trk149.zzzperform.com

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 2606:4700:e6::ac40:cb1e, located in United States and belongs to CLOUDFLARENET, US. The main domain is trk149.zzzperform.com.
TLS certificate: Issued by GTS CA 1P5 on July 24th 2023. Valid for: 3 months.

This is the only time trk149.zzzperform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700:e6:... 2606:4700:e6::ac40:cb1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.32.28.169 185.32.28.169	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
3	2

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dakotatraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:cb1e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

trk149.zzzperform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.32.28.169 (Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)

goaserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	zzzperform.com 1 redirects trk149.zzzperform.com	14 KB
1	goaserver.com goaserver.com	241 B
1	dakotatraff.com 1 redirects dakotatraff.com — Cisco Umbrella Rank: 155864	547 B
3	3

	Domain	Requested by
3	trk149.zzzperform.com	1 redirects trk149.zzzperform.com
1	goaserver.com	trk149.zzzperform.com
1	dakotatraff.com	1 redirects
3	3

This site contains no links.

Subject Issuer	Validity	Valid
zzzperform.com GTS CA 1P5	`2023-07-24` - `2023-10-22`	3 months	crt.sh
goaserver.com R3	`2023-07-16` - `2023-10-14`	3 months	crt.sh

This page contains 1 frames:

Frame: https://goaserver.com/tracking_sl.php?hash=5d4ce6e096b07d9fb281439916e67b74&aff_sub=bmconv_20230806005222_a156cd6c_b79d_4c5e_93fb_f7fb6da405ae&source=139445&sub_source=ww
Frame ID: 4C826EB2EE3EA43D387AF0D12E20384D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://dakotatraff.com/l/270226461dc64814f22c?sub={yourClickId}&source=ww HTTP 302
https://trk149.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww Page URL
https://trk149.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&code=47Y3VvBDU7Pzg6QD9... HTTP 302
https://trk149.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Fgoaserver.com%2Ftrac... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

