprf.com
R11		 2024-06-21 -
2024-09-19		 3 months crt.sh
*.kelkoogroup.net
Thawte TLS RSA CA G1		 2023-09-14 -
2024-10-10		 a year crt.sh
dd.kelkoogroup.net
R3		 2024-05-10 -
2024-08-08		 3 months crt.sh
epto.it
R10		 2024-07-10 -
2024-10-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.epto.it/oki-c824n-p-47074204.html?utm_campaign=cpc&utm_term=47074204&utm_medium=comparatore&utm_epto=050048050052048055049054&utm_source=kelkoo&from=kelkoo
Frame ID: EE91ED7A51D15A91DEC9948C7E136F5E
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bookings.micrososft.com/ Page URL
  2. http://heimi-lwx.com/zclkvisitor/e63f8f94-434e-11ef-a25a-0affd52edd95/85aefdc2-9ed0-48aa-922d-60f... HTTP 307
    https://heimi-lwx.com/zclkvisitor/e63f8f94-434e-11ef-a25a-0affd52edd95/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://priam-hsj.com/zclkredirect?visitid=e63f8f94-434e-11ef-a25a-0affd52edd95&type=js&browserWid... Page URL
  4. https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=microsoft&country=IT&... Page URL
  5. https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=epto.it&country=IT&clickid=zre63f8f94434e11efa25a... Page URL
  6. https://r.linksprf.com/v1/redirect?type=linkId&id=629420f80f924c5db4977c5b1a690ce6&api_key=cea975ca... HTTP 302
    https://r.linksprf.com/v2/go?t=8tap6%3Ad%2F9pf.0a4oae4camcva%2F2%3F1%3Dam5a4E110F4Z3XvXd2tCeHe0ajpL... Page URL
  7. https://api.yadore.com/v2/r?e=YmlaeE41UFpZUXZXY2dCeHE0TjlLVFFlbkNydm11aE5VZlQwN2hmbjFpMDVicWE2eEcyU... HTTP 302
    https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliatio... Page URL
  8. https://it-go.kelkoogroup.net/redirect?country=it&k=612f7a9541cd6ea61eb554c0e4cff4371ce18feff9bb83492e8320... HTTP 303
    https://www.epto.it/oki-c824n-p-47074204.html?utm_campaign=cpc&utm_term=47074204&utm_medium=comp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

51
Requests

37 %
HTTPS

0 %
IPv6

14
Domains

16
Subdomains

12
IPs

5
Countries

185 kB
Transfer

623 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bookings.micrososft.com/ Page URL
  2. http://heimi-lwx.com/zclkvisitor/e63f8f94-434e-11ef-a25a-0affd52edd95/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=a72d55f0-d45c-11ee-a5a6-123af5e664ff HTTP 307
    https://heimi-lwx.com/zclkvisitor/e63f8f94-434e-11ef-a25a-0affd52edd95/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=a72d55f0-d45c-11ee-a5a6-123af5e664ff Page URL
  3. https://priam-hsj.com/zclkredirect?visitid=e63f8f94-434e-11ef-a25a-0affd52edd95&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome Page URL
  4. https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=microsoft&country=IT&clickid=zre63f8f94434e11efa25a0affd52edd95e5ec29dc873549d882ee2e217b5c59ce083624afb65a57b33b&keyword=microsoft&traffic_type=DOMAIN&visit_cost=0.010900&browser=Chrome&campaign_id=2333644&campaign_name=microsoft+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=a72d55f0-d45c-11ee-a5a6-123af5e664ff&match=microsoft&os=Linux&region=MILANO&source=lateritious-falcon&target=mike-dab-1x2n06pz0r&visitor_type=NON-ADULT Page URL
  5. https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=epto.it&country=IT&clickid=zre63f8f94434e11efa25a0affd52edd95e5ec29dc873549d882ee2e217b5c59ce083624afb65a57b33b Page URL
  6. https://r.linksprf.com/v1/redirect?type=linkId&id=629420f80f924c5db4977c5b1a690ce6&api_key=cea975ca443d9c501082ba156aadebf5&site_id=cf3d066457044d2c9c4a6004f1c0de86&dch=feed&ad_t=advertiser&url=epto.it&country=IT&type=url&source=ew-verlag.de&yk_tag=zre63f8f94434e11efa25a0affd52edd95e5ec29dc873549d882ee2e217b5c59ce083624afb65a57b33b HTTP 302
    https://r.linksprf.com/v2/go?t=8tap6%3Ad%2F9pf.0a4oae4camcva%2F2%3F1%3Dam5a4E110F4Z3XvXd2tCeHe0ajpLCFOlukYyfmj1gEWV%3Dl%26w%3D2PmcjTppDNipWc28Eey5lbHhVNSIGcwhmMPl0RKV2OMZlNtZiNUVESM9US31VZvNmaJF0UINkNx5Ge4pDTGJnamF2NaVkV3BjMx51cjxURBF0eEcHSZJ0NYgGNhZ3MD9EaWpjdwRlMypFNOY3TwFCShFWLvdVL0sWe05ESCR0YR9FbRJ0V1RFZNBUQzF2MoVkQBVWeJM1NxVEcQlVRR5UdrkkZrZUZSpza05WU1QGRW9ENqpGV5glYUYVUwZVS6JTSnlzQZNDRBN3M1J1Y0ZFRMNEUpJ0M2kWM2g1Y65VbF8VSzYUYypXVmNHVyd2R1ZGbnJ2aP9mMCs3bzR1blQjcohCRK5XRtJkWPIET2E3QhV1UVtUdrhjNwFGTXpVWIdUd6hGbUFDV5ZnW5dWNzl2UvVUTypUNKdWaIQDYXg0NMFTNrl2exZWdi8kbi9GbX5jdmZnMLlWdRwkcspmV4tTYGdUQvlUT55zUQdzdKYjU5dFROZEUwcSe5Enc4V3M5FGb9hQN%3DQiZe5Xag14dANSbIF4V%26llTcEmendIY%3DZ0U0p0U046e5l8Yee6r62f%2F8o4.fr9d2y8i6af%2F5set5h&s=https%3A%2F%2F2.ew-verlag-analytics.com%2F&e=1&ai=d69a8e616eb54d0e91e6e7434d3b3380&sct=0&ct=1721119167708&cu=8ae1626afc8a44fa94208f69fd56ea58&cs=c46e513db807bfd7008f3e455610ecea Page URL
  7. https://api.yadore.com/v2/r?e=YmlaeE41UFpZUXZXY2dCeHE0TjlLVFFlbkNydm11aE5VZlQwN2hmbjFpMDVicWE2eEcyUlZHRVdSUGYwdmdPU05KT2lMQldtYitUVEpMcUw3dVlvMmZJd05Ibk9xbG84dDZGenlmN2FaNkg3YjQxa1djNUpBT0VEUHlZN0dYWGZhV3FDbEhWdjdwWlpyTFFON3hwdCthUWVvQVE0TWI0WEJCR05RRFhRc0Q1bFRNbUszM29oakJBbWZJR1dxVENQVVpRYUYrSk8rbU5SYzg0MWk1MGJWUENqRGZ5YlJUMVNwRVN6QTlnSzJZSDZBU3Y1Y1g0VFpMNE9pR0Q2UW52a1p6ZVZFZVkzdU5yRXlmcHVyN2M1eGVnQ2VPMmFCQ3BzZ1RlVjJobC9KYXRtSk5PeEs2L3dhL1FVSUFrTjYwNGpXMVRIdUp6aG9UMDZ5Nng5NWJzS2cveUFyRUxKcW5IMDBXV0VMNTFra2JxTWpiek5iNGNXUjFmanNLZW1RSk9sSmV4NTZGNUZvOUV5RzlQMzhKcjI5NFhObE5weS85cnp4N3p5TGc9PQ==&i=eWXggj4fAYSuIO4C&placementId=v0304000164558ae1626afc8a44fa94208f69fd56ea58 HTTP 302
    https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F Page URL
  8. https://it-go.kelkoogroup.net/redirect?country=it&k=612f7a9541cd6ea61eb554c0e4cff4371ce18feff9bb83492e8320a636627d28c179e5b30108ffe522dd565151904a994b6491f0d6637c099aa22ed960bfcaf04c24326af9db9586efe206c48f9f8da4dc28130dc1d739866cb6ca7790c407579d0c8e3f4d455f6ab49c0287808020e6cb49f889a0a80958469854df0b913732627fc81fef7485444cf18c85af3d4bae5fc74bdf117cc35b138d9aea5e1c0b457edff6af7d06b54a315cf4948d61a99b60db4755148b921129a76620ffc29314b2be85d4a45e67ab6b2a8d559698cf602e6ba286e8c9c768a658a469cacb7da333cd6ff8925bb91f3ff3e4fdf0efabe8432d6fc52592e8874037c85e2bda98f95450122f383939cc7a274d8d4ec5f3d937a105cf2f22cdd219f9cd78eb8a900acb4fa75874e76305226b49a4ebb3c29489ea07931858a9c6bd47ec60fa3e98e9ad8d93d3c3374f930e4ac387ed6755d9a7ba401023adc4f4fdc8286d936d4c8e25aaed4c66075eee02a92b36d6ba2da5&url=https%3A%2F%2Fwww.epto.it%2Foki-c824n-p-47074204.html%3Futm_campaign%3Dcpc%26utm_term%3D47074204%26utm_medium%3Dcomparatore%26utm_epto%3D050048050052048055049054%26utm_source%3Dkelkoo%26from%3Dkelkoo HTTP 303
    https://www.epto.it/oki-c824n-p-47074204.html?utm_campaign=cpc&utm_term=47074204&utm_medium=comparatore&utm_epto=050048050052048055049054&utm_source=kelkoo&from=kelkoo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://heimi-lwx.com/zclkvisitor/e63f8f94-434e-11ef-a25a-0affd52edd95/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=a72d55f0-d45c-11ee-a5a6-123af5e664ff HTTP 307
  • https://heimi-lwx.com/zclkvisitor/e63f8f94-434e-11ef-a25a-0affd52edd95/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=a72d55f0-d45c-11ee-a5a6-123af5e664ff
Request Chain 11
  • https://r.linksprf.com/v1/redirect?type=linkId&id=629420f80f924c5db4977c5b1a690ce6&api_key=cea975ca443d9c501082ba156aadebf5&site_id=cf3d066457044d2c9c4a6004f1c0de86&dch=feed&ad_t=advertiser&url=epto.it&country=IT&type=url&source=ew-verlag.de&yk_tag=zre63f8f94434e11efa25a0affd52edd95e5ec29dc873549d882ee2e217b5c59ce083624afb65a57b33b HTTP 302
  • https://r.linksprf.com/v2/go?t=8tap6%3Ad%2F9pf.0a4oae4camcva%2F2%3F1%3Dam5a4E110F4Z3XvXd2tCeHe0ajpLCFOlukYyfmj1gEWV%3Dl%26w%3D2PmcjTppDNipWc28Eey5lbHhVNSIGcwhmMPl0RKV2OMZlNtZiNUVESM9US31VZvNmaJF0UINkNx5Ge4pDTGJnamF2NaVkV3BjMx51cjxURBF0eEcHSZJ0NYgGNhZ3MD9EaWpjdwRlMypFNOY3TwFCShFWLvdVL0sWe05ESCR0YR9FbRJ0V1RFZNBUQzF2MoVkQBVWeJM1NxVEcQlVRR5UdrkkZrZUZSpza05WU1QGRW9ENqpGV5glYUYVUwZVS6JTSnlzQZNDRBN3M1J1Y0ZFRMNEUpJ0M2kWM2g1Y65VbF8VSzYUYypXVmNHVyd2R1ZGbnJ2aP9mMCs3bzR1blQjcohCRK5XRtJkWPIET2E3QhV1UVtUdrhjNwFGTXpVWIdUd6hGbUFDV5ZnW5dWNzl2UvVUTypUNKdWaIQDYXg0NMFTNrl2exZWdi8kbi9GbX5jdmZnMLlWdRwkcspmV4tTYGdUQvlUT55zUQdzdKYjU5dFROZEUwcSe5Enc4V3M5FGb9hQN%3DQiZe5Xag14dANSbIF4V%26llTcEmendIY%3DZ0U0p0U046e5l8Yee6r62f%2F8o4.fr9d2y8i6af%2F5set5h&s=https%3A%2F%2F2.ew-verlag-analytics.com%2F&e=1&ai=d69a8e616eb54d0e91e6e7434d3b3380&sct=0&ct=1721119167708&cu=8ae1626afc8a44fa94208f69fd56ea58&cs=c46e513db807bfd7008f3e455610ecea
Request Chain 12
  • https://api.yadore.com/v2/r?e=YmlaeE41UFpZUXZXY2dCeHE0TjlLVFFlbkNydm11aE5VZlQwN2hmbjFpMDVicWE2eEcyUlZHRVdSUGYwdmdPU05KT2lMQldtYitUVEpMcUw3dVlvMmZJd05Ibk9xbG84dDZGenlmN2FaNkg3YjQxa1djNUpBT0VEUHlZN0dYWGZhV3FDbEhWdjdwWlpyTFFON3hwdCthUWVvQVE0TWI0WEJCR05RRFhRc0Q1bFRNbUszM29oakJBbWZJR1dxVENQVVpRYUYrSk8rbU5SYzg0MWk1MGJWUENqRGZ5YlJUMVNwRVN6QTlnSzJZSDZBU3Y1Y1g0VFpMNE9pR0Q2UW52a1p6ZVZFZVkzdU5yRXlmcHVyN2M1eGVnQ2VPMmFCQ3BzZ1RlVjJobC9KYXRtSk5PeEs2L3dhL1FVSUFrTjYwNGpXMVRIdUp6aG9UMDZ5Nng5NWJzS2cveUFyRUxKcW5IMDBXV0VMNTFra2JxTWpiek5iNGNXUjFmanNLZW1RSk9sSmV4NTZGNUZvOUV5RzlQMzhKcjI5NFhObE5weS85cnp4N3p5TGc9PQ==&i=eWXggj4fAYSuIO4C&placementId=v0304000164558ae1626afc8a44fa94208f69fd56ea58 HTTP 302
  • https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bookings.micrososft.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bookings.micrososft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.34 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy nginx /
Resource Hash
71cba9c66b33c4745afc4890529206a303402e853cfadef42eaa6eda51cfdfd1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":8443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 16 Jul 2024 08:39:22 GMT
host
{http.reverse_proxy.upstream.hostport}
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_NPJi+ui8hRKAuS0KFPOD0YXWiBt3gnkF06JYhosLJAJk+qx1ZLfdVigr7XsQxyAz5oZGIx1T/NjVqbyG3IeduA==
x-buckets
bucket011
x-domain
micrososft.com
x-forwarded-host
bookings.micrososft.com
x-language
italian
x-redirect
zeropark_zeroclick
x-ssl-c
v1
x-ssl-proxy
v2
x-subdomain
bookings
x-template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: bookings.micrososft.com
URL: https://bookings.micrososft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-121-138.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

Referer
https://bookings.micrososft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 04:35:24 GMT
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
age
14638
etag
"65fc1e7b-448"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1096
x-amz-cf-id
LlQ6Y6MP_pYXOMceYK5kaou-OjEyuXTRTaqHQP8UqPb99NYYHCvKVw==
track.php
bookings.micrososft.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bookings.micrososft.com/track.php?domain=micrososft.com&toggle=browserjs&uid=MTcyMTExOTE2MS45NTUyOmY5Njc3YzQ0ODZjOTRkZDFjMmVjYWVlNzVlNWY0ZmIyN2M4MTkxNGQ1ZTA1Yjk2ZDcxNTYyMGJjOTQ1ZTQ0YzE6NjY5NjMxYjllOTMxYQ%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.34 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

device-memory
8
rtt
150
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://bookings.micrososft.com/
dpr
1
downlink
10
ect
4g

Response headers

date
Tue, 16 Jul 2024 08:39:22 GMT
content-encoding
gzip
x-ssl-proxy
v2
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
x-custom-track
browserjs
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-forwarded-host
bookings.micrososft.com
x-ssl-c
v1
alt-svc
h3=":8443"; ma=2592000
ls.php
bookings.micrososft.com/ 		16 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bookings.micrososft.com/ls.php?t=669631ba&token=63b62fde69b3a8606965d187bffe3dddbd43ea0b
Requested by
Host: bookings.micrososft.com
URL: https://bookings.micrososft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.34 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

device-memory
8
rtt
150
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://bookings.micrososft.com/
dpr
1
downlink
10
ect
4g

Response headers

date
Tue, 16 Jul 2024 08:39:23 GMT
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_BtEZPY3+kzEFSRiNUbX2ydGtNm1L2915zMSP9mNKKNwzBOFqa2DxPtFq5WHcJk+T1fUZSCowh9yMQZjql4pKdA==
x-ssl-c
v1
alt-svc
h3=":8443"; ma=2592000
x-ssl-proxy
v2
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
accept-ch-lifetime
30
charset
utf-8
x-forwarded-host
bookings.micrososft.com
x-log-success
669631bba8f8c220fa0a5165
track.php
bookings.micrososft.com/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bookings.micrososft.com/track.php?click=be040c2a9818d4929be142d49a673c3cd7644887&domain=micrososft.com&uid=MTcyMTExOTE2MS45NTUyOmY5Njc3YzQ0ODZjOTRkZDFjMmVjYWVlNzVlNWY0ZmIyN2M4MTkxNGQ1ZTA1Yjk2ZDcxNTYyMGJjOTQ1ZTQ0YzE6NjY5NjMxYjllOTMxYQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2Njk2MzFiOWU5MmRhfHx8MTcyMTExOTE2Mi4yODJ8NTZiNmI4NTNiNTc3Nzg0Y2RjMTUxN2JmMDg0NmNmNzdhYzMwN2E3YXx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDYzYjYyZmRlNjliM2E4NjA2OTY1ZDE4N2JmZmUzZGRkYmQ0M2VhMGJ8MHx8MHwwfHx8&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.34 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

device-memory
8
rtt
150
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://bookings.micrososft.com/
dpr
1
downlink
10
ect
4g

Response headers

date
Tue, 16 Jul 2024 08:39:23 GMT
content-encoding
gzip
x-ssl-proxy
v2
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
x-custom-track
none
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-forwarded-host
bookings.micrososft.com
x-ssl-c
v1
x-view-match
true
alt-svc
h3=":8443"; ma=2592000
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
heimi-lwx.com/zclkvisitor/e63f8f94-434e-11ef-a25a-0affd52edd95/
Redirect Chain
  • http://heimi-lwx.com/zclkvisitor/e63f8f94-434e-11ef-a25a-0affd52edd95/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=a72d55f0-d45c-11ee-a5a6-123af5e664ff
  • https://heimi-lwx.com/zclkvisitor/e63f8f94-434e-11ef-a25a-0affd52edd95/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=a72d55f0-d45c-11ee-a5a6-123af5e664ff
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heimi-lwx.com/zclkvisitor/e63f8f94-434e-11ef-a25a-0affd52edd95/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=a72d55f0-d45c-11ee-a5a6-123af5e664ff
Requested by
Host: bookings.micrososft.com
URL: https://bookings.micrososft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.103.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-103-129.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://bookings.micrososft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
2732
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Tue, 16 Jul 2024 08:39:23 GMT
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Location
https://heimi-lwx.com/zclkvisitor/e63f8f94-434e-11ef-a25a-0affd52edd95/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=a72d55f0-d45c-11ee-a5a6-123af5e664ff
Non-Authoritative-Reason
HttpsUpgrades
zclkredirect
priam-hsj.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://priam-hsj.com/zclkredirect?visitid=e63f8f94-434e-11ef-a25a-0affd52edd95&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Requested by
Host: heimi-lwx.com
URL: https://heimi-lwx.com/zclkvisitor/e63f8f94-434e-11ef-a25a-0affd52edd95/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=a72d55f0-d45c-11ee-a5a6-123af5e664ff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.155.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-155-73.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://heimi-lwx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
1362
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Tue, 16 Jul 2024 08:39:24 GMT
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
track_generic_keyword.php
2.ew-verlag-analytics.com/scripts/jump/ 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=microsoft&country=IT&clickid=zre63f8f94434e11efa25a0affd52edd95e5ec29dc873549d882ee2e217b5c59ce083624afb65a57b33b&keyword=microsoft&traffic_type=DOMAIN&visit_cost=0.010900&browser=Chrome&campaign_id=2333644&campaign_name=microsoft+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=a72d55f0-d45c-11ee-a5a6-123af5e664ff&match=microsoft&os=Linux&region=MILANO&source=lateritious-falcon&target=mike-dab-1x2n06pz0r&visitor_type=NON-ADULT
Requested by
Host: priam-hsj.com
URL: https://priam-hsj.com/zclkredirect?visitid=e63f8f94-434e-11ef-a25a-0affd52edd95&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.154.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd37834.kasserver.com
Software
Apache /
Resource Hash
0c142de862ae8ae9bf3ac728788c40c882f9cb75d0215b6d6f4396e76a6382e6
Security Headers
Name Value
Strict-Transport-Security max-age=600000

