ww3.advurl.com Open in urlscan Pro
69.16.228.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.www.linkypanda.com/
Effective URL:
https://ww3.advurl.com/ads/prem_ga.php?geoshort=CA&source=AR-455004&target=6ac94e1ac528eaa8fff0183e5&ip=157.254.49.163
Submission: On December 17 via api (December 17th 2024, 6:51:27 am UTC) from US — Scanned from CA

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 8 HTTP transactions. The main IP is 69.16.228.6, located in United States and belongs to LIQUIDWEB, US. The main domain is ww3.advurl.com.
TLS certificate: Issued by R11 on November 21st 2024. Valid for: 3 months.

This is the only time ww3.advurl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.232.31.180 172.232.31.180	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	67.227.226.240 67.227.226.240	32244 (LIQUIDWEB) (LIQUIDWEB)
1 2	3.33.192.145 3.33.192.145	16509 (AMAZON-02) (AMAZON-02)
1	130.211.29.114 130.211.29.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.241.15.240 35.241.15.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	69.16.228.6 69.16.228.6	32244 (LIQUIDWEB) (LIQUIDWEB)
8	5

1 172.232.31.180 (Chicago, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: anchor02.parklogic.com

www.www.linkypanda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.227.226.240 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com

ww99.linkypanda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.192.145 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com

wedlore-c.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.15.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (New York, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml-v4.ngcluster-d.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.228.6 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host01.mystatscenter.com

ww3.advurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 42639 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 12953	90 KB
3	linkypanda.com 1 redirects www.www.linkypanda.com ww99.linkypanda.com	2 KB
2	advurl.com ww3.advurl.com	746 B
2	wedlore-c.click 1 redirects wedlore-c.click	21 KB
1	ngcluster-d.site 1 redirects xml-v4.ngcluster-d.site	271 B
8	5

	Domain	Requested by
2	ww3.advurl.com	wedlore-c.click
2	cas.avalon.perfdrive.com	cdn.perfdrive.com
2	wedlore-c.click	1 redirects ww99.linkypanda.com
2	ww99.linkypanda.com	ww99.linkypanda.com
1	xml-v4.ngcluster-d.site	1 redirects
1	cdn.perfdrive.com	wedlore-c.click
1	www.www.linkypanda.com	1 redirects
8	7

This site contains no links.

Subject Issuer	Validity	Valid
wedlore-c.click Amazon RSA 2048 M03	`2024-11-18` - `2025-12-17`	a year	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2024-09-20` - `2025-09-26`	a year	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2024-07-26` - `2025-08-05`	a year	crt.sh
ww3.advurl.com R11	`2024-11-21` - `2025-02-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ww3.advurl.com/ads/prem_ga.php?geoshort=CA&source=AR-455004&target=6ac94e1ac528eaa8fff0183e5&ip=157.254.49.163
Frame ID: 8D9A1549C507CB8D2F2EA674C21F3E79
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.www.linkypanda.com/ HTTP 302
http://ww99.linkypanda.com/ HTTP 307
https://ww99.linkypanda.com/ HTTP 307
http://ww99.linkypanda.com/ Page URL
http://ww99.linkypanda.com/page/bouncy.php?&bpae=GbhGdL0mokxzDXOEkbW9FFoZDE3jhyLU0vYOMJ3xJzG9g8O4iOdfIr... Page URL
http://wedlore-c.click/api/v1/px?xmlid=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE HTTP 307
https://wedlore-c.click/api/v1/px?xmlid=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE Page URL
https://wedlore-c.click/api/v1/pxcheck?impId=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE&minfo=eyJjb29r... HTTP 302
http://xml-v4.ngcluster-d.site/click?seat=1891635&i=Kvj69jJ2VSM_0 HTTP 307
https://xml-v4.ngcluster-d.site/click?seat=1891635&i=Kvj69jJ2VSM_0 HTTP 302
http://ww3.advurl.com/ads/prem_ga.php?geoshort=CA&source=AR-455004&target=6ac94e1ac528eaa8fff0183e... HTTP 307
https://ww3.advurl.com/ads/prem_ga.php?geoshort=CA&source=AR-455004&target=6ac94e1ac528eaa8fff0183e... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

