urlscan.io logo urlscan.io
SecurityTrails logo

trk5.zzzperform.com Open in urlscan Pro
2606:4700:3037::ac43:d0b2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website=26063-62913840-5057...
Effective URL: https://trk5.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false
Submission: On March 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3037::ac43:d0b2, located in United States and belongs to CLOUDFLARENET, US. The main domain is trk5.zzzperform.com.
TLS certificate: Issued by GTS CA 1P5 on January 17th 2024. Valid for: 3 months.
This is the only time trk5.zzzperform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 51.68.85.158 16276 (OVH)
2 2 104.26.6.190 13335 (CLOUDFLAR...)
1 172.67.223.47 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 4
3    51.68.85.158 (France)

ASN16276 (OVH, FR)
cimentbuilder.one
2    104.26.6.190 (None, )

ASN13335 (CLOUDFLARENET, US)
admoustache.aftrad-visit.com
dolpusads.aftrad-visit.com
1    172.67.223.47 (United States)

ASN13335 (CLOUDFLARENET, US)
manuqas.com
1    2606:4700:3033::ac43:a1c5 (United States)

ASN13335 (CLOUDFLARENET, US)
dakotatraff.com
1    2606:4700:3037::ac43:d0b2 (United States)

ASN13335 (CLOUDFLARENET, US)
trk5.zzzperform.com
Apex Domain
Subdomains		 Transfer
3 cimentbuilder.one
cimentbuilder.one
5 KB
2 aftrad-visit.com
admoustache.aftrad-visit.com — Cisco Umbrella Rank: 979210
dolpusads.aftrad-visit.com
903 B
1 zzzperform.com
trk5.zzzperform.com
12 KB
1 dakotatraff.com
dakotatraff.com — Cisco Umbrella Rank: 233382
553 B
1 manuqas.com
manuqas.com — Cisco Umbrella Rank: 85787
1 KB
0 allowedpush.com Failed
allowedpush.com Failed
4 6
Domain Requested by
3 cimentbuilder.one 2 redirects
1 trk5.zzzperform.com manuqas.com
1 dakotatraff.com 1 redirects
1 manuqas.com cimentbuilder.one
1 dolpusads.aftrad-visit.com 1 redirects
1 admoustache.aftrad-visit.com 1 redirects
0 allowedpush.com Failed cimentbuilder.one
4 7

This site contains no links.

Subject Issuer Validity Valid
manuqas.com
GTS CA 1P5		 2024-02-03 -
2024-05-03		 3 months crt.sh
zzzperform.com
GTS CA 1P5		 2024-01-17 -
2024-04-16		 3 months crt.sh

This page contains 1 frames:

Frame: https://allowedpush.com/gw2.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20240311231458_511d6aa0_7740_4ef5_bd83_6bdf2432e21a%26source%3D139445%26sub_source%3Dww&vId=bmconv_20240311231458_511d6aa0_7740_4ef5_bd83_6bdf2432e21a&hash=270226461dc64814f22c&ete=true&pn=true
Frame ID: 60568C45B0E3BEE878A7BDC9BE261379
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website... Page URL
  2. http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website... HTTP 302
    http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website... HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330008... HTTP 302
    https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=201FgiJ... HTTP 302
    https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D Page URL
  3. https://dakotatraff.com/l/270226461dc64814f22c?sub={yourClickId}&source=ww&wnw=false HTTP 302
    https://trk5.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false Page URL