Request headers

Referer
https://priam-hsj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 16 Jul 2024 08:39:25 GMT
server
Apache
strict-transport-security
max-age=600000
vary
Accept-Encoding,User-Agent
js
www.googletagmanager.com/gtag/ 		0
0
go.php
2.ew-verlag-analytics.com/scripts/jump/ 		3 KB
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=epto.it&country=IT&clickid=zre63f8f94434e11efa25a0affd52edd95e5ec29dc873549d882ee2e217b5c59ce083624afb65a57b33b
Requested by
Host: 2.ew-verlag-analytics.com
URL: https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=microsoft&country=IT&clickid=zre63f8f94434e11efa25a0affd52edd95e5ec29dc873549d882ee2e217b5c59ce083624afb65a57b33b&keyword=microsoft&traffic_type=DOMAIN&visit_cost=0.010900&browser=Chrome&campaign_id=2333644&campaign_name=microsoft+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=a72d55f0-d45c-11ee-a5a6-123af5e664ff&match=microsoft&os=Linux&region=MILANO&source=lateritious-falcon&target=mike-dab-1x2n06pz0r&visitor_type=NON-ADULT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.154.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd37834.kasserver.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=600000

Request headers

Referer
https://2.ew-verlag-analytics.com/scripts/jump/track_generic_keyword.php?generic_keyword=microsoft&country=IT&clickid=zre63f8f94434e11efa25a0affd52edd95e5ec29dc873549d882ee2e217b5c59ce083624afb65a57b33b&keyword=microsoft&traffic_type=DOMAIN&visit_cost=0.010900&browser=Chrome&campaign_id=2333644&campaign_name=microsoft+-+IT+-+GenericKeyword+-+CPC1&carrier=unknown&city=Milan&device_id=&device=&geo=IT&keyword_match=exact&long_campaign_id=a72d55f0-d45c-11ee-a5a6-123af5e664ff&match=microsoft&os=Linux&region=MILANO&source=lateritious-falcon&target=mike-dab-1x2n06pz0r&visitor_type=NON-ADULT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 16 Jul 2024 08:39:26 GMT
server
Apache
strict-transport-security
max-age=600000
vary
Accept-Encoding,User-Agent
js
www.googletagmanager.com/gtag/ 		318 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F12LFHCSHD
Requested by
Host: 2.ew-verlag-analytics.com
URL: https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=epto.it&country=IT&clickid=zre63f8f94434e11efa25a0affd52edd95e5ec29dc873549d882ee2e217b5c59ce083624afb65a57b33b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://2.ew-verlag-analytics.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 08:39:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106303
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 Jul 2024 08:39:27 GMT
go
r.linksprf.com/v2/
Redirect Chain
  • https://r.linksprf.com/v1/redirect?type=linkId&id=629420f80f924c5db4977c5b1a690ce6&api_key=cea975ca443d9c501082ba156aadebf5&site_id=cf3d066457044d2c9c4a6004f1c0de86&dch=feed&ad_t=advertiser&url=ept...
  • https://r.linksprf.com/v2/go?t=8tap6%3Ad%2F9pf.0a4oae4camcva%2F2%3F1%3Dam5a4E110F4Z3XvXd2tCeHe0ajpLCFOlukYyfmj1gEWV%3Dl%26w%3D2PmcjTppDNipWc28Eey5lbHhVNSIGcwhmMPl0RKV2OMZlNtZiNUVESM9US31VZvNmaJF0UI...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.linksprf.com/v2/go?t=8tap6%3Ad%2F9pf.0a4oae4camcva%2F2%3F1%3Dam5a4E110F4Z3XvXd2tCeHe0ajpLCFOlukYyfmj1gEWV%3Dl%26w%3D2PmcjTppDNipWc28Eey5lbHhVNSIGcwhmMPl0RKV2OMZlNtZiNUVESM9US31VZvNmaJF0UINkNx5Ge4pDTGJnamF2NaVkV3BjMx51cjxURBF0eEcHSZJ0NYgGNhZ3MD9EaWpjdwRlMypFNOY3TwFCShFWLvdVL0sWe05ESCR0YR9FbRJ0V1RFZNBUQzF2MoVkQBVWeJM1NxVEcQlVRR5UdrkkZrZUZSpza05WU1QGRW9ENqpGV5glYUYVUwZVS6JTSnlzQZNDRBN3M1J1Y0ZFRMNEUpJ0M2kWM2g1Y65VbF8VSzYUYypXVmNHVyd2R1ZGbnJ2aP9mMCs3bzR1blQjcohCRK5XRtJkWPIET2E3QhV1UVtUdrhjNwFGTXpVWIdUd6hGbUFDV5ZnW5dWNzl2UvVUTypUNKdWaIQDYXg0NMFTNrl2exZWdi8kbi9GbX5jdmZnMLlWdRwkcspmV4tTYGdUQvlUT55zUQdzdKYjU5dFROZEUwcSe5Enc4V3M5FGb9hQN%3DQiZe5Xag14dANSbIF4V%26llTcEmendIY%3DZ0U0p0U046e5l8Yee6r62f%2F8o4.fr9d2y8i6af%2F5set5h&s=https%3A%2F%2F2.ew-verlag-analytics.com%2F&e=1&ai=d69a8e616eb54d0e91e6e7434d3b3380&sct=0&ct=1721119167708&cu=8ae1626afc8a44fa94208f69fd56ea58&cs=c46e513db807bfd7008f3e455610ecea
Requested by
Host: 2.ew-verlag-analytics.com
URL: https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=epto.it&country=IT&clickid=zre63f8f94434e11efa25a0affd52edd95e5ec29dc873549d882ee2e217b5c59ce083624afb65a57b33b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.202.86.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-86-139.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2.ew-verlag-analytics.com/scripts/jump/go.php?domain=epto.it&country=IT&clickid=zre63f8f94434e11efa25a0affd52edd95e5ec29dc873549d882ee2e217b5c59ce083624afb65a57b33b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-length
3098
content-type
text/html;charset=UTF-8
date
Tue, 16 Jul 2024 08:39:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

content-length
0
date
Tue, 16 Jul 2024 08:39:27 GMT
location
/v2/go?t=8tap6%3Ad%2F9pf.0a4oae4camcva%2F2%3F1%3Dam5a4E110F4Z3XvXd2tCeHe0ajpLCFOlukYyfmj1gEWV%3Dl%26w%3D2PmcjTppDNipWc28Eey5lbHhVNSIGcwhmMPl0RKV2OMZlNtZiNUVESM9US31VZvNmaJF0UINkNx5Ge4pDTGJnamF2NaVkV3BjMx51cjxURBF0eEcHSZJ0NYgGNhZ3MD9EaWpjdwRlMypFNOY3TwFCShFWLvdVL0sWe05ESCR0YR9FbRJ0V1RFZNBUQzF2MoVkQBVWeJM1NxVEcQlVRR5UdrkkZrZUZSpza05WU1QGRW9ENqpGV5glYUYVUwZVS6JTSnlzQZNDRBN3M1J1Y0ZFRMNEUpJ0M2kWM2g1Y65VbF8VSzYUYypXVmNHVyd2R1ZGbnJ2aP9mMCs3bzR1blQjcohCRK5XRtJkWPIET2E3QhV1UVtUdrhjNwFGTXpVWIdUd6hGbUFDV5ZnW5dWNzl2UvVUTypUNKdWaIQDYXg0NMFTNrl2exZWdi8kbi9GbX5jdmZnMLlWdRwkcspmV4tTYGdUQvlUT55zUQdzdKYjU5dFROZEUwcSe5Enc4V3M5FGb9hQN%3DQiZe5Xag14dANSbIF4V%26llTcEmendIY%3DZ0U0p0U046e5l8Yee6r62f%2F8o4.fr9d2y8i6af%2F5set5h&s=https%3A%2F%2F2.ew-verlag-analytics.com%2F&e=1&ai=d69a8e616eb54d0e91e6e7434d3b3380&sct=0&ct=1721119167708&cu=8ae1626afc8a44fa94208f69fd56ea58&cs=c46e513db807bfd7008f3e455610ecea
strict-transport-security
max-age=31536000; includeSubDomains
offersearchGo
it-go.kelkoogroup.net/
Redirect Chain
  • https://api.yadore.com/v2/r?e=YmlaeE41UFpZUXZXY2dCeHE0TjlLVFFlbkNydm11aE5VZlQwN2hmbjFpMDVicWE2eEcyUlZHRVdSUGYwdmdPU05KT2lMQldtYitUVEpMcUw3dVlvMmZJd05Ibk9xbG84dDZGenlmN2FaNkg3YjQxa1djNUpBT0VEUHlZN0d...
  • https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37...
33 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F
Requested by
Host: r.linksprf.com
URL: https://r.linksprf.com/v2/go?t=8tap6%3Ad%2F9pf.0a4oae4camcva%2F2%3F1%3Dam5a4E110F4Z3XvXd2tCeHe0ajpLCFOlukYyfmj1gEWV%3Dl%26w%3D2PmcjTppDNipWc28Eey5lbHhVNSIGcwhmMPl0RKV2OMZlNtZiNUVESM9US31VZvNmaJF0UINkNx5Ge4pDTGJnamF2NaVkV3BjMx51cjxURBF0eEcHSZJ0NYgGNhZ3MD9EaWpjdwRlMypFNOY3TwFCShFWLvdVL0sWe05ESCR0YR9FbRJ0V1RFZNBUQzF2MoVkQBVWeJM1NxVEcQlVRR5UdrkkZrZUZSpza05WU1QGRW9ENqpGV5glYUYVUwZVS6JTSnlzQZNDRBN3M1J1Y0ZFRMNEUpJ0M2kWM2g1Y65VbF8VSzYUYypXVmNHVyd2R1ZGbnJ2aP9mMCs3bzR1blQjcohCRK5XRtJkWPIET2E3QhV1UVtUdrhjNwFGTXpVWIdUd6hGbUFDV5ZnW5dWNzl2UvVUTypUNKdWaIQDYXg0NMFTNrl2exZWdi8kbi9GbX5jdmZnMLlWdRwkcspmV4tTYGdUQvlUT55zUQdzdKYjU5dFROZEUwcSe5Enc4V3M5FGb9hQN%3DQiZe5Xag14dANSbIF4V%26llTcEmendIY%3DZ0U0p0U046e5l8Yee6r62f%2F8o4.fr9d2y8i6af%2F5set5h&s=https%3A%2F%2F2.ew-verlag-analytics.com%2F&e=1&ai=d69a8e616eb54d0e91e6e7434d3b3380&sct=0&ct=1721119167708&cu=8ae1626afc8a44fa94208f69fd56ea58&cs=c46e513db807bfd7008f3e455610ecea
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
736b84ad4909357a41fb1aead3841f6ab0b4ebed8fbeb6791c557585f1761860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://r.linksprf.com/v2/go?t=8tap6%3Ad%2F9pf.0a4oae4camcva%2F2%3F1%3Dam5a4E110F4Z3XvXd2tCeHe0ajpLCFOlukYyfmj1gEWV%3Dl%26w%3D2PmcjTppDNipWc28Eey5lbHhVNSIGcwhmMPl0RKV2OMZlNtZiNUVESM9US31VZvNmaJF0UINkNx5Ge4pDTGJnamF2NaVkV3BjMx51cjxURBF0eEcHSZJ0NYgGNhZ3MD9EaWpjdwRlMypFNOY3TwFCShFWLvdVL0sWe05ESCR0YR9FbRJ0V1RFZNBUQzF2MoVkQBVWeJM1NxVEcQlVRR5UdrkkZrZUZSpza05WU1QGRW9ENqpGV5glYUYVUwZVS6JTSnlzQZNDRBN3M1J1Y0ZFRMNEUpJ0M2kWM2g1Y65VbF8VSzYUYypXVmNHVyd2R1ZGbnJ2aP9mMCs3bzR1blQjcohCRK5XRtJkWPIET2E3QhV1UVtUdrhjNwFGTXpVWIdUd6hGbUFDV5ZnW5dWNzl2UvVUTypUNKdWaIQDYXg0NMFTNrl2exZWdi8kbi9GbX5jdmZnMLlWdRwkcspmV4tTYGdUQvlUT55zUQdzdKYjU5dFROZEUwcSe5Enc4V3M5FGb9hQN%3DQiZe5Xag14dANSbIF4V%26llTcEmendIY%3DZ0U0p0U046e5l8Yee6r62f%2F8o4.fr9d2y8i6af%2F5set5h&s=https%3A%2F%2F2.ew-verlag-analytics.com%2F&e=1&ai=d69a8e616eb54d0e91e6e7434d3b3380&sct=0&ct=1721119167708&cu=8ae1626afc8a44fa94208f69fd56ea58&cs=c46e513db807bfd7008f3e455610ecea
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Content-Length
33950
Content-Type
text/html; charset=UTF-8
Date
Tue, 16 Jul 2024 08:39:29 GMT
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.050915S
X-Content-Type-Options
nosniff
X-DataDome
protected
X-Frame-Options
ALLOWALL
X-Permitted-Cross-Domain-Policies
master-only
X-Robots-Tag
noindex,nofollow
X-XSS-Protection
1; mode=block
clickId
107698147_1721119169618_3578787
country
it
leadId
62A901J2XB4Q3ENVPZD329DY9XXRNV

