urlscan.io logo urlscan.io
SecurityTrails logo

trk139.zzzperform.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.tiresfrombil.lat/click?offer_id=30788&pub_id=199304&pub_sub_id=add_publisher_id_here&pub_click_id=add_click_id_he...
Effective URL: https://trk139.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4v...
Submission: On August 08 via api from US — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 9 domains to perform 9 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is trk139.zzzperform.com.
TLS certificate: Issued by WE1 on July 12th 2024. Valid for: 3 months.
This is the only time trk139.zzzperform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 188.114.96.3 13335 (CLOUDFLAR...)
1 2 51.68.85.158 16276 (OVH)
3 99.198.108.198 32475 (SINGLEHOP...)
2 3 51.68.81.31 16276 (OVH)
2 2 104.26.7.190 13335 (CLOUDFLAR...)
2 4 188.114.97.3 13335 (CLOUDFLAR...)
9 6
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.tiresfrombil.lat
manuqas.com
2    51.68.85.158 (United Kingdom)

ASN16276 (OVH, FR)
www.undertheline.giving
3    99.198.108.198 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
wwv.brincanaareia.autos
3    51.68.81.31 (United Kingdom)

ASN16276 (OVH, FR)
www.primarkingfun.giving
2    104.26.7.190 (None, )

ASN13335 (CLOUDFLARENET, US)
admoustache.aftrad-visit.com
dolpusads.aftrad-visit.com
4    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
dakotatraff.com
trk139.zzzperform.com
Apex Domain
Subdomains		 Transfer
3 zzzperform.com
trk139.zzzperform.com
14 KB
3 primarkingfun.giving
www.primarkingfun.giving
5 KB
3 brincanaareia.autos
wwv.brincanaareia.autos
5 KB
2 aftrad-visit.com
admoustache.aftrad-visit.com — Cisco Umbrella Rank: 807572
dolpusads.aftrad-visit.com
1 KB
2 undertheline.giving
www.undertheline.giving
5 KB
1 dakotatraff.com
dakotatraff.com — Cisco Umbrella Rank: 423642
585 B
1 manuqas.com
manuqas.com — Cisco Umbrella Rank: 149532
1 KB
1 tiresfrombil.lat
www.tiresfrombil.lat — Cisco Umbrella Rank: 782481
509 B
0 savethereef.xyz Failed
go.savethereef.xyz Failed
9 9
Domain Requested by
3 trk139.zzzperform.com 1 redirects manuqas.com
www.undertheline.giving
3 www.primarkingfun.giving 2 redirects wwv.brincanaareia.autos
3 wwv.brincanaareia.autos www.undertheline.giving
2 www.undertheline.giving 1 redirects
1 dakotatraff.com 1 redirects
1 manuqas.com www.primarkingfun.giving
1 dolpusads.aftrad-visit.com 1 redirects
1 admoustache.aftrad-visit.com 1 redirects
1 www.tiresfrombil.lat 1 redirects
0 go.savethereef.xyz Failed trk139.zzzperform.com
9 10

This site contains no links.

Subject Issuer Validity Valid
www.undertheline.giving
R11		 2024-08-06 -
2024-11-04		 3 months crt.sh
wwv.brincanaareia.autos
E5		 2024-08-01 -
2024-10-30		 3 months crt.sh
www.primarkingfun.giving
R10		 2024-07-29 -
2024-10-27		 3 months crt.sh
manuqas.com
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
zzzperform.com
WE1		 2024-07-12 -
2024-10-10		 3 months crt.sh

This page contains 1 frames:

