ure3w.il0v31th0t.top Open in urlscan Pro
213.227.149.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://runative-syndicate.com/api/v1/direct/5445275d159142d2a08d883be5748126
Effective URL:
https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK&clickid=d9eb0j73m4v...
Submission: On December 19 via manual (December 19th 2024, 8:38:21 pm UTC) from US — Scanned from US

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 213.227.149.216, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL. The main domain is ure3w.il0v31th0t.top.
TLS certificate: Issued by E6 on December 5th 2024. Valid for: 3 months.

This is the only time ure3w.il0v31th0t.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	213.174.157.82 213.174.157.82	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
1 1	85.17.23.6 85.17.23.6	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
8	213.227.149.216 213.227.149.216	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
8	213.227.152.232 213.227.152.232	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
5 5	83.149.73.233 83.149.73.233	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
5 10	104.19.131.76 104.19.131.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	4

1 213.174.157.82 (Ashburn, United States) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

runative-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.17.23.6 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

mellamopremiumclickurl.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.227.149.216 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

ure3w.il0v31th0t.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.227.152.232 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

wbidder04112024.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 83.149.73.233 (Purmerend, Netherlands) 5 redirects

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

crtv.wboptim.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.19.131.76 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	mgid.com 5 redirects c.mgid.com — Cisco Umbrella Rank: 7409 s-img.mgid.com — Cisco Umbrella Rank: 9960	59 KB
8	wbidder04112024.com wbidder04112024.com — Cisco Umbrella Rank: 93473	13 KB
8	il0v31th0t.top ure3w.il0v31th0t.top	75 KB
5	wboptim.online 5 redirects crtv.wboptim.online — Cisco Umbrella Rank: 75209	4 KB
1	mellamopremiumclickurl.top 1 redirects mellamopremiumclickurl.top	307 B
1	runative-syndicate.com 1 redirects runative-syndicate.com — Cisco Umbrella Rank: 185900	799 B
24	6

	Domain	Requested by
8	wbidder04112024.com	ure3w.il0v31th0t.top
8	ure3w.il0v31th0t.top	ure3w.il0v31th0t.top
5	s-img.mgid.com
5	c.mgid.com	5 redirects
5	crtv.wboptim.online	5 redirects
1	mellamopremiumclickurl.top	1 redirects
1	runative-syndicate.com	1 redirects
24	7

This site contains no links.

Subject Issuer	Validity	Valid
*.il0v31th0t.top E6	`2024-12-05` - `2025-03-05`	3 months	crt.sh
*.wbidder04112024.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-11-04` - `2025-12-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK&clickid=d9eb0j73m4vsahpa&country={country}&affid=500648&subid=4681321&as=adk&tn=30&tx=90
Frame ID: 5AFBD62225EE312538C2D2BEAE52E168
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play

Page URL History Show full URLs

http://runative-syndicate.com/api/v1/direct/5445275d159142d2a08d883be5748126 HTTP 307
https://runative-syndicate.com/api/v1/direct/5445275d159142d2a08d883be5748126 HTTP 302
https://mellamopremiumclickurl.top/click?c=d9eb0j73m4vsahpa&f=500648&s=4681321&d=Mh761O7b226970223a2237322e3134... HTTP 302
https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK... Page URL

Page Statistics

24
Requests

67 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

4
IPs

3
Countries

143 kB
Transfer

293 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://runative-syndicate.com/api/v1/direct/5445275d159142d2a08d883be5748126 HTTP 307
https://runative-syndicate.com/api/v1/direct/5445275d159142d2a08d883be5748126 HTTP 302
https://mellamopremiumclickurl.top/click?c=d9eb0j73m4vsahpa&f=500648&s=4681321&d=Mh761O7b226970223a2237322e31342e3134382e3433222c2262726f77736572223a224368726f6d65222c2262726f7773657256657273696f6e223a223132382e302e363631332e3838222c226f73223a22416e64726f6964227dzx65M&b=0.00115&cp=1 HTTP 302
https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK&clickid=d9eb0j73m4vsahpa&country={country}&affid=500648&subid=4681321&as=adk&tn=30&tx=90 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CL3ZvwnRBxseuI-o6T2IrGpiuNhjxJHqIJEynZeswcfPJeMPlTBjIYQc6biSOTy4JooG8eo6HZt_zrzr_d_IFpIatmZgiKA5dpJh6WXWIdzU*%26cid%3D383520%26f%3D1%26h2%3DDAg1qqz7dngVC2pHTMYcbw0dORn4NlM5Va5f-75Qt8AUeXh_t6GvZqEe5fE_NWb2%26rid%3D2c7a36fa-be49-11ef-8df1-c84bd68370c0%26psid%3Dbid_501618%26iub%3DaHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE2MTg3NzIyLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1EVXZOelF5TVRZMUwyRmtPR05tWTJVMlpHSmlPV0kzTjJJMFl6UXdabUV4TUdOalltTXlOemczTG1wd1p3LndlYnA_dj0xNzM0NjQwNjk1LU1LRTVRdVI3ZW5hV2R5OVlzd3c0VjZLMjBlVnRfTmhReXV2T0VPZndEc1E%3D&s=2012&a=bid_onw_500648&uA=bid_501618&sub=4681321&d=31&ic=1 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|L3ZvwnRBxseuI-o6T2IrGpiuNhjxJHqIJEynZeswcfPJeMPlTBjIYQc6biSOTy4JooG8eo6HZt_zrzr_d_IFpIatmZgiKA5dpJh6WXWIdzU*&cid=383520&f=1&h2=DAg1qqz7dngVC2pHTMYcbw0dORn4NlM5Va5f-75Qt8AUeXh_t6GvZqEe5fE_NWb2&rid=2c7a36fa-be49-11ef-8df1-c84bd68370c0&psid=bid_501618&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE2MTg3NzIyLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1EVXZOelF5TVRZMUwyRmtPR05tWTJVMlpHSmlPV0kzTjJJMFl6UXdabUV4TUdOalltTXlOemczTG1wd1p3LndlYnA_dj0xNzM0NjQwNjk1LU1LRTVRdVI3ZW5hV2R5OVlzd3c0VjZLMjBlVnRfTmhReXV2T0VPZndEc1E= HTTP 301
https://s-img.mgid.com/g/16187722/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1734640695-MKE5QuR7enaWdy9Ysww4V6K20eVt_NhQyuvOEOfwDsQ