Redirect headers

content-type
text/html; charset=UTF-8
date
Tue, 16 Jul 2024 08:39:28 GMT
location
https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F
server
nginx
x-powered-by
PHP/8.0.30
favicon.ico
r.linksprf.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://r.linksprf.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.202.86.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-86-139.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://r.linksprf.com/v2/go?t=8tap6%3Ad%2F9pf.0a4oae4camcva%2F2%3F1%3Dam5a4E110F4Z3XvXd2tCeHe0ajpLCFOlukYyfmj1gEWV%3Dl%26w%3D2PmcjTppDNipWc28Eey5lbHhVNSIGcwhmMPl0RKV2OMZlNtZiNUVESM9US31VZvNmaJF0UINkNx5Ge4pDTGJnamF2NaVkV3BjMx51cjxURBF0eEcHSZJ0NYgGNhZ3MD9EaWpjdwRlMypFNOY3TwFCShFWLvdVL0sWe05ESCR0YR9FbRJ0V1RFZNBUQzF2MoVkQBVWeJM1NxVEcQlVRR5UdrkkZrZUZSpza05WU1QGRW9ENqpGV5glYUYVUwZVS6JTSnlzQZNDRBN3M1J1Y0ZFRMNEUpJ0M2kWM2g1Y65VbF8VSzYUYypXVmNHVyd2R1ZGbnJ2aP9mMCs3bzR1blQjcohCRK5XRtJkWPIET2E3QhV1UVtUdrhjNwFGTXpVWIdUd6hGbUFDV5ZnW5dWNzl2UvVUTypUNKdWaIQDYXg0NMFTNrl2exZWdi8kbi9GbX5jdmZnMLlWdRwkcspmV4tTYGdUQvlUT55zUQdzdKYjU5dFROZEUwcSe5Enc4V3M5FGb9hQN%3DQiZe5Xag14dANSbIF4V%26llTcEmendIY%3DZ0U0p0U046e5l8Yee6r62f%2F8o4.fr9d2y8i6af%2F5set5h&s=https%3A%2F%2F2.ew-verlag-analytics.com%2F&e=1&ai=d69a8e616eb54d0e91e6e7434d3b3380&sct=0&ct=1721119167708&cu=8ae1626afc8a44fa94208f69fd56ea58&cs=c46e513db807bfd7008f3e455610ecea
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-language
en
date
Tue, 16 Jul 2024 08:39:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-length
1085
content-type
text/html;charset=utf-8
p.png
it-go.kelkoogroup.net/assets/images/ 		68 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it-go.kelkoogroup.net/assets/images/p.png?country=it&k=612f7a9541cd6ea61eb554c0e4cff4371ce18feff9bb83492e8320a636627d28c179e5b30108ffe522dd565151904a994b6491f0d6637c099aa22ed960bfcaf04c24326af9db9586efe206c48f9f8da4dc28130dc1d739866cb6ca7790c407579d0c8e3f4d455f6ab49c0287808020e6cb49f889a0a80958469854df0b913732627fc81fef7485444cf18c85af3d4bae5fc74bdf117cc35b138d9aea5e1c0b457edff6af7d06b54a315cf4948d61a99b60db4755148b921129a76620ffc29314b2be85d4a45e67ab6b2a8d559698cf602e6ba286e8c9c768a658a469cacb7da333cd6ff8925bb91f3ff3e4fdf0efabe8432d6fc52592e8874037c85e2bda98f95450122f383939cc7a274d8d4ec5f3d937a105cf2f22cdd219f9cd78eb8a900acb4fa75874e76305226b49a4ebb3c29489ea07931858a9c6bd47ec60fa3e98e9ad8d93d3c3374f930e4ac387ed6755d9a7ba401023adc4f4fdc8286d936d4c8e25aaed4c66075eee02a92b36d6ba2da5
Requested by
Host: it-go.kelkoogroup.net
URL: https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory
8

Response headers

Date
Tue, 16 Jul 2024 08:39:30 GMT
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
leadId
62A901J2XB4Q3ENVPZD329DY9XXRNV
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
PT0.003487S
X-Frame-Options
ALLOWALL
Content-Type
image/png
Cache-Control
private, must-revalidate
clickId
107698147_1721119169618_3578787
country
it
X-Robots-Tag
noindex,nofollow
Content-Length
68
X-XSS-Protection
1; mode=block
tags.js
dd.kelkoogroup.net/ 		156 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.kelkoogroup.net/tags.js
Requested by
Host: it-go.kelkoogroup.net
URL: https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://it-go.kelkoogroup.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
fCXuzD1P1x6KszucicHjtHMUgbxqpjbn
content-encoding
gzip
via
1.1 950827d16996e598fc854bddb58b3ff0.cloudfront.net (CloudFront)
date
Tue, 16 Jul 2024 07:47:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P10
age
3143
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 15 Jul 2024 15:43:05 GMT
server
AmazonS3
etag
W/"dd6ad135f031844199251dcacf5872f9"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600, public
x-amz-cf-id
BxEFdKSHKOu1PmcJWP1pRVazqtUP5grdCL3TEq7EL0R3m0Rd72A7Vw==
collect
www.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FRRS5YKZYZ&_p=681086243&sr=1600x1200&ul=it-it&cid=56922729.1721119170&uid=a4c6293-190bab25c53-7a656&_fv=1&_s=1&dl=https%3A%2F%2Fit-go.kelkoogroup.net%2FoffersearchGo%3F.ts%3D1721111325061%26.sig%3DPxWeGdy9uvjn7AgDkpoVE4m17qc-%26affiliationId%3D96965877%26comId%3D100498289%26country%3Dit%26offerId%3D47cbebb2206eeaaa922174ec9587b829%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Dc4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6%26publisherSubId%3DeYgSwWwSndf6%26publisherTrafficType%3Dpublishernetwork%26originReferer%3Dhttps%253A%252F%252Fr.linksprf.com%252F&dt=Reindirizzato%20a%20Epto.it&dr=https%3A%2F%2Fr.linksprf.com%2F&dp=%2F96965877%7C100498289%7C&sid=1721119170&sct=1&seg=1&en=page_view&_ss=1&ep.cd1=96965877&ep.cd2=62A901J2XB4Q3ENVPZD329DY9XXRNV&ep.cd3=100498289&ep.cd4=a4c6293-190bab25c53-7a656&ep.cd5=&ep.cd6=96965877%7C100498289%7C
Requested by
Host: it-go.kelkoogroup.net
URL: https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://it-go.kelkoogroup.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jul 2024 08:39:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://it-go.kelkoogroup.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ados.js
it-go.kelkoogroup.net/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://it-go.kelkoogroup.net/ados.js
Requested by
Host: it-go.kelkoogroup.net
URL: https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory
8

Response headers

Content-Security-Policy
frame-ancestors 'none'
Date
Tue, 16 Jul 2024 08:39:30 GMT
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
PT0.000353S
X-Frame-Options
DENY
Content-Type
text/html; charset=UTF-8
X-Robots-Tag
noindex,nofollow
Content-Length
1140
X-XSS-Protection
1; mode=block
fp
it-go.kelkoogroup.net/ 		0
454 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://it-go.kelkoogroup.net/fp?country=it&k=612f7a9541cd6ea61eb554c0e4cff4371ce18feff9bb83492e8320a636627d28c179e5b30108ffe522dd565151904a994b6491f0d6637c099aa22ed960bfcaf04c24326af9db9586efe206c48f9f8da4dc28130dc1d739866cb6ca7790c407579d0c8e3f4d455f6ab49c0287808020e6cb49f889a0a80958469854df0b913732627fc81fef7485444cf18c85af3d4bae5fc74bdf117cc35b138d9aea5e1c0b457edff6af7d06b54a315cf4948d61a99b60db4755148b921129a76620ffc29314b2be85d4a45e67ab6b2a8d559698cf602e6ba286e8c9c768a658a469cacb7da333cd6ff8925bb91f3ff3e4fdf0efabe8432d6fc52592e8874037c85e2bda98f95450122f383939cc7a274d8d4ec5f3d937a105cf2f22cdd219f9cd78eb8a900acb4fa75874e76305226b49a4ebb3c29489ea07931858a9c6bd47ec60fa3e98e9ad8d93d3c3374f930e4ac387ed6755d9a7ba401023adc4f4fdc8286d936d4c8e25aaed4c66075eee02a92b36d6ba2da5
Requested by
Host: it-go.kelkoogroup.net
URL: https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.116.26 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
dc1-ecs-pub-mx-vip.kelkoo.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory
8
Content-Type
text/plain;charset=utf-8

Response headers

Date
Tue, 16 Jul 2024 08:39:31 GMT
Referrer-Policy
origin-when-cross-origin
X-Content-Type-Options
nosniff
leadId
62A901J2XB4Q3ENVPZD329DY9XXRNV
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
PT0.011777S
X-Frame-Options
ALLOWALL
Content-Type
text/plain; charset=UTF-8
clickId
107698147_1721119169618_3578787
country
it
X-Robots-Tag
noindex,nofollow
Content-Length
0
X-XSS-Protection
1; mode=block
Primary Request oki-c824n-p-47074204.html
www.epto.it/
Redirect Chain
  • https://it-go.kelkoogroup.net/redirect?country=it&k=612f7a9541cd6ea61eb554c0e4cff4371ce18feff9bb83492e8320a636627d28c179e5b30108ffe522dd565151904a994b6491f0d6637c099aa22ed960bfcaf04c24326af9db9586e...
  • https://www.epto.it/oki-c824n-p-47074204.html?utm_campaign=cpc&utm_term=47074204&utm_medium=comparatore&utm_epto=050048050052048055049054&utm_source=kelkoo&from=kelkoo
98 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.epto.it/oki-c824n-p-47074204.html?utm_campaign=cpc&utm_term=47074204&utm_medium=comparatore&utm_epto=050048050052048055049054&utm_source=kelkoo&from=kelkoo
Requested by
Host: it-go.kelkoogroup.net
URL: https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.11.49.70 , Italy, ASN24994 (GENESYS-AS, IT),
Reverse DNS
serverwebepto1.interhost.it
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=0; includeSubdomain; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory
8

Response headers

access-control-allow-methods
POST, GET
content-encoding
gzip
content-length
23731
content-type
text/html; charset=UTF-8
date
Tue, 16 Jul 2024 08:39:31 GMT
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains max-age=0; includeSubdomain; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Content-Length
0
Date
Tue, 16 Jul 2024 08:39:31 GMT
Location
https://www.epto.it/oki-c824n-p-47074204.html?utm_campaign=cpc&utm_term=47074204&utm_medium=comparatore&utm_epto=050048050052048055049054&utm_source=kelkoo&from=kelkoo
Referrer-Policy
origin-when-cross-origin
Request-Time
PT0.015391S
X-Content-Type-Options
nosniff
X-DataDome
protected
X-Frame-Options
ALLOWALL
X-Permitted-Cross-Domain-Policies
master-only
X-Robots-Tag
noindex,nofollow
X-XSS-Protection
1; mode=block
clickId
107698147_1721119169618_3578787
country
it
leadId
62A901J2XB4Q3ENVPZD329DY9XXRNV
30010b77-c9a3-4288-9477-1ab91c13d22e
https://it-go.kelkoogroup.net/ 		597 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://it-go.kelkoogroup.net/30010b77-c9a3-4288-9477-1ab91c13d22e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
597
Content-Type
application/javascript
/
dd.kelkoogroup.net/js/ 		236 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dd.kelkoogroup.net/js/
Requested by
Host: dd.kelkoogroup.net
URL: https://dd.kelkoogroup.net/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-87.fra56.r.cloudfront.net
Software
DataDome /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://it-go.kelkoogroup.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 16 Jul 2024 08:39:31 GMT
via
1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
DataDome
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
236
x-amz-cf-id
U70gGPkzsKKYCFP9UkABX4xkY9V15v20Xfzfp_fu5Ht3jG9V1lmc-Q==
expires
0
jquery.min.js
www.epto.it/js/ 		0
0
llj.js
www.epto.it/js/ 		0
0
epto-script.js.php
www.epto.it/js/ 		0
0
jquery.swipe-min.js
www.epto.it/js/ 		0
0
tipso-min.js
www.epto.it/js/ 		0
0
epto-menu_n.js
www.epto.it/js/ 		0
0
swiper.min.js
www.epto.it/js/ 		0
0
slide-menu-min.js
www.epto.it/js/ 		0
0
jquery-confirm.min.js
www.epto.it/js/ 		0
0
jquery-confirm.min.css
www.epto.it/js/ 		0
0
tipso.css
www.epto.it/ 		0
0
main-min.css.php
www.epto.it/ 		0
0
slide-menu-min.css
www.epto.it/js/ 		0
0
swiper.min.css
www.epto.it/css/ 		0
0
photoswipe.min.css
www.epto.it/js/dist/ 		0
0
Lato.css
www.epto.it/fonts/ 		0
0
epto-logo21.png
images.epto.it/images/ 		0
0
loading.gif
images.epto.it/images/ 		0
0
home_ico.gif
images.epto.it/images/ 		0
0
raquo2.gif
images.epto.it/images/ 		0
0
n_stars_5.gif
images.epto.it/images/ 		0
0
heidi-upstream-lib.js
upstream.heidipay.com/sdk/ 		0
0
scalapay-widget.esm.js
cdn.scalapay.com/widget/v3/js/ 		0
0
js
www.paypal.com/sdk/ 		0
0
stelle45.png
images.epto.it/images/ 		0
0
blk.gif
images.epto.it/images/ 		0
0
busta.gif
images.epto.it/images/ 		0
0
cookieconsent-min.js
www.epto.it/js/ 		0
0
cookieconsent-init.js.php
www.epto.it/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-F12LFHCSHD
Domain
www.epto.it
URL
https://www.epto.it/js/jquery.min.js
Domain
www.epto.it
URL
https://www.epto.it/js/llj.js
Domain
www.epto.it
URL
https://www.epto.it/js/epto-script.js.php?v=17
Domain
www.epto.it
URL
https://www.epto.it/js/jquery.swipe-min.js
Domain
www.epto.it
URL
https://www.epto.it/js/tipso-min.js
Domain
www.epto.it
URL
https://www.epto.it/js/epto-menu_n.js?v=17
Domain
www.epto.it
URL
https://www.epto.it/js/swiper.min.js
Domain
www.epto.it
URL
https://www.epto.it/js/slide-menu-min.js
Domain
www.epto.it
URL
https://www.epto.it/js/jquery-confirm.min.js
Domain
www.epto.it
URL
https://www.epto.it/js/jquery-confirm.min.css
Domain
www.epto.it
URL
https://www.epto.it/tipso.css?v=1
Domain
www.epto.it
URL
https://www.epto.it/main-min.css.php?v=1.302
Domain
www.epto.it
URL
https://www.epto.it/js/slide-menu-min.css
Domain
www.epto.it
URL
https://www.epto.it/css/swiper.min.css
Domain
www.epto.it
URL
https://www.epto.it/js/dist/photoswipe.min.css
Domain
www.epto.it
URL
https://www.epto.it/fonts/Lato.css
Domain
images.epto.it
URL
https://images.epto.it/images/epto-logo21.png
Domain
images.epto.it
URL
https://images.epto.it/images/loading.gif
Domain
images.epto.it
URL
https://images.epto.it/images/home_ico.gif
Domain
images.epto.it
URL
https://images.epto.it/images/raquo2.gif
Domain
images.epto.it
URL
https://images.epto.it/images/n_stars_5.gif
Domain
upstream.heidipay.com
URL
https://upstream.heidipay.com/sdk/heidi-upstream-lib.js
Domain
cdn.scalapay.com
URL
https://cdn.scalapay.com/widget/v3/js/scalapay-widget.esm.js
Domain
www.paypal.com
URL
https://www.paypal.com/sdk/js?client-id=AZ6xYVlhNgBzH-JnV-drZMLpeB51rqv9DVxb9eierNkWzQdMME4rAAzfCQKXDqIq4K_Eauvk_hV9lvVa&currency=EUR&components=messages
Domain
images.epto.it
URL
https://images.epto.it/images/stelle45.png
Domain
images.epto.it
URL
https://images.epto.it/images/blk.gif
Domain
images.epto.it
URL
https://images.epto.it/images/busta.gif
Domain
www.epto.it
URL
https://www.epto.it/js/cookieconsent-min.js
Domain
www.epto.it
URL
https://www.epto.it/js/cookieconsent-init.js.php

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Domain/Path Name / Value
2.ew-verlag-analytics.com/ Name: uhash
Value: 4bcfadd608e395f8ae5c1ae31a2eaaf4191e2963eb42ae26ef5b296de86b65ea
.linksprf.com/ Name: ykuid
Value: 767b6ef02c144695a30cde3b7a58a49a
r.linksprf.com/ Name: JSESSIONID
Value: AAFF45A7C1F8AFADF2663515215B596A
.ew-verlag-analytics.com/ Name: _ga
Value: GA1.1.233115744.1721119168
.ew-verlag-analytics.com/ Name: _ga_F12LFHCSHD
Value: GS1.1.1721119167.1.0.1721119168.0.0.0
.kelkoogroup.net/ Name: kelkooID
Value: a4c6293-190bab25c53-7a656
.kelkoogroup.net/ Name: datadome
Value: _rB4fPMIZNjTI~yhW30w1BIy11HiEla1OTbZti~5xy4jjylLixho0CD93nGpuCvOK55AOtBxMhJaIL85UJjacI85qMtX6U7PTfttJ14KB6OTfDabq__BseInQvdV58tQ
www.epto.it/ Name: name
Value: value
.www.epto.it/ Name: cookie_test
Value: please_accept_for_session
www.epto.it/ Name: from_
Value: kelkooref
.epto.it/ Name: deja_vue
Value: a%3A1%3A%7Bi%3A0%3Bs%3A8%3A%2247074204%22%3B%7D

2 Console Messages

Source Level URL
Text
network error URL: https://r.linksprf.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://it-go.kelkoogroup.net/offersearchGo?.ts=1721111325061&.sig=PxWeGdy9uvjn7AgDkpoVE4m17qc-&affiliationId=96965877&comId=100498289&country=it&offerId=47cbebb2206eeaaa922174ec9587b829&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c4de6e947d66185f8303441f96cad35b53feee74c1eed0c85d5452a266b87ec6&publisherSubId=eYgSwWwSndf6&publisherTrafficType=publishernetwork&originReferer=https%3A%2F%2Fr.linksprf.com%2F(Line 28)
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)