Frame: https://go.savethereef.xyz/redirect?feed=602369&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_11jspnu75w..linux.chrome&query=139445_ww&pub_clickid=66b4667a89e0373a3e0bf97d&default_url=https%3A%2F%2Ft1.hightid.com%2Fr.php%3Fp%3Dc%3As_8942pgf_9qrwlx0%26d%3D653c9411464a4419c012ddb2%26s%3D%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D
Frame ID: F09F22130926E4DE9AE9C2A3CFD9BD29
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.tiresfrombil.lat/click?offer_id=30788&pub_id=199304&pub_sub_id=add_publisher_id_here&pub_clic... HTTP 307
    https://www.tiresfrombil.lat/click?offer_id=30788&pub_id=199304&pub_sub_id=add_publisher_id_here&pub_clic... HTTP 302
    https://www.undertheline.giving/?sl=5459258-9a9a4&pubid=199304&offid=30788 Page URL
  2. https://www.undertheline.giving/?sl=5459258-9a9a4&pubid=199304&offid=30788&eyeg=a811e1ca09b0c591e32ae8cbeb4f... HTTP 302
    https://wwv.brincanaareia.autos/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=19... Page URL
  3. https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7400652748980486146&site=24829-ead744cf&pub_... Page URL
  4. https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7400652748980486146&site=24829-ead744cf&pub_... HTTP 302
    https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7400652748980486146&site=24829-ead744cf&pub_... HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=33000f... HTTP 302
    https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=204Xkja... HTTP 302
    https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D Page URL
  5. https://dakotatraff.com/l/270226461dc64814f22c?sub={yourClickId}&source=ww&wnw=false HTTP 302
    https://trk139.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false Page URL
  6. https://trk139.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false&code=09Y3VvB... HTTP 302
    https://trk139.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Ft3.lowtid.com%2Fe.ph... Page URL

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

6
IPs

5
Countries

28 kB
Transfer

58 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.tiresfrombil.lat/click?offer_id=30788&pub_id=199304&pub_sub_id=add_publisher_id_here&pub_click_id=add_click_id_here&idfa=pass_idfa_here&gaid=pass_gaid_here&tag=mabapbyx8aseztuyznrion HTTP 307
    https://www.tiresfrombil.lat/click?offer_id=30788&pub_id=199304&pub_sub_id=add_publisher_id_here&pub_click_id=add_click_id_here&idfa=pass_idfa_here&gaid=pass_gaid_here&tag=mabapbyx8aseztuyznrion HTTP 302
    https://www.undertheline.giving/?sl=5459258-9a9a4&pubid=199304&offid=30788 Page URL
  2. https://www.undertheline.giving/?sl=5459258-9a9a4&pubid=199304&offid=30788&eyeg=a811e1ca09b0c591e32ae8cbeb4fa093&eyer=0.21515001504535536&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://wwv.brincanaareia.autos/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=1974483586981393113&1=trk1_mdc_AT Page URL
  3. https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7400652748980486146&site=24829-ead744cf&pub_sub_id=24829 Page URL
  4. https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7400652748980486146&site=24829-ead744cf&pub_sub_id=24829&eyeg=b3b04418422115278bdcb5bd16326ad4&eyer=0.19247322708148307&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=wwv.brincanaareia.autos HTTP 302
    https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7400652748980486146&site=24829-ead744cf&pub_sub_id=24829&eyeg=3&eyer=0.19247322708148307&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=wwv.brincanaareia.autos HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=33000f586b134e73e9d7cfdb6c596a56820f00808-202408-flb*5827987-2afce**sl_5827987-2afce*6d8ee39f8164a5c2d9808344840723267ac1f9f0** HTTP 302
    https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=204XkjaPzoZGq2grRmKe3tYrr46maGtxvUs5T87e7bfSatyZnMNrXLxC1PhudLYiQ5fnjz&source= HTTP 302
    https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D Page URL
  5. https://dakotatraff.com/l/270226461dc64814f22c?sub={yourClickId}&source=ww&wnw=false HTTP 302
    https://trk139.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false Page URL
  6. https://trk139.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false&code=09Y3VvBDU8ODo4OTk5Nzk.PjcIc3NlBG10Bn1tcgI0OQRuamgJMTICc3B5B1NxbnZ6I3w9PGY.NAF2ZmwGBnB-ATI4MzQFb28JMTMyMwRmfQg5NjEyA2VtBzg6MDECd34GMzg6MAFkeG1pBwdra2YDNARocWoJMAFxdXJ5Bwd.bmUDSnN0bXNtIEpwZjIFbnpuYwJ2dXlqBm16bQJoZHB4awd9YQJPcn5ucnNpLzYwMyQtXjg5OyFObHJ6fieAODdhOTguJkh4cG1nWmlnUXB8LzY1OjI4PCcwS0lWUFAxJnNxa2YiSmlocXYxIERqdXNyazY5MjgwMzI1NDcoU2JoZHZuNTw7Ny81OQRmfAhAAGVvBDwFZzs7ATEyNDQ1NgdpNDUDMzQFeW0JMDEyNARrbAg5MTECZmxpBzgIZm14BGpmcnptAGRqcAU2NzgIbG9pBDU1NjcIc3V0agU2Nzg5MTIyA3N4aXd9AQFydWh4e2kJMjEyNjQ2Nj4IZXducQU4OQd6ZWcDa3h5dnpCLzBvZHJ6d2h7LmRxcDMFeGlrYwIzMzY6Nzg9MwFlcXh1Bwd-bm4DA3tscn0JSW92aHAlT3VrLgFlZ2sGNzg5MTIzNDU1Njc5MTIzNDU2Nzg5MTIzNDU2Nzg5MTIyNDU2Nzg5MTIzNDU1Nzg5MTIzNDU2Nzg5MTIzNDU1NgdraXYDNDU2Njg5MTIzNDU2Nzg5MTEzMzU2Nzg5AHh3dwV8NDdDdy9bOVpbQX42cjVwcXJzQX42bDVwcXJzQX42dDd3PnszS1J1OFcCbnBzbQhtbi5XVj9qdAd6dHUDODQFcmh3AQFqb3cGNgd2dAIzNDQ1Nzc4MTICemgGNzg4YjMCZnZ9B1dMRiFYbGl8a3mEaW92aHZzZ3M1cGVoMHpua35tcjxFa3Z0c2woUEVII1pua35tcn1rcXhqeHVpbC5yZ2oyfHBtd2Z0PkdteHZ1aXZvI1RJTCdeaWZ5aHaBb3V8ZXNwZHAydmtuLXdraHtqeEJVaWR0cnd0bHsoRWVpaCRVSk0oVmpneml3gnB2dGZ0cWVxM3dsZi54bGl8a3lDV2ZkTm15Jml9aW12MG1zJldMRn1rcXhqeHVpbC5yZ2oyfHBtd2Z0A3doagg6NAF1c2gGODsIZHF0BDUFdGpsATIyA3F5dgg5NQ__&_tdf=30 HTTP 302
    https://trk139.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20240808083226_91c61e74_110f_48c0_b21d_458e5c3c1af4%26s%3D139445_ww&vId=bmconv_20240808083226_91c61e74_110f_48c0_b21d_458e5c3c1af4&hash=270226461dc64814f22c&ete=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.tiresfrombil.lat/click?offer_id=30788&pub_id=199304&pub_sub_id=add_publisher_id_here&pub_click_id=add_click_id_here&idfa=pass_idfa_here&gaid=pass_gaid_here&tag=mabapbyx8aseztuyznrion HTTP 307
  • https://www.tiresfrombil.lat/click?offer_id=30788&pub_id=199304&pub_sub_id=add_publisher_id_here&pub_click_id=add_click_id_here&idfa=pass_idfa_here&gaid=pass_gaid_here&tag=mabapbyx8aseztuyznrion HTTP 302
  • https://www.undertheline.giving/?sl=5459258-9a9a4&pubid=199304&offid=30788
Request Chain 1
  • https://www.undertheline.giving/?sl=5459258-9a9a4&pubid=199304&offid=30788&eyeg=a811e1ca09b0c591e32ae8cbeb4fa093&eyer=0.21515001504535536&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
  • https://wwv.brincanaareia.autos/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=1974483586981393113&1=trk1_mdc_AT
Request Chain 5
  • https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7400652748980486146&site=24829-ead744cf&pub_sub_id=24829&eyeg=b3b04418422115278bdcb5bd16326ad4&eyer=0.19247322708148307&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=wwv.brincanaareia.autos HTTP 302
  • https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7400652748980486146&site=24829-ead744cf&pub_sub_id=24829&eyeg=3&eyer=0.19247322708148307&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=wwv.brincanaareia.autos HTTP 302
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=33000f586b134e73e9d7cfdb6c596a56820f00808-202408-flb*5827987-2afce**sl_5827987-2afce*6d8ee39f8164a5c2d9808344840723267ac1f9f0** HTTP 302
  • https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=204XkjaPzoZGq2grRmKe3tYrr46maGtxvUs5T87e7bfSatyZnMNrXLxC1PhudLYiQ5fnjz&source= HTTP 302
  • https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D
Request Chain 6
  • https://dakotatraff.com/l/270226461dc64814f22c?sub={yourClickId}&source=ww&wnw=false HTTP 302
  • https://trk139.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false
Request Chain 7
  • https://t3.lowtid.com/e.php?p=c:7omnig4vvdmjho1zq&d=635151a79ddd643b302b5908&pid=bmconv_20240808083226_91c61e74_110f_48c0_b21d_458e5c3c1af4&s=139445_ww HTTP 302
  • https://go.savethereef.xyz/redirect?feed=602369&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_11jspnu75w..linux.chrome&query=139445_ww&pub_clickid=66b4667a89e0373a3e0bf97d&default_url=https%3A%2F%2Ft1.hightid.com%2Fr.php%3Fp%3Dc%3As_8942pgf_9qrwlx0%26d%3D653c9411464a4419c012ddb2%26s%3D%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.undertheline.giving/
Redirect Chain
  • http://www.tiresfrombil.lat/click?offer_id=30788&pub_id=199304&pub_sub_id=add_publisher_id_here&pub_click_id=add_click_id_here&idfa=pass_idfa_here&gaid=pass_gaid_here&tag=mabapbyx8aseztuyznrion
  • https://www.tiresfrombil.lat/click?offer_id=30788&pub_id=199304&pub_sub_id=add_publisher_id_here&pub_click_id=add_click_id_here&idfa=pass_idfa_here&gaid=pass_gaid_here&tag=mabapbyx8aseztuyznrion
  • https://www.undertheline.giving/?sl=5459258-9a9a4&pubid=199304&offid=30788
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.undertheline.giving/?sl=5459258-9a9a4&pubid=199304&offid=30788
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.85.158 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Thu, 08 Aug 2024 06:32:22 GMT
Transfer-Encoding
chunked