8
Requests

75 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

5
IPs

1
Countries

113 kB
Transfer

334 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.www.linkypanda.com/ HTTP 302
http://ww99.linkypanda.com/ HTTP 307
https://ww99.linkypanda.com/ HTTP 307
http://ww99.linkypanda.com/ Page URL
http://ww99.linkypanda.com/page/bouncy.php?&bpae=GbhGdL0mokxzDXOEkbW9FFoZDE3jhyLU0vYOMJ3xJzG9g8O4iOdfIr5Hd42gBZmkMQ6uDy5G6QmF5ITqc9IH6GyQtv16S3Svc4Q4z4V7BzQqIEAKNLeL3Y%2FntzHCdaPsBhCUsvlLGn0aXm0uYBgy0VVl0768JO7l3Mol4yhYcrKSl8LwHsNrgN7%2Fz%2FkXoXMI2NcA2qm1UygFRjqRnTM%2BGT%2Fg7Q%2FssHeJ%2BhVzJBEPHNxxbC50o20XphVwyVft9kUt%2FX7ziIQblgKmh%2F%2FGsvr2q110nr1N1%2BB1ogARLAB7pQjemSBQc0Ihhau7FEGzRWQY%2BAXK1Szk3fyOSrbVzE3hxtgW%2BR8xEaeCS8DGV%2Fg%2BjSB1kmTwcjjCnE6Yjv9k6KRVs0TpAry7KyRXNZtABYgq4hbiGmdA6dbKo6FcVMmPeNN%2FPWnjcZHx0pxJYixkKXSWLIIyURAM3GF9lsCbWseIzts%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
http://wedlore-c.click/api/v1/px?xmlid=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE HTTP 307
https://wedlore-c.click/api/v1/px?xmlid=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE Page URL
https://wedlore-c.click/api/v1/pxcheck?impId=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTMxLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly93ZWRsb3JlLWMuY2xpY2svYXBpL3YxL3B4P3htbGlkPVVWdFRHUlpyQ2s0ZlJCMW1nUGZ1RzEwaWJEZ2FwNXdsZGd4cjFiSUUiLCJkZXZpY2VTcmVlblNpemUiOiIxMjAweDE2MDAiLCJkZXZpY2VXaW5kb3dTaXplIjoiMTIwMHgxNjAwIiwid25kMnNyY1JhdGlvTHdyMDYiOmZhbHNlLCJlZmZlY3RpdmVUeXBlIjoiNGciLCJ0eiI6NDgwLCJ0ekludGwiOiJBbWVyaWNhL1ZhbmNvdXZlciIsImlzQm90IjpmYWxzZSwiZkJvdE5hbWUiOiIiLCJmUmVhc29ucyI6IiJ9 HTTP 302
http://xml-v4.ngcluster-d.site/click?seat=1891635&i=Kvj69jJ2VSM_0 HTTP 307
https://xml-v4.ngcluster-d.site/click?seat=1891635&i=Kvj69jJ2VSM_0 HTTP 302
http://ww3.advurl.com/ads/prem_ga.php?geoshort=CA&source=AR-455004&target=6ac94e1ac528eaa8fff0183e5&ip=157.254.49.163 HTTP 307
https://ww3.advurl.com/ads/prem_ga.php?geoshort=CA&source=AR-455004&target=6ac94e1ac528eaa8fff0183e5&ip=157.254.49.163 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.www.linkypanda.com/ HTTP 302
http://ww99.linkypanda.com/ HTTP 307
https://ww99.linkypanda.com/ HTTP 307
http://ww99.linkypanda.com/