Request Chain 18

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CL3ZvwnRBxseuI-o6T2IrGnh4F049AH6-2jhfAyyNo1CbK_YA5RKQsVMAL4Rmfkg4GKz0KZTpcJw0X2ziI5z3vLZD9_BmUhtiSwiMUdJ7B8E*%26cid%3D383520%26f%3D1%26h2%3DDAg1qqz7dngVC2pHTMYcb9BTWKfnT25RAf-n6-CP4rDKDH0eG06LJ_B4xRYkPtyi%26rid%3D2c7ae5e7-be49-11ef-b5b7-c84bd6836428%26psid%3Dbid_501618%26iub%3DaHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzIxMTczNjYxLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpRdE1UQXZOelF5TVRZMUx6ZG1NR05pTjJSaU16RXdNVGxsTldaaU5UTmhabUUyTWpJeFlXSm1aVGM1TG5CdVp3LndlYnA_dj0xNzM0NjQwNjk1LW45OENWYVM3QTB4c0FlSmJjZ3FIVUthWlVUN2N6aGNaZHdQbzB0el9yUVk%3D&s=2012&a=bid_onw_500648&uA=bid_501618&sub=4681321&d=73&ic=1 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|L3ZvwnRBxseuI-o6T2IrGnh4F049AH6-2jhfAyyNo1CbK_YA5RKQsVMAL4Rmfkg4GKz0KZTpcJw0X2ziI5z3vLZD9_BmUhtiSwiMUdJ7B8E*&cid=383520&f=1&h2=DAg1qqz7dngVC2pHTMYcb9BTWKfnT25RAf-n6-CP4rDKDH0eG06LJ_B4xRYkPtyi&rid=2c7ae5e7-be49-11ef-b5b7-c84bd6836428&psid=bid_501618&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzIxMTczNjYxLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpRdE1UQXZOelF5TVRZMUx6ZG1NR05pTjJSaU16RXdNVGxsTldaaU5UTmhabUUyTWpJeFlXSm1aVGM1TG5CdVp3LndlYnA_dj0xNzM0NjQwNjk1LW45OENWYVM3QTB4c0FlSmJjZ3FIVUthWlVUN2N6aGNaZHdQbzB0el9yUVk= HTTP 301
https://s-img.mgid.com/g/21173661/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMTAvNzQyMTY1LzdmMGNiN2RiMzEwMTllNWZiNTNhZmE2MjIxYWJmZTc5LnBuZw.webp?v=1734640695-n98CVaS7A0xsAeJbcgqHUKaZUT7czhcZdwPo0tz_rQY

Request Chain 19

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CL3ZvwnRBxseuI-o6T2IrGlnqlNVM4idTQUKInZExE2jcGEnYDKzB4OaIHBVUEwGsfdVN3dTJK5XWk2-eF_vDsJUg50qos6PUv7qUjfpGVU4*%26cid%3D1501979%26f%3D1%26h2%3DDAg1qqz7dngVC2pHTMYcb9BTWKfnT25RAf-n6-CP4rDKDH0eG06LJ_B4xRYkPtyi%26rid%3D2c7a251f-be49-11ef-8df1-c84bd68370c0%26psid%3Dbid_501126%26iub%3DaHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE5NDA4MTIyLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21kdmIyUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpRdE1EUXZOVFV4T0RnNUx6UTVaVGhqT0dZd016bGxZelZpWldFNVpqYzVOak0xWlRkbE9UaGhOakptTG1wd1pXYy53ZWJwP3Y9MTczNDY0MDY5NS1BNjZfcmdMeUNIWE5Na3Y3amhiN3RwaWZHVno4ZDlFZGNDZExmd1pVZzhv&s=2298&a=bid_onw_500648&uA=bid_501126&sub=4681321&d=60&ic=1 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|L3ZvwnRBxseuI-o6T2IrGlnqlNVM4idTQUKInZExE2jcGEnYDKzB4OaIHBVUEwGsfdVN3dTJK5XWk2-eF_vDsJUg50qos6PUv7qUjfpGVU4*&cid=1501979&f=1&h2=DAg1qqz7dngVC2pHTMYcb9BTWKfnT25RAf-n6-CP4rDKDH0eG06LJ_B4xRYkPtyi&rid=2c7a251f-be49-11ef-8df1-c84bd68370c0&psid=bid_501126&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE5NDA4MTIyLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21kdmIyUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpRdE1EUXZOVFV4T0RnNUx6UTVaVGhqT0dZd016bGxZelZpWldFNVpqYzVOak0xWlRkbE9UaGhOakptTG1wd1pXYy53ZWJwP3Y9MTczNDY0MDY5NS1BNjZfcmdMeUNIWE5Na3Y3amhiN3RwaWZHVno4ZDlFZGNDZExmd1pVZzhv HTTP 301
https://s-img.mgid.com/g/19408122/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjOGYwMzllYzViZWE5Zjc5NjM1ZTdlOThhNjJmLmpwZWc.webp?v=1734640695-A66_rgLyCHXNMkv7jhb7tpifGVz8d9EdcCdLfwZUg8o

Request Chain 23

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7Cq4sYBE8b9M_1amciCrRnmOYbh_nYB3DJ2J1ty7V7imShVA1wzNWiD0S9H0Kfg36S7tF7rFMcTpTKB2jyfB22O_40e69WBxfSkFzVhWBZ4-E*%26cid%3D383522%26f%3D1%26h2%3DDAg1qqz7dngVC2pHTMYcb9BTWKfnT25RAf-n6-CP4rDKDH0eG06LJ_B4xRYkPtyi%26rid%3D2e18b2f0-be49-11ef-8df2-c84bd68370c0%26psid%3Dbid_501620%26iub%3DaHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzIxNDA5NzczLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1URXZOelF5TVRZMUwySTBNRFZqTlRJME4yVXdZVFkxTkdVeE0yUTBOR1V6WldZME1tTmlOV0psTG1wd1p3LndlYnA_dj0xNzM0NjQwNjk4LVE0Q2hoMnVqTzVSdHRCNHd2YUhMWkVyQUlHc0dabHhfS0NjZGF0NTVPRzQ%3D&s=1000&a=bid_onw_500648&uA=bid_501620&sub=4681321&d=23&ic=1 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|q4sYBE8b9M_1amciCrRnmOYbh_nYB3DJ2J1ty7V7imShVA1wzNWiD0S9H0Kfg36S7tF7rFMcTpTKB2jyfB22O_40e69WBxfSkFzVhWBZ4-E*&cid=383522&f=1&h2=DAg1qqz7dngVC2pHTMYcb9BTWKfnT25RAf-n6-CP4rDKDH0eG06LJ_B4xRYkPtyi&rid=2e18b2f0-be49-11ef-8df2-c84bd68370c0&psid=bid_501620&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzIxNDA5NzczLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1URXZOelF5TVRZMUwySTBNRFZqTlRJME4yVXdZVFkxTkdVeE0yUTBOR1V6WldZME1tTmlOV0psTG1wd1p3LndlYnA_dj0xNzM0NjQwNjk4LVE0Q2hoMnVqTzVSdHRCNHd2YUhMWkVyQUlHc0dabHhfS0NjZGF0NTVPRzQ= HTTP 301
https://s-img.mgid.com/g/21409773/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTEvNzQyMTY1L2I0MDVjNTI0N2UwYTY1NGUxM2Q0NGUzZWY0MmNiNWJlLmpwZw.webp?v=1734640698-Q4Chh2ujO5RttB4wvaHLZErAIGsGZlx_KCcdat55OG4

Request Chain 26

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CPTWVYtJ7VQOFWc_Tyt_53u_-EH72fh9lcBToWgowpAtudMhc4Kb6wmQHOZeKcyiwooG8eo6HZt_zrzr_d_IFpLB3Bt7IG8WpKJkeDmxTNwg*%26cid%3D383524%26f%3D1%26h2%3DDAg1qqz7dngVC2pHTMYcbw0dORn4NlM5Va5f-75Qt8AUeXh_t6GvZqEe5fE_NWb2%26rid%3D2f243887-be49-11ef-a2a3-c84bd68370b4%26psid%3Dbid_502076%26iub%3DaHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE2MTg3NzIyLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1EVXZOelF5TVRZMUwyRmtPR05tWTJVMlpHSmlPV0kzTjJJMFl6UXdabUV4TUdOalltTXlOemczTG1wd1p3LndlYnA_dj0xNzM0NjQwNzAwLVhCXzV0ZHZxTndwUnZsMVUwZERBUE5fcUxkb3Z2Zk5ieDlWMVljM2wyS1k%3D&s=1000&a=bid_onw_500648&uA=bid_502076&sub=4681321&d=79&ic=1 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|PTWVYtJ7VQOFWc_Tyt_53u_-EH72fh9lcBToWgowpAtudMhc4Kb6wmQHOZeKcyiwooG8eo6HZt_zrzr_d_IFpLB3Bt7IG8WpKJkeDmxTNwg*&cid=383524&f=1&h2=DAg1qqz7dngVC2pHTMYcbw0dORn4NlM5Va5f-75Qt8AUeXh_t6GvZqEe5fE_NWb2&rid=2f243887-be49-11ef-a2a3-c84bd68370b4&psid=bid_502076&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE2MTg3NzIyLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1EVXZOelF5TVRZMUwyRmtPR05tWTJVMlpHSmlPV0kzTjJJMFl6UXdabUV4TUdOalltTXlOemczTG1wd1p3LndlYnA_dj0xNzM0NjQwNzAwLVhCXzV0ZHZxTndwUnZsMVUwZERBUE5fcUxkb3Z2Zk5ieDlWMVljM2wyS1k= HTTP 301
https://s-img.mgid.com/g/16187722/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1734640700-XB_5tdvqNwpRvl1U0dDAPN_qLdovvfNbx9V1Yc3l2KY

24 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/
Redirect Chain

http://runative-syndicate.com/api/v1/direct/5445275d159142d2a08d883be5748126?
https://runative-syndicate.com/api/v1/direct/5445275d159142d2a08d883be5748126?
https://mellamopremiumclickurl.top/click?c=d9eb0j73m4vsahpa&f=500648&s=4681321&d=Mh761O7b226970223a2237322e31342e3134382e3433222c2262726f77736572223a224368726f6d65222c2262726f7773657256657273696f6e...
https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK&clickid=d9eb0j73m4vsahpa&country={country}&affid=500648&subid=4681321&as=adk&tn=30&tx=90

81 KB
38 KB

1143ms
329ms

Document
text/html

213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK&clickid=d9eb0j73m4vsahpa&country={country}&affid=500648&subid=4681321&as=adk&tn=30&tx=90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

3cbf1d6c0fdc53722f79b29f12597e4fad75de2ee382a4360eadc648951ca3e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 19 Dec 2024 20:38:14 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

content-length: 0
date: Thu, 19 Dec 2024 20:38:13 GMT
keep-alive: timeout=5
location: https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK&clickid=d9eb0j73m4vsahpa&country={country}&affid=500648&subid=4681321&as=adk&tn=30&tx=90

GET
H2 200 pageTemplate.min.css
ure3w.il0v31th0t.top/plugin/css/ 2 KB
865 B 234ms
234ms Stylesheet
text/css 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://ure3w.il0v31th0t.top/plugin/css/pageTemplate.min.css

Requested by

Host: ure3w.il0v31th0t.top
URL: https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK&clickid=d9eb0j73m4vsahpa&country={country}&affid=500648&subid=4681321&as=adk&tn=30&tx=90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

a44edde7abfe4086b29943ccf7c7443cfdda6b7a0460f54a2837ab889268d55c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK&clickid=d9eb0j73m4vsahpa&country={country}&affid=500648&subid=4681321&as=adk&tn=30&tx=90

Response headers

x-frame-options: SAMEORIGIN
cache-control: max-age=2592000
content-encoding: gzip
etag: "62aafa5d-290"
expires: Sat, 18 Jan 2025 20:38:14 GMT
content-length: 656
date: Thu, 19 Dec 2024 20:38:14 GMT
content-type: text/css
last-modified: Thu, 16 Jun 2022 09:39:41 GMT
server: nginx
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 pageTemplateClean.js Show response
ure3w.il0v31th0t.top/lp/plugin/js/ 5 KB
2 KB 234ms
233ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://ure3w.il0v31th0t.top/lp/plugin/js/pageTemplateClean.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

ea5d3e649d3937f0519df507456ed4c2fbea7f1b2fcbc8b937a21f6107951908

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK&clickid=d9eb0j73m4vsahpa&country={country}&affid=500648&subid=4681321&as=adk&tn=30&tx=90

Response headers

x-frame-options: SAMEORIGIN
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"62418154-1322"
expires: Sat, 18 Jan 2025 20:38:15 GMT
date: Thu, 19 Dec 2024 20:38:15 GMT
content-type: application/javascript
last-modified: Mon, 28 Mar 2022 09:35:16 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 e-client.v2.js Show response
ure3w.il0v31th0t.top/plugin/js/ 34 KB
12 KB 246ms
245ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://ure3w.il0v31th0t.top/plugin/js/e-client.v2.js?boost=1732182626

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

2931a54cbcf53868db9e43860fc9fb5c2b1672859a1adcfbf7aaf631fb002c07

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK&clickid=d9eb0j73m4vsahpa&country={country}&affid=500648&subid=4681321&as=adk&tn=30&tx=90

Response headers

x-frame-options: SAMEORIGIN
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"673f0058-87d2"
expires: Sat, 18 Jan 2025 20:38:15 GMT
date: Thu, 19 Dec 2024 20:38:15 GMT
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 09:41:44 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bidder-interval.js Show response
ure3w.il0v31th0t.top/plugin/js/ 16 KB
7 KB 284ms
284ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://ure3w.il0v31th0t.top/plugin/js/bidder-interval.js?boost=1732289973

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

647ac871822327bef5bb6b512311801325887bc29c6d88038d037cc1a7e71e8e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK&clickid=d9eb0j73m4vsahpa&country={country}&affid=500648&subid=4681321&as=adk&tn=30&tx=90

Response headers

x-frame-options: SAMEORIGIN
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6740a58d-3fe9"
expires: Sat, 18 Jan 2025 20:38:15 GMT
date: Thu, 19 Dec 2024 20:38:15 GMT
content-type: application/javascript
last-modified: Fri, 22 Nov 2024 15:38:53 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bidder.js Show response
ure3w.il0v31th0t.top/plugin/js/ 18 KB
7 KB 295ms
295ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://ure3w.il0v31th0t.top/plugin/js/bidder.js?boost=1732115462

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

3e2509ea9c78dc30c3daf6eb7942f3e26b5ea213b1c08f63d6b517aaae9c7275

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK&clickid=d9eb0j73m4vsahpa&country={country}&affid=500648&subid=4681321&as=adk&tn=30&tx=90

Response headers

x-frame-options: SAMEORIGIN
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"673dfbda-4670"
expires: Sat, 18 Jan 2025 20:38:15 GMT
date: Thu, 19 Dec 2024 20:38:15 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2024 15:10:18 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 arrow-blue4.png
ure3w.il0v31th0t.top/pageTemplate/ 6 KB
7 KB 413ms
413ms Image
image/png 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ure3w.il0v31th0t.top/pageTemplate/arrow-blue4.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

41173a98b0ae7b2001f183af16586aa6e6777195a5d100652f4365e310ae9372

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ure3w.il0v31th0t.top/lp/Gchk1024-lps/tslp2/?tag=500648&tag1=ADK&tag2=4681321&tag3=500648&tag4=ADK&clickid=d9eb0j73m4vsahpa&country={country}&affid=500648&subid=4681321&as=adk&tn=30&tx=90