Redirect headers

access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8afd7803ad5a5b18-VIE
content-length
0
date
Thu, 08 Aug 2024 06:32:22 GMT
location
https://www.undertheline.giving/?sl=5459258-9a9a4&pubid=199304&offid=30788
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TjmdMap%2Bur%2FO5%2Fc817ms1HDYL%2F9a5DPwUt1gLnJILN%2FTLCMy%2FVxs81u7mzL36kQ%2FiTJn79saGu2obXFDeu6k46RHH%2BM51GuUvYwssUTI97OEJFHZnVhSd67lb2o1zFEKRzPijJVTHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
wwv.brincanaareia.autos/
Redirect Chain
  • https://www.undertheline.giving/?sl=5459258-9a9a4&pubid=199304&offid=30788&eyeg=a811e1ca09b0c591e32ae8cbeb4fa093&eyer=0.21515001504535536&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=
  • https://wwv.brincanaareia.autos/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=1974483586981393113&1=trk1_mdc_AT
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wwv.brincanaareia.autos/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=1974483586981393113&1=trk1_mdc_AT
Requested by
Host: www.undertheline.giving
URL: https://www.undertheline.giving/?sl=5459258-9a9a4&pubid=199304&offid=30788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.108.198 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b9481c7419c435b8d3b298489aa504ea9223d4062be4b8de45fde7c200df7788
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.undertheline.giving/?sl=5459258-9a9a4&pubid=199304&offid=30788
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 08 Aug 2024 06:32:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
0
Date
Thu, 08 Aug 2024 06:32:22 GMT
Location
https://wwv.brincanaareia.autos/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=1974483586981393113&1=trk1_mdc_AT
favicon.ico
wwv.brincanaareia.autos/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wwv.brincanaareia.autos/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.108.198 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wwv.brincanaareia.autos/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=1974483586981393113&1=trk1_mdc_AT
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 06:32:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Fri, 09 Aug 2024 06:32:23 GMT
favicon.ico
wwv.brincanaareia.autos/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://wwv.brincanaareia.autos/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.108.198 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