Request Chain 2

http://wedlore-c.click/api/v1/px?xmlid=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE HTTP 307
https://wedlore-c.click/api/v1/px?xmlid=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ ww99.linkypanda.com/ Redirect Chain https://www.www.linkypanda.com/ http://ww99.linkypanda.com/ https://ww99.linkypanda.com/ http://ww99.linkypanda.com/	2 KB 1015 B	1473ms 1466ms	Document text/html	67.227.226.240 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL http://ww99.linkypanda.com/ Protocol HTTP/1.1 Server 67.227.226.240 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS lb01.parklogic.com Software / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 17 Dec 2024 06:51:23 GMT Pragma no-cache Transfer-Encoding chunked Redirect headers Location http://ww99.linkypanda.com/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	bouncy.php ww99.linkypanda.com/page/	763 B 600 B	79ms 79ms	Document text/html	67.227.226.240 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL http://ww99.linkypanda.com/page/bouncy.php?&bpae=GbhGdL0mokxzDXOEkbW9FFoZDE3jhyLU0vYOMJ3xJzG9g8O4iOdfIr5Hd42gBZmkMQ6uDy5G6QmF5ITqc9IH6GyQtv16S3Svc4Q4z4V7BzQqIEAKNLeL3Y%2FntzHCdaPsBhCUsvlLGn0aXm0uYBgy0VVl0768JO7l3Mol4yhYcrKSl8LwHsNrgN7%2Fz%2FkXoXMI2NcA2qm1UygFRjqRnTM%2BGT%2Fg7Q%2FssHeJ%2BhVzJBEPHNxxbC50o20XphVwyVft9kUt%2FX7ziIQblgKmh%2F%2FGsvr2q110nr1N1%2BB1ogARLAB7pQjemSBQc0Ihhau7FEGzRWQY%2BAXK1Szk3fyOSrbVzE3hxtgW%2BR8xEaeCS8DGV%2Fg%2BjSB1kmTwcjjCnE6Yjv9k6KRVs0TpAry7KyRXNZtABYgq4hbiGmdA6dbKo6FcVMmPeNN%2FPWnjcZHx0pxJYixkKXSWLIIyURAM3GF9lsCbWseIzts%3D&redirectType=js&inIframe=false&inPopUp=false Requested by Host: ww99.linkypanda.com URL: http://ww99.linkypanda.com/ Protocol HTTP/1.1 Server 67.227.226.240 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS lb01.parklogic.com Software / Resource Hash Request headers Referer http://ww99.linkypanda.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 17 Dec 2024 06:51:23 GMT Pragma no-cache Transfer-Encoding chunked
GET H2	200	px Show response wedlore-c.click/api/v1/ Redirect Chain http://wedlore-c.click/api/v1/px?xmlid=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE https://wedlore-c.click/api/v1/px?xmlid=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE	90 KB 21 KB	340ms 102ms	Document text/html	3.33.192.145 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wedlore-c.click/api/v1/px?xmlid=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE Requested by Host: ww99.linkypanda.com URL: http://ww99.linkypanda.com/page/bouncy.php?&bpae=GbhGdL0mokxzDXOEkbW9FFoZDE3jhyLU0vYOMJ3xJzG9g8O4iOdfIr5Hd42gBZmkMQ6uDy5G6QmF5ITqc9IH6GyQtv16S3Svc4Q4z4V7BzQqIEAKNLeL3Y%2FntzHCdaPsBhCUsvlLGn0aXm0uYBgy0VVl0768JO7l3Mol4yhYcrKSl8LwHsNrgN7%2Fz%2FkXoXMI2NcA2qm1UygFRjqRnTM%2BGT%2Fg7Q%2FssHeJ%2BhVzJBEPHNxxbC50o20XphVwyVft9kUt%2FX7ziIQblgKmh%2F%2FGsvr2q110nr1N1%2BB1ogARLAB7pQjemSBQc0Ihhau7FEGzRWQY%2BAXK1Szk3fyOSrbVzE3hxtgW%2BR8xEaeCS8DGV%2Fg%2BjSB1kmTwcjjCnE6Yjv9k6KRVs0TpAry7KyRXNZtABYgq4hbiGmdA6dbKo6FcVMmPeNN%2FPWnjcZHx0pxJYixkKXSWLIIyURAM3GF9lsCbWseIzts%3D&redirectType=js&inIframe=false&inPopUp=false Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.192.145 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ab226b763647f1870.awsglobalaccelerator.com Software / Resource Hash `569afd2d6217ff59377e189fc621778fa6d0553d1ea10d35581a92059fbba8a4` Request headers Referer http://ww99.linkypanda.com/page/bouncy.php?&bpae=GbhGdL0mokxzDXOEkbW9FFoZDE3jhyLU0vYOMJ3xJzG9g8O4iOdfIr5Hd42gBZmkMQ6uDy5G6QmF5ITqc9IH6GyQtv16S3Svc4Q4z4V7BzQqIEAKNLeL3Y%2FntzHCdaPsBhCUsvlLGn0aXm0uYBgy0VVl0768JO7l3Mol4yhYcrKSl8LwHsNrgN7%2Fz%2FkXoXMI2NcA2qm1UygFRjqRnTM%2BGT%2Fg7Q%2FssHeJ%2BhVzJBEPHNxxbC50o20XphVwyVft9kUt%2FX7ziIQblgKmh%2F%2FGsvr2q110nr1N1%2BB1ogARLAB7pQjemSBQc0Ihhau7FEGzRWQY%2BAXK1Szk3fyOSrbVzE3hxtgW%2BR8xEaeCS8DGV%2Fg%2BjSB1kmTwcjjCnE6Yjv9k6KRVs0TpAry7KyRXNZtABYgq4hbiGmdA6dbKo6FcVMmPeNN%2FPWnjcZHx0pxJYixkKXSWLIIyURAM3GF9lsCbWseIzts%3D&redirectType=js&inIframe=false&inPopUp=false Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-origin * content-encoding gzip content-type text/html; charset=utf-8 date Tue, 17 Dec 2024 06:51:23 GMT etag W/"1698d-4IoMq8IUztRBkuAzUCN9+zlY740" vary Accept-Encoding Redirect headers Location https://wedlore-c.click/api/v1/px?xmlid=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE Non-Authoritative-Reason HttpsUpgrades
GET H2	200	stormcaster.js Show response cdn.perfdrive.com/advanced/	240 KB 90 KB	237ms 35ms	Script application/javascript	130.211.29.114 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cdn.perfdrive.com/advanced/stormcaster.js Requested by Host: wedlore-c.click URL: https://wedlore-c.click/api/v1/px?xmlid=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 114.29.211.130.bc.googleusercontent.com Software nginx/1.10.1 / Resource Hash `06355098292635455e261866d3ae12f98ce81e3dac79295425ed5863e823e79f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wedlore-c.click/ Response headers cache-control max-age=3600,public content-encoding gzip etag W/"674e9703-3bf3a" age 1269 via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 91395 date Tue, 17 Dec 2024 06:30:14 GMT last-modified Tue, 03 Dec 2024 05:28:35 GMT content-type application/javascript server nginx/1.10.1 vary Accept-Encoding
POST H2	200	jsdata cas.avalon.perfdrive.com/	360 B 414 B	227ms 54ms	XHR text/plain	35.241.15.240 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cas.avalon.perfdrive.com/jsdata? Requested by Host: cdn.perfdrive.com URL: https://cdn.perfdrive.com/advanced/stormcaster.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 240.15.241.35.bc.googleusercontent.com Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://wedlore-c.click/ Response headers via 1.1 google x-response-time 1ms access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 360 date Tue, 17 Dec 2024 06:51:24 GMT content-type text/plain; charset=UTF-8
POST H2	200	jsdata cas.avalon.perfdrive.com/	198 B 343 B	225ms 52ms	XHR text/plain	35.241.15.240 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cas.avalon.perfdrive.com/jsdata? Requested by Host: cdn.perfdrive.com URL: https://cdn.perfdrive.com/advanced/stormcaster.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 240.15.241.35.bc.googleusercontent.com Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://wedlore-c.click/ Response headers via 1.1 google x-response-time 1ms access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 198 date Tue, 17 Dec 2024 06:51:24 GMT content-type text/plain; charset=UTF-8
GET H/1.1	404 Not Found	Primary Request prem_ga.php Show response ww3.advurl.com/ads/ Redirect Chain https://wedlore-c.click/api/v1/pxcheck?impId=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuM... http://xml-v4.ngcluster-d.site/click?seat=1891635&i=Kvj69jJ2VSM_0 https://xml-v4.ngcluster-d.site/click?seat=1891635&i=Kvj69jJ2VSM_0 http://ww3.advurl.com/ads/prem_ga.php?geoshort=CA&source=AR-455004&target=6ac94e1ac528eaa8fff0183e5&ip=157.254.49.163 https://ww3.advurl.com/ads/prem_ga.php?geoshort=CA&source=AR-455004&target=6ac94e1ac528eaa8fff0183e5&ip=157.254.49.163	16 B 230 B	455ms 147ms	Document text/html	69.16.228.6 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://ww3.advurl.com/ads/prem_ga.php?geoshort=CA&source=AR-455004&target=6ac94e1ac528eaa8fff0183e5&ip=157.254.49.163 Requested by Host: wedlore-c.click URL: https://wedlore-c.click/api/v1/px?xmlid=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.16.228.6 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host01.mystatscenter.com Software Apache / Resource Hash `8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Tue, 17 Dec 2024 06:51:24 GMT Keep-Alive timeout=2, max=500 Server Apache Transfer-Encoding chunked Redirect headers Location https://ww3.advurl.com/ads/prem_ga.php?geoshort=CA&source=AR-455004&target=6ac94e1ac528eaa8fff0183e5&ip=157.254.49.163 Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	404 Not Found	favicon.ico ww3.advurl.com/	315 B 516 B	81ms 81ms	Other text/html	69.16.228.6 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://ww3.advurl.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.16.228.6 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host01.mystatscenter.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ww3.advurl.com/ads/prem_ga.php?geoshort=CA&source=AR-455004&target=6ac94e1ac528eaa8fff0183e5&ip=157.254.49.163 Response headers Keep-Alive timeout=2, max=499 Content-Length 315 Date Tue, 17 Dec 2024 06:51:25 GMT Content-Type text/html; charset=iso-8859-1 Server Apache Connection Keep-Alive

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wedlore-c.click/	1970-01-21 06:06:06	Name: __ssds Value: 2
.wedlore-c.click/	1970-01-21 06:06:06	Name: __ssuzjsr2 Value: a9be3cd8e
.wedlore-c.click/	1970-01-21 06:06:06	Name: __uzmaj2 Value: eb107981-7d5e-4c7a-9a47-f7342199a201
.wedlore-c.click/	1970-01-21 06:06:06	Name: __uzmbj2 Value: 1734418284
.wedlore-c.click/	1970-01-21 06:06:06	Name: __uzmcj2 Value: 491191051036
.wedlore-c.click/	1970-01-21 06:06:06	Name: __uzmdj2 Value: 1734418284
.wedlore-c.click/	1970-01-21 06:06:06	Name: __uzmlj2 Value: Ovll4tzkrlAoy8YnwRn1xw+tkaB14HiC0H39y/gym3k=
.wedlore-c.click/	1970-01-21 06:06:06	Name: __uzmfj2 Value: 7f6000a7ea2479-9764-4f5e-81c1-47cdb487570b17344182842180-9e6008cfbf17d15310

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://wedlore-c.click/api/v1/px?xmlid=UVtTGRZrCk4fRB1mgPfuG10ibDgap5wldgxr1bIE Message: [GroupMarkerNotSet(crbug.com/242999)!:A080B0009C060000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://ww3.advurl.com/ads/prem_ga.php?geoshort=CA&source=AR-455004&target=6ac94e1ac528eaa8fff0183e5&ip=157.254.49.163 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://ww3.advurl.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cas.avalon.perfdrive.com
cdn.perfdrive.com
wedlore-c.click
ww3.advurl.com
ww99.linkypanda.com
www.www.linkypanda.com
xml-v4.ngcluster-d.site
130.211.29.114
172.232.31.180
173.239.53.32
3.33.192.145
35.241.15.240
67.227.226.240
69.16.228.6
06355098292635455e261866d3ae12f98ce81e3dac79295425ed5863e823e79f
569afd2d6217ff59377e189fc621778fa6d0553d1ea10d35581a92059fbba8a4
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

ww3.advurl.com Open in urlscan Pro 69.16.228.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

75 %HTTPS

0 %IPv6

5 Domains

7 Subdomains

5 IPs

1 Countries

113 kBTransfer

334 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

8 Cookies

3 Console Messages

Indicators

ww3.advurl.com Open in urlscan Pro
69.16.228.6 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

75 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

5
IPs

1
Countries

113 kB
Transfer

334 kB
Size

8
Cookies

8 HTTP transactions
0 data transactions