Response headers

cache-control: max-age=2592000
etag: "62aafa5d-194a"
expires: Sat, 18 Jan 2025 20:38:15 GMT
accept-ranges: bytes
content-length: 6474
date: Thu, 19 Dec 2024 20:38:15 GMT
content-type: image/png
last-modified: Thu, 16 Jun 2022 09:39:41 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 client Show response
wbidder04112024.com/offer/ 9 KB
2 KB 992ms
450ms Fetch
application/json 213.227.152.232
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder04112024.com/offer/client?affid=onw_500648&subid=4681321&days=8&count=5&adult=undefined
Requested by: Host: ure3w.il0v31th0t.top
URL: https://ure3w.il0v31th0t.top/plugin/js/e-client.v2.js?boost=1732182626
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.152.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: 57deb7299ccc4ef925335c5dd8ed00d538782a436e5da4790e579f6f5d8f1b7e

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-encoding: gzip
date: Thu, 19 Dec 2024 20:38:16 GMT
content-type: application/json; charset=utf-8
vary: Origin,Accept-Encoding

GET
H2 200 eclientclick Show response
wbidder04112024.com/offer/ 3 KB
2 KB 1108ms
565ms Fetch
application/json 213.227.152.232
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder04112024.com/offer/eclientclick?affid=onw_500648&subid=4681321&days=8&count=1&adult=undefined
Requested by: Host: ure3w.il0v31th0t.top
URL: https://ure3w.il0v31th0t.top/plugin/js/e-client.v2.js?boost=1732182626
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.152.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: c9f8f97f3bca39d267ef93d1e32ae460bb715b9b86330a00cdf9b1a3cd951cd1

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-encoding: gzip
date: Thu, 19 Dec 2024 20:38:16 GMT
content-type: application/json; charset=utf-8
vary: Origin,Accept-Encoding

GET
H2 200 youtube-eclient.png
ure3w.il0v31th0t.top/icons/ 1 KB
2 KB 386ms
386ms Image
image/png 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ure3w.il0v31th0t.top/icons/youtube-eclient.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

44732c891c3fffbf3ec24e05f43fb59908ed9e467f35f424f71a45a649f78f01

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

cache-control: max-age=2592000
etag: "6230c4b3-57c"
expires: Sat, 18 Jan 2025 20:38:15 GMT
accept-ranges: bytes
content-length: 1404
date: Thu, 19 Dec 2024 20:38:15 GMT
content-type: image/png
last-modified: Tue, 15 Mar 2022 16:54:11 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 client Show response
wbidder04112024.com/offer/ 3 KB
2 KB 848ms
449ms Fetch
application/json 213.227.152.232
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder04112024.com/offer/client?affid=onw_500648&subid=4681321&days=8&cbjs=
Requested by: Host: ure3w.il0v31th0t.top
URL: https://ure3w.il0v31th0t.top/plugin/js/bidder.js?boost=1732115462
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.152.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: 9911c0b73a12f1507f49be6bc4512567943cd5f28f453c085001db03f2ee031b

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-encoding: gzip
date: Thu, 19 Dec 2024 20:38:16 GMT
content-type: application/json; charset=utf-8
vary: Origin,Accept-Encoding

GET
H3

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY...
s-img.mgid.com/g/16187722/328x328/-/
Redirect Chain

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CL3ZvwnRBxseuI-o6T2IrGpiuNhjxJHqIJEynZeswcfPJeMPlTBjIYQc6biSOTy4JooG8eo6HZt_zrzr_d_IFpIatmZgiKA5dpJh6WXWI...
https://c.mgid.com/c?pv=2&v=0|0|0|L3ZvwnRBxseuI-o6T2IrGpiuNhjxJHqIJEynZeswcfPJeMPlTBjIYQc6biSOTy4JooG8eo6HZt_zrzr_d_IFpIatmZgiKA5dpJh6WXWIdzU*&cid=383520&f=1&h2=DAg1qqz7dngVC2pHTMYcbw0dORn4NlM5Va5f...
https://s-img.mgid.com/g/16187722/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

8 KB
8 KB

192ms
147ms

Image
image/webp

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16187722/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1734640695-MKE5QuR7enaWdy9Ysww4V6K20eVt_NhQyuvOEOfwDsQ

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5719328f774ad8ca16dd35d0f7c97aec6e204912eebac668fade12430e40d4e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

x-robots-tag: noindex
cf-cache-status: HIT
age: 1793620
x-mg-request-uuid: 5037b452-a556-4aee-a17a-509bb0bd7b83
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 20:38:17 GMT
content-type: image/webp
last-modified: Fri, 12 May 2023 22:46:23 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: immutable, max-age=31536000
cf-ray: 8f4a32067e27cba6-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7784
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
location: https://s-img.mgid.com/g/16187722/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1734640695-MKE5QuR7enaWdy9Ysww4V6K20eVt_NhQyuvOEOfwDsQ
cf-cache-status: DYNAMIC
x-mg-request-uuid: 26d3e046-3492-4523-bccc-1a07c0eca237
x-content-type-options: nosniff
cf-ray: 8f4a32057b08cba6-LAX
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Thu, 19 Dec 2024 20:38:17 GMT
server: cloudflare
priority: u=3,i

GET
H3

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMTAvNzQyMTY1LzdmMGNiN...
s-img.mgid.com/g/21173661/328x328/-/
Redirect Chain