Request headers

Referer
https://wwv.brincanaareia.autos/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=1974483586981393113&1=trk1_mdc_AT
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 06:32:23 GMT
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Fri, 09 Aug 2024 06:32:23 GMT
/
www.primarkingfun.giving/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7400652748980486146&site=24829-ead744cf&pub_sub_id=24829
Requested by
Host: wwv.brincanaareia.autos
URL: https://wwv.brincanaareia.autos/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=1974483586981393113&1=trk1_mdc_AT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wwv.brincanaareia.autos/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Thu, 08 Aug 2024 06:32:25 GMT
Transfer-Encoding
chunked
unite
manuqas.com/kalo/
Redirect Chain
  • https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7400652748980486146&site=24829-ead744cf&pub_sub_id=24829&eyeg=b3b04418422115278bdcb5bd16326ad4&eyer=0.19247322708148307&eyei=0&eyew=...
  • https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7400652748980486146&site=24829-ead744cf&pub_sub_id=24829&eyeg=3&eyer=0.19247322708148307&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=w...
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=33000f586b134e73e9d7cfdb6c596a56820f00808-202408-flb*5827987-2afce**sl_5827987-2afce*6d8ee...
  • https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=204XkjaPzoZGq2grRmKe3tYrr46maGtxvUs5T87e7bfSatyZnMNrXLxC1PhudLYiQ5fnjz&source=
  • https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D
Requested by
Host: www.primarkingfun.giving
URL: https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7400652748980486146&site=24829-ead744cf&pub_sub_id=24829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7400652748980486146&site=24829-ead744cf&pub_sub_id=24829
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
8afd7817bf1ec2f2-VIE
content-encoding
br
content-type
text/html;charset=ISO-8859-1
date
Thu, 08 Aug 2024 06:32:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jn0ok85MGh2Lix7ej1Hu6DGoWB%2FJncslx24dpzQTHwtchwR8ezBRYOeWWDbH%2F5GxVnliB58oDkb4puz7hBWN559gkNX%2B6A5nQkYmvN2OgQQNOKEVnhG%2F2jXmM158zA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8afd781709935a41-VIE
content-length
89
content-type
text/html; charset=utf-8
date
Thu, 08 Aug 2024 06:32:25 GMT
location
https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Un4wDIARGQHU9Tq7BW4SsV7iiS%2BdZznOBMx%2Be%2Bk1Z13BptkMIVAselqzY%2Fv1FHj%2BWWm8%2Bemy4BcEr%2FxrHNZ39ncIK5rFJ%2Bb2F4OV1oOeMFJL7PRjcJYEPeKLeIXFAAdZkgM3SXhyPQaMFn39"}],"group":"cf-nel","max_age":604800}
server
cloudflare
270226461dc64814f22c.js
trk139.zzzperform.com/l/
Redirect Chain
  • https://dakotatraff.com/l/270226461dc64814f22c?sub={yourClickId}&source=ww&wnw=false
  • https://trk139.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false
36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk139.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false
Requested by
Host: manuqas.com
URL: https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a

Request headers

Referer
https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
1708
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000
cf-cache-status
HIT
cf-ray
8afd781a0b125bb3-VIE
content-encoding
br
content-type
text/html
date
Thu, 08 Aug 2024 06:32:25 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Wed, 27 Sep 2023 17:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2HaDyU0%2BMuEXpAIiMhJw3srGAIWbtNEL5aBxeCLIWHE5azyck70Dq1cAs5OM%2BofgYdAn%2FCWeEJ5veUy1J2UNWQwUTvziu02v9iz7BplCezxPKm4u8JL4%2FPJeJJh4YvI%2Fm1GMlKIUQpg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8afd78199c685b7e-VIE
content-length
143
content-type
text/html
date
Thu, 08 Aug 2024 06:32:25 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://trk139.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mvS6S1p7fnrCnGVVl3gEXJfrXFcWXHr2h6A2JP%2BvSPJmmk4OI1DGbb8s8XEYr%2BWWEiZBuPICpkiDODYxK1FOioc4dNyQ242RCOj1hbrZUjiiljVgS020XWPF4JXrR7pfqa8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Primary Request gw.js
trk139.zzzperform.com/
Redirect Chain
  • https://trk139.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false&code=09Y3VvBDU8ODo4OTk5Nzk.PjcIc3NlBG10Bn1tcgI0OQRuamgJMTICc3B5B1NxbnZ6I3w9PGY.NAF2ZmwGBnB-ATI4MzQFb28J...
  • https://trk139.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20240808083226_...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk139.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20240808083226_91c61e74_110f_48c0_b21d_458e5c3c1af4%26s%3D139445_ww&vId=bmconv_20240808083226_91c61e74_110f_48c0_b21d_458e5c3c1af4&hash=270226461dc64814f22c&ete=true
Requested by
Host: www.undertheline.giving
URL: https://www.undertheline.giving/?sl=5459258-9a9a4&pubid=199304&offid=30788
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b

Request headers

Referer
https://trk139.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
1883
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000
cf-cache-status
HIT
cf-ray
8afd781b2bf75bb3-VIE
content-encoding
br
content-type
text/html
date
Thu, 08 Aug 2024 06:32:26 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Wed, 27 Sep 2023 17:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FDcm%2FH7J7J%2Bx5riQxSOY27dLPlnZQE271CZ%2Fk2qKLJyUXj4CNU6Ek2JJl886VBTKzpl5xCx5hh5YpZTyEMshyLgmv1V2L5FhZ6GH3xkHRtcthB%2FON4yQFZKkaetRZmoueHeqU8N2ZEQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8afd781aab7f5bb3-VIE
date
Thu, 08 Aug 2024 06:32:26 GMT
location
https://trk139.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20240808083226_91c61e74_110f_48c0_b21d_458e5c3c1af4%26s%3D139445_ww&vId=bmconv_20240808083226_91c61e74_110f_48c0_b21d_458e5c3c1af4&hash=270226461dc64814f22c&ete=true
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3YWzhiMcrdgy9xnY2bL%2FNnp%2FbLZZZdl%2B8r7xB9eFgFcrxfbgILatUwwru7mkfke2IshvpUdC0JxUD3jKRGbbtuudzMPHjUZPU0LwgzEmwwUfPTLmUhlTWRoZ9PVlHfcl%2BNmAiez1Nyo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
redirect
go.savethereef.xyz/
Redirect Chain
  • https://t3.lowtid.com/e.php?p=c:7omnig4vvdmjho1zq&d=635151a79ddd643b302b5908&pid=bmconv_20240808083226_91c61e74_110f_48c0_b21d_458e5c3c1af4&s=139445_ww
  • https://go.savethereef.xyz/redirect?feed=602369&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_11jspnu75w..linux.chrome&query=139445_ww&pub_clickid=66b4667a89e0373a3e0bf97d&default_url=https%3A%2F%...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
go.savethereef.xyz
URL
https://go.savethereef.xyz/redirect?feed=602369&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_11jspnu75w..linux.chrome&query=139445_ww&pub_clickid=66b4667a89e0373a3e0bf97d&default_url=https%3A%2F%2Ft1.hightid.com%2Fr.php%3Fp%3Dc%3As_8942pgf_9qrwlx0%26d%3D653c9411464a4419c012ddb2%26s%3D%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| items object| search number| index object| tmp string| url

1 Cookies

Domain/Path Name / Value
trk139.zzzperform.com/ Name: BSESSID
Value: trk076ccbf3-efd0-4c1f-af56-3ac67cd61b33