Page Statistics

4
Requests

50 %
HTTPS

40 %
IPv6

6
Domains

7
Subdomains

4
IPs

3
Countries

18 kB
Transfer

42 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website=26063-62913840-50573cbd&placement=26063 Page URL
  2. http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website=26063-62913840-50573cbd&placement=26063&eyeg=610a3b45f1a64b0d650d214e80c33a75&eyer=0.8221632763549547&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website=26063-62913840-50573cbd&placement=26063&eyeg=3&eyer=0.8221632763549547&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=3300082a5b83f992eee932667e3a1bbd2c1e30311-202403-flb*5738009-ccc5a*m7344928554791993489*sl_5738009-ccc5a*757443f42cfb43d713208365d22fa61d17312778*26063-62913840-50573cbd*26063 HTTP 302
    https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=201FgiJahQ2h4FuPuxHXv6Fd1jTGYaL6sH8Dpv9LH1EzVitoHq13eUnZNGRHEDomgKXhht&source= HTTP 302
    https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D Page URL
  3. https://dakotatraff.com/l/270226461dc64814f22c?sub={yourClickId}&source=ww&wnw=false HTTP 302
    https://trk5.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website=26063-62913840-50573cbd&placement=26063&eyeg=610a3b45f1a64b0d650d214e80c33a75&eyer=0.8221632763549547&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
  • http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website=26063-62913840-50573cbd&placement=26063&eyeg=3&eyer=0.8221632763549547&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=3300082a5b83f992eee932667e3a1bbd2c1e30311-202403-flb*5738009-ccc5a*m7344928554791993489*sl_5738009-ccc5a*757443f42cfb43d713208365d22fa61d17312778*26063-62913840-50573cbd*26063 HTTP 302
  • https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=201FgiJahQ2h4FuPuxHXv6Fd1jTGYaL6sH8Dpv9LH1EzVitoHq13eUnZNGRHEDomgKXhht&source= HTTP 302
  • https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D
Request Chain 2
  • https://trk5.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false&code=62Y3VvBDU8Nzc5Qj89RUVBRkURhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK4KVm2FhMKWVmzU1n645anBrbD2np0FydHN0Rae.SXqAe3xNr7dRgoSDhFXK0VmPiotcv9PIxGIAZG1oBTYGanNsCzsMfIB9hBISiYJ5F16HiIGHgT1njYNPIouXi4konJufkCyToJwxl5Ofp5o2rJk6h6q2pqqroXB3cXRlbp6xt666w8BunaRxg4OChZF3r8LIkZCYfteWlSkhQ3N0cWtebWtVdIA8Q0JHP0VJND1hX2xmZkc8iYeKhUFpiIeQlVBIbJKdm5qTXmFjZGFkY2xpbmpobG1uXpKhp6O1rXR7en93fYFMrsRQiFG2wFWNVriMjFuLjI6Oj5BhYTU2BDQ1BnpuCjo7PD4OdXYSQ0REFXl-fBpLG4KJlCCGgo6WiSWJj5UqW1xdLZqdlzJjY2RlNqqsq6E8bW5vcHFyckOzuKm3vUpKu76xwcSyUoSDhIiGiIiQWsDSycxgk5QAc2dpBW16e3h8RDo7em99hYJzhkJ4hYRHGYx9f4AfUFBTV1RVWlkni5eemy0tpZ2dMjKqm6GsOIGnrqCoXYeto29CpqisR3h5ent8fX5-f4CBg4SEhYeIiYqLjI2Oj5CRkjEyMzQ1NTc4OTo7PD0.P0BBQUNERUZHSElKS0xNTk9QUVJTU1QliZCdKltcXV1fYGFiY2RlZmdoaWpqbGxub3BxckK6ublHvnZ5hcJ6poSlpozJgcaJxMXGx5XSismSzc7Pbjx5MXg7e0J-N09WeUVkD3t9gHoVeoREbWxVgIodkJOUIlIjkIaVKCiRlp4tXS6dpDJjZGRlZ2doams7s6E-cHFxpHVEqLi-SYyyvbu6s2.glZhzpMHLvsHH1sTK0cPRzsJsLnJnajJ8cG2Ab31HUHaBf353M2RZXDdugn.SgY.ajIiLiIWRiY2KjpOMjZyOk56aoJiinKSbnZ.in6Omnqd6jqK2rLqqZoq0sq.5wMm3vcS2xMG1wYPFubzGiMzJ08bJzwB0ZWcFNzoHe3luDD5BDnOAgxNEFIN5exlSSE4cipKPIVJX&_tdf=24 HTTP 302
  • https://allowedpush.com/gw2.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20240311231458_511d6aa0_7740_4ef5_bd83_6bdf2432e21a%26source%3D139445%26sub_source%3Dww&vId=bmconv_20240311231458_511d6aa0_7740_4ef5_bd83_6bdf2432e21a&hash=270226461dc64814f22c&ete=true&pn=true

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cimentbuilder.one/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website=26063-62913840-50573cbd&placement=26063
Protocol
HTTP/1.1
Server
51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7c8e5c685b2c5d6d983298f064307d8ffac0fe710e5cc950ca8cf4f6d1776b74

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Mon, 11 Mar 2024 22:14:56 GMT
Transfer-Encoding
chunked
unite
manuqas.com/kalo/
Redirect Chain
  • http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website=26063-62913840-50573cbd&placement=26063&eyeg=610a3b45f1a64b0d650d214e80c33a75&eyer=0.8221632763...
  • http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website=26063-62913840-50573cbd&placement=26063&eyeg=3&eyer=0.8221632763549547&eyei=0&eyew=1600&eyeh=12...
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=3300082a5b83f992eee932667e3a1bbd2c1e30311-202403-flb*5738009-ccc5a*m7344928554791993489*sl...
  • https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=201FgiJahQ2h4FuPuxHXv6Fd1jTGYaL6sH8Dpv9LH1EzVitoHq13eUnZNGRHEDomgKXhht&source=
  • https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D