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CL3ZvwnRBxseuI-o6T2IrGnh4F049AH6-2jhfAyyNo1CbK_YA5RKQsVMAL4Rmfkg4GKz0KZTpcJw0X2ziI5z3vLZD9_BmUhtiSwiMUdJ7...
https://c.mgid.com/c?pv=2&v=0|0|0|L3ZvwnRBxseuI-o6T2IrGnh4F049AH6-2jhfAyyNo1CbK_YA5RKQsVMAL4Rmfkg4GKz0KZTpcJw0X2ziI5z3vLZD9_BmUhtiSwiMUdJ7B8E*&cid=383520&f=1&h2=DAg1qqz7dngVC2pHTMYcb9BTWKfnT25RAf-n...
https://s-img.mgid.com/g/21173661/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

13 KB
13 KB

124ms
79ms

Image
image/webp

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/21173661/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMTAvNzQyMTY1LzdmMGNiN2RiMzEwMTllNWZiNTNhZmE2MjIxYWJmZTc5LnBuZw.webp?v=1734640695-n98CVaS7A0xsAeJbcgqHUKaZUT7czhcZdwPo0tz_rQY

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e198c1c71d669be431878a8f5a6c3d5fdda4a59f019727b3245d56d9156238dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

x-robots-tag: noindex
cf-cache-status: HIT
age: 952764
x-mg-request-uuid: 0ea3c2d9-8a2e-47c2-975f-17a1a67c85e2
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 20:38:17 GMT
content-type: image/webp
last-modified: Tue, 29 Oct 2024 02:15:43 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: immutable, max-age=31536000
cf-ray: 8f4a32067e28cba6-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13224
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
location: https://s-img.mgid.com/g/21173661/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMTAvNzQyMTY1LzdmMGNiN2RiMzEwMTllNWZiNTNhZmE2MjIxYWJmZTc5LnBuZw.webp?v=1734640695-n98CVaS7A0xsAeJbcgqHUKaZUT7czhcZdwPo0tz_rQY
cf-cache-status: DYNAMIC
x-mg-request-uuid: 2fd72d95-a91c-4d36-b8d7-865e7946a4d8
x-content-type-options: nosniff
cf-ray: 8f4a32057b04cba6-LAX
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Thu, 19 Dec 2024 20:38:17 GMT
server: cloudflare
priority: u=3,i

GET
H3

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjO...
s-img.mgid.com/g/19408122/328x328/-/
Redirect Chain

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CL3ZvwnRBxseuI-o6T2IrGlnqlNVM4idTQUKInZExE2jcGEnYDKzB4OaIHBVUEwGsfdVN3dTJK5XWk2-eF_vDsJUg50qos6PUv7qUjfpG...
https://c.mgid.com/c?pv=2&v=0|0|0|L3ZvwnRBxseuI-o6T2IrGlnqlNVM4idTQUKInZExE2jcGEnYDKzB4OaIHBVUEwGsfdVN3dTJK5XWk2-eF_vDsJUg50qos6PUv7qUjfpGVU4*&cid=1501979&f=1&h2=DAg1qqz7dngVC2pHTMYcb9BTWKfnT25RAf-...
https://s-img.mgid.com/g/19408122/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ...

7 KB
7 KB

186ms
146ms

Image
image/webp

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/19408122/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjOGYwMzllYzViZWE5Zjc5NjM1ZTdlOThhNjJmLmpwZWc.webp?v=1734640695-A66_rgLyCHXNMkv7jhb7tpifGVz8d9EdcCdLfwZUg8o

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55451a576dc0dda6e92e95af2865bdfc7de26e8740ea62f1f673ae351c0666d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

x-robots-tag: noindex
cf-cache-status: HIT
age: 808230
x-mg-request-uuid: 8ffd9aae-c3b7-4d8a-a483-fb318d1f7225
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 20:38:17 GMT
content-type: image/webp
last-modified: Thu, 14 Nov 2024 16:40:36 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: immutable, max-age=31536000
cf-ray: 8f4a32067e23cba6-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7318
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
location: https://s-img.mgid.com/g/19408122/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjOGYwMzllYzViZWE5Zjc5NjM1ZTdlOThhNjJmLmpwZWc.webp?v=1734640695-A66_rgLyCHXNMkv7jhb7tpifGVz8d9EdcCdLfwZUg8o
cf-cache-status: DYNAMIC
x-mg-request-uuid: 46cd632e-b007-4f60-a495-9420c34d1b9d
x-content-type-options: nosniff
cf-ray: 8f4a32057afdcba6-LAX
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Thu, 19 Dec 2024 20:38:17 GMT
server: cloudflare
priority: u=3,i

GET
H2 200 client Show response
wbidder04112024.com/offer/ 2 KB
696 B 352ms
352ms Fetch
application/json 213.227.152.232
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder04112024.com/offer/client?affid=onw_500648&subid=4681321&days=109&count=4&adult=null&plugin=bidder-interval
Requested by: Host: ure3w.il0v31th0t.top
URL: https://ure3w.il0v31th0t.top/plugin/js/bidder-interval.js?boost=1732289973
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.152.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: c5acc5866debdd33c4b1918e79936cde3aa614c9e17343e15958618990f978c7

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-encoding: gzip
date: Thu, 19 Dec 2024 20:38:18 GMT
content-type: application/json; charset=utf-8
vary: Origin,Accept-Encoding

GET
H2 200 client Show response
wbidder04112024.com/offer/ 5 KB
2 KB 716ms
362ms Fetch
application/json 213.227.152.232
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder04112024.com/offer/client?affid=onw_500648&subid=4681321&days=109&count=4&adult=null&plugin=bidder-interval
Requested by: Host: ure3w.il0v31th0t.top
URL: https://ure3w.il0v31th0t.top/plugin/js/bidder-interval.js?boost=1732289973
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.152.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: 3b9ed9374643c3dff8863f843fef9cf499ee20c9c7a434cc45dbb99868f3ceae

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-encoding: gzip
date: Thu, 19 Dec 2024 20:38:18 GMT
content-type: application/json; charset=utf-8
vary: Origin,Accept-Encoding

GET
H2 200 client Show response
wbidder04112024.com/offer/ 4 KB
998 B 424ms
423ms Fetch
application/json 213.227.152.232
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder04112024.com/offer/client?affid=onw_500648&subid=4681321&days=8&count=3&adult=undefined&cbjs=
Requested by: Host: ure3w.il0v31th0t.top
URL: https://ure3w.il0v31th0t.top/plugin/js/bidder.js?boost=1732115462
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.152.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: 95ab8a109a1a10a6fc83b9ecb0b513793dec8eb6719252135047af3ddd38e9aa

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-encoding: gzip
date: Thu, 19 Dec 2024 20:38:18 GMT
content-type: application/json; charset=utf-8
vary: Origin,Accept-Encoding

GET
H3

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTEvNzQyMTY1L2I0MDVjN...
s-img.mgid.com/g/21409773/328x328/-/
Redirect Chain

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7Cq4sYBE8b9M_1amciCrRnmOYbh_nYB3DJ2J1ty7V7imShVA1wzNWiD0S9H0Kfg36S7tF7rFMcTpTKB2jyfB22O_40e69WBxfSkFzVhWBZ...
https://c.mgid.com/c?pv=2&v=0|0|0|q4sYBE8b9M_1amciCrRnmOYbh_nYB3DJ2J1ty7V7imShVA1wzNWiD0S9H0Kfg36S7tF7rFMcTpTKB2jyfB22O_40e69WBxfSkFzVhWBZ4-E*&cid=383522&f=1&h2=DAg1qqz7dngVC2pHTMYcb9BTWKfnT25RAf-n...
https://s-img.mgid.com/g/21409773/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

19 KB
19 KB

82ms
82ms

Image
image/webp

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/21409773/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTEvNzQyMTY1L2I0MDVjNTI0N2UwYTY1NGUxM2Q0NGUzZWY0MmNiNWJlLmpwZw.webp?v=1734640698-Q4Chh2ujO5RttB4wvaHLZErAIGsGZlx_KCcdat55OG4

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a40c7bc5cfc4aad81790e00a3760fd26cd1a9e970607ce5f56ce71b6f9f4eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

x-robots-tag: noindex
cf-cache-status: HIT
age: 341339
x-mg-request-uuid: 1958345d-1816-4867-88c0-aa744f27a7a7
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 20:38:19 GMT
content-type: image/webp
last-modified: Mon, 18 Nov 2024 20:49:35 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: immutable, max-age=31536000
cf-ray: 8f4a32126e26cba6-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19188
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
location: https://s-img.mgid.com/g/21409773/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTEvNzQyMTY1L2I0MDVjNTI0N2UwYTY1NGUxM2Q0NGUzZWY0MmNiNWJlLmpwZw.webp?v=1734640698-Q4Chh2ujO5RttB4wvaHLZErAIGsGZlx_KCcdat55OG4
cf-cache-status: DYNAMIC
x-mg-request-uuid: 97ac736d-9c25-419f-a7d0-357b064cca0b
x-content-type-options: nosniff
cf-ray: 8f4a3211bb9acba6-LAX
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Thu, 19 Dec 2024 20:38:19 GMT
server: cloudflare
priority: u=3,i

GET
H2 200 client Show response
wbidder04112024.com/offer/ 7 KB
1 KB 325ms
324ms Fetch
application/json 213.227.152.232
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder04112024.com/offer/client?affid=onw_500648&subid=4681321&days=8&count=5&adult=undefined
Requested by: Host: ure3w.il0v31th0t.top
URL: https://ure3w.il0v31th0t.top/plugin/js/e-client.v2.js?boost=1732182626
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.152.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: 79562b594a99b3ca9929e5e6ca7b39cd76a5abdee623ca77981f291b6bc7f740

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-encoding: gzip
date: Thu, 19 Dec 2024 20:38:19 GMT
content-type: application/json; charset=utf-8
vary: Origin,Accept-Encoding

GET
H2 200 client Show response
wbidder04112024.com/offer/ 6 KB
2 KB 414ms
413ms Fetch
application/json 213.227.152.232
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder04112024.com/offer/client?affid=onw_500648&subid=4681321&days=8&count=3&adult=undefined&cbjs=
Requested by: Host: ure3w.il0v31th0t.top
URL: https://ure3w.il0v31th0t.top/plugin/js/bidder.js?boost=1732115462
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.152.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: a532071d9b576abf4b606df21a112de4a5dad75b83c59667410b389b459e25a9

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-encoding: gzip
date: Thu, 19 Dec 2024 20:38:20 GMT
content-type: application/json; charset=utf-8
vary: Origin,Accept-Encoding

GET
H3

200

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CPTWVYtJ7VQOFWc_Tyt_53u_-EH72fh9lcBToWgowpAtudMhc4Kb6wmQHOZeKcyiwooG8eo6HZt_zrzr_d_IFpLB3Bt7IG8WpKJkeDmxT...
https://c.mgid.com/c?pv=2&v=0|0|0|PTWVYtJ7VQOFWc_Tyt_53u_-EH72fh9lcBToWgowpAtudMhc4Kb6wmQHOZeKcyiwooG8eo6HZt_zrzr_d_IFpLB3Bt7IG8WpKJkeDmxTNwg*&cid=383524&f=1&h2=DAg1qqz7dngVC2pHTMYcbw0dORn4NlM5Va5f...
https://s-img.mgid.com/g/16187722/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

8 KB
8 KB

77ms
77ms

Image
image/webp

104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5719328f774ad8ca16dd35d0f7c97aec6e204912eebac668fade12430e40d4e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

x-robots-tag: noindex
cf-cache-status: HIT
age: 1793624
x-mg-request-uuid: 5037b452-a556-4aee-a17a-509bb0bd7b83
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 20:38:21 GMT
content-type: image/webp
last-modified: Fri, 12 May 2023 22:46:23 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: immutable, max-age=31536000
cf-ray: 8f4a321dada4cba6-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7784
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
location: https://s-img.mgid.com/g/16187722/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1734640700-XB_5tdvqNwpRvl1U0dDAPN_qLdovvfNbx9V1Yc3l2KY
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4e016876-e773-420d-9f6a-0b6c97447584
x-content-type-options: nosniff
cf-ray: 8f4a321cfb5acba6-LAX
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Thu, 19 Dec 2024 20:38:20 GMT
server: cloudflare
priority: u=3,i

GET client
wbidder04112024.com/offer/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wbidder04112024.com
URL: https://wbidder04112024.com/offer/client?affid=onw_500648&subid=4681321&days=109&count=4&adult=null&plugin=bidder-interval

Domain: wbidder04112024.com
URL: https://wbidder04112024.com/offer/client?affid=onw_500648&subid=4681321&days=109&count=4&adult=null&plugin=bidder-interval

Domain: wbidder04112024.com
URL: https://wbidder04112024.com/offer/client?affid=onw_500648&subid=4681321&days=8&count=3&adult=undefined&cbjs=

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.runative-syndicate.com/	1970-01-21 02:00:45	Name: ts_last_click_id Value: 467bZa0Yhm8JGUXxMjRuAWNBkcfQsYkKR4Et-bXiq9byYozrpgnPs5hK4tp3Orh4IdTuQRsMEusBvqxQt5xSiMn6jSiZKCaWlHGc_gUIDRUi
.runative-syndicate.com/	1970-01-21 06:12:45	Name: cookie_user_id Value: db4d31a6-c05a-42cb-b17f-637f809fa9e0
.mgid.com/	1970-01-21 01:50:42	Name: __cf_bm Value: SxfQUNLTpx1.GunjaysG_Wo._ffaMWvamW0rMUKRxbQ-1734640697-1.0.1.1-Y7Kcx.v7hyL68WabMx9hnnMkOhx8SH3BF5ms2Pl2OXn2VLEsD2zD2Ggm4m3wGD6FoaJ3GlfBZBAjYYI5A8yrAg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.mgid.com
crtv.wboptim.online
mellamopremiumclickurl.top
runative-syndicate.com
s-img.mgid.com
ure3w.il0v31th0t.top
wbidder04112024.com
wbidder04112024.com
104.19.131.76
213.174.157.82
213.227.149.216
213.227.152.232
83.149.73.233
85.17.23.6
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
1a40c7bc5cfc4aad81790e00a3760fd26cd1a9e970607ce5f56ce71b6f9f4eba
2931a54cbcf53868db9e43860fc9fb5c2b1672859a1adcfbf7aaf631fb002c07
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
3b9ed9374643c3dff8863f843fef9cf499ee20c9c7a434cc45dbb99868f3ceae
3cbf1d6c0fdc53722f79b29f12597e4fad75de2ee382a4360eadc648951ca3e0
3e2509ea9c78dc30c3daf6eb7942f3e26b5ea213b1c08f63d6b517aaae9c7275
41173a98b0ae7b2001f183af16586aa6e6777195a5d100652f4365e310ae9372
44732c891c3fffbf3ec24e05f43fb59908ed9e467f35f424f71a45a649f78f01
55451a576dc0dda6e92e95af2865bdfc7de26e8740ea62f1f673ae351c0666d4
5719328f774ad8ca16dd35d0f7c97aec6e204912eebac668fade12430e40d4e9
57deb7299ccc4ef925335c5dd8ed00d538782a436e5da4790e579f6f5d8f1b7e
647ac871822327bef5bb6b512311801325887bc29c6d88038d037cc1a7e71e8e
79562b594a99b3ca9929e5e6ca7b39cd76a5abdee623ca77981f291b6bc7f740
95ab8a109a1a10a6fc83b9ecb0b513793dec8eb6719252135047af3ddd38e9aa
9911c0b73a12f1507f49be6bc4512567943cd5f28f453c085001db03f2ee031b
a44edde7abfe4086b29943ccf7c7443cfdda6b7a0460f54a2837ab889268d55c
a532071d9b576abf4b606df21a112de4a5dad75b83c59667410b389b459e25a9
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
c5acc5866debdd33c4b1918e79936cde3aa614c9e17343e15958618990f978c7
c9f8f97f3bca39d267ef93d1e32ae460bb715b9b86330a00cdf9b1a3cd951cd1
e198c1c71d669be431878a8f5a6c3d5fdda4a59f019727b3245d56d9156238dd
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
ea5d3e649d3937f0519df507456ed4c2fbea7f1b2fcbc8b937a21f6107951908

ure3w.il0v31th0t.top Open in urlscan Pro 213.227.149.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

24 Requests

67 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

4 IPs

3 Countries

143 kBTransfer

293 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

ure3w.il0v31th0t.top Open in urlscan Pro
213.227.149.216 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

67 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

4
IPs

3
Countries

143 kB
Transfer

293 kB
Size

3
Cookies

24 HTTP transactions
7 data transactions