3
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

13 kB
Transfer

37 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dakotatraff.com/l/270226461dc64814f22c?sub={yourClickId}&source=ww HTTP 302
https://trk149.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww Page URL
https://trk149.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&code=47Y3VvBDU7Pzg6QD9EQD8-Q0QRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK4KVm2FhMKWVmzU1n645anBrbD2np0FydHN0Rad3AjM5NDUGaHAKOz08PQ6DihJCE3aKf3sZGX2GgR5PH4OMhSRUJZWZlp0rK6KbkjB3oKGaoJpWgKacaDuksKSiQbW0uKlFrHJuA2llcXlsCH5rDFl8iHh8fXNCSUNGN0Bwg4mAjJWSQG92Q1VVVFdjSYGUmmNialCpaGddVXenqKWfkqGfiai0cHd2e3N5NiEqTkxZU1M0KXZ0d3IuVnV0fYI9NVl-ioiHgEtOT1ROUVBYW15WVVlgWkt-jpSQopphaGdsZGpuOZuxPXU.o61CekOleXkBMTI0NDU2B2k9Pgw8PQ6CdhJCQ0RGFn1.GktMTB2Bh4QiUyOKkZwojoqWnpEtkZedMmNkZTWipZ86a2tsbT6ytLOpRHV2dzEyMzMEdHlqeH4LC3x-coKFcxNFREVJR0lJURuBk4qNIVRVI5aKjCgom4yOjy5fX2JmY2RpaDaapq2qPDy0rKxBQbmqsLtHSW92aHAlT3VrNwpucHQPQEFCQ0RFRkdHSElLTExNT1BRUlNUVVZXWFlaW1xdXl9fYWJjZGVmZ2hpamtrbW5vcHFyc3R1dncxMjM0NTY2Nwhsc4ANPj9AQEJDREVGR0hJSktMTU1PT1FSU1RVJZ2cnCqhWVxopV2JZ4iJb6xkqWynqKmqeLVtrHWwsbKzgXcvdjl5QH01TVR3Q2INeXt.eBN4gkJralN.iBuOkZIgUCGOhJMmJo.UnCtbLJuiMGFiYmNlZWZoaTmxnz1ub2.ic0Kmtr1HQ2l0cnFqJldMTypbeIJ1eH6Ne4GIeoiFeYVHi4CDS5WJhpmIlmBpj5qYl5BMfXJ1UIebmKuaqLOloaShnqqipqOnrKWmtadlcGxyanRudm1vcXRxdXhweUxgdIh.jHw4XIaEgYuSm4mPloiWk4eTVZeLjphanpulmJuhNKiZmzlrbjuvraJAcnVCp7S3RzEBcGZoBjc3CHZ.ew0.Qw__&_tdf=27 HTTP 302
https://trk149.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20230806005222_a156cd6c_b79d_4c5e_93fb_f7fb6da405ae%26source%3D139445%26sub_source%3Dww&vId=bmconv_20230806005222_a156cd6c_b79d_4c5e_93fb_f7fb6da405ae&hash=270226461dc64814f22c&ete=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://dakotatraff.com/l/270226461dc64814f22c?sub={yourClickId}&source=ww HTTP 302
https://trk149.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	270226461dc64814f22c.js Show response trk149.zzzperform.com/l/ Redirect Chain https://dakotatraff.com/l/270226461dc64814f22c?sub={yourClickId}&source=ww https://trk149.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww	36 KB 12 KB	92ms 35ms	Document text/html	2606:4700:e6::ac40:cb1e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk149.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:cb1e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 3059 alt-svc h3=":443"; ma=86400 cache-control max-age=315360000 cf-cache-status HIT cf-ray 7f229c2df89bb986-AMS content-encoding br content-type text/html date Sat, 05 Aug 2023 22:52:22 GMT expires Thu, 31 Dec 2037 23:55:55 GMT last-modified Tue, 20 Aug 2019 14:25:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkzQUa5m%2FTPLRVjOQvoO79KSHXEq0rzOjQN3%2BePcAIPmKjalr5Q3ItjP2q8%2BFC1fqg8kspw6CK6644yvBY9uwZnZip9pvoCbAV0kXhoYY52ewh18BHhB6Fki5GlN9DM9mS%2B%2Bv6PKSSWJmFmZ51pOgZIhnD4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 7f229c2d6932b758-AMS date Sat, 05 Aug 2023 22:52:21 GMT expires Thu, 01 Jan 1970 00:00:01 GMT location https://trk149.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIpZjfFBSeI1WcWcura2kIrT8py0crGyonZV%2FVpZEQ8vCuIGn%2BCaIQjqRX%2B1nq1uEnuXYps9F5xKvOiKrEDflx0DXD6MiyHlxfvYtZz44IgRLyezvHg15jNnqgOI8XLq4YfFPRnhqF2axqyD3c4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	Primary Request gw.js trk149.zzzperform.com/ Redirect Chain https://trk149.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&code=47Y3VvBDU7Pzg6QD9EQD8-Q0QRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK4KVm2FhMKWVmzU1n645anBrbD2np0FydHN0Rad3AjM5NDUGaH... https://trk149.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20230806005222_a15...	1 KB 1007 B	35ms 33ms	Document text/html	2606:4700:e6::ac40:cb1e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk149.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20230806005222_a156cd6c_b79d_4c5e_93fb_f7fb6da405ae%26source%3D139445%26sub_source%3Dww&vId=bmconv_20230806005222_a156cd6c_b79d_4c5e_93fb_f7fb6da405ae&hash=270226461dc64814f22c&ete=true Requested by Host: trk149.zzzperform.com URL: https://trk149.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:cb1e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://trk149.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 3094 alt-svc h3=":443"; ma=86400 cache-control max-age=315360000 cf-cache-status HIT cf-ray 7f229c2f0987b986-AMS content-encoding br content-type text/html date Sat, 05 Aug 2023 22:52:22 GMT expires Thu, 31 Dec 2037 23:55:55 GMT last-modified Thu, 15 Oct 2020 14:13:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l387aw7LqdpbwhzpttO9cziw79c%2BaRbFCz4M5USQmuM0uxwINGduoikGxk1BAZot2j0fhTwTP0b7Zn4G44FZq%2BG7cdDGcMhRW%2BtQJAWvz%2Beq%2Bmd8qrSGzO2B1xwoh3NqkenPdO%2BdA%2FbpeteQ%2F39ZOTX8JVs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 7f229c2eb942b986-AMS date Sat, 05 Aug 2023 22:52:22 GMT location https://trk149.zzzperform.com/gw.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20230806005222_a156cd6c_b79d_4c5e_93fb_f7fb6da405ae%26source%3D139445%26sub_source%3Dww&vId=bmconv_20230806005222_a156cd6c_b79d_4c5e_93fb_f7fb6da405ae&hash=270226461dc64814f22c&ete=true nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7pFxb44dl1mKzMpfKw9w3f6F7EqLDdc%2FKBRjqqCmPAWDHO3SDbFwGiWPfeDFmk44Wt4m8oBzzrVfbrnjSkwCm%2BtMP1qYavNjDOPuLopckAP7yWiYRwzIvSU9XWsLnciz7V3J%2FlgdFBfZzQosymH2SRVomI%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H/1.1	200 OK	tracking_sl.php Show response goaserver.com/	0 241 B	290ms 81ms	Document text/html	185.32.28.169 AS_ADAM Adam Data...
General Check archive.org Show headers Download Go to Full URL https://goaserver.com/tracking_sl.php?hash=5d4ce6e096b07d9fb281439916e67b74&aff_sub=bmconv_20230806005222_a156cd6c_b79d_4c5e_93fb_f7fb6da405ae&source=139445&sub_source=ww Requested by Host: trk149.zzzperform.com URL: https://trk149.zzzperform.com/l/270226461dc64814f22c?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20230806005222_a156cd6c_b79d_4c5e_93fb_f7fb6da405ae%26source%3D139445%26sub_source%3Dww&vId=bmconv_20230806005222_a156cd6c_b79d_4c5e_93fb_f7fb6da405ae&hash=270226461dc64814f22c&ete=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.32.28.169 , Spain, ASN15699 (AS_ADAM Adam Datacenter, ES), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://trk149.zzzperform.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 05 Aug 2023 22:52:20 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			trk149.zzzperform.com/	1970-01-20 23:23:55	Name: BSESSID Value: trk51b9dbf0-a949-46b2-bbae-f0d2bb0880d6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dakotatraff.com
goaserver.com
trk149.zzzperform.com
185.32.28.169
2606:4700:e6::ac40:cb1e
2a06:98c1:3120::3
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

trk149.zzzperform.com Open in urlscan Pro 2606:4700:e6::ac40:cb1e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

13 kBTransfer

37 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

trk149.zzzperform.com Open in urlscan Pro
2606:4700:e6::ac40:cb1e Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

13 kB
Transfer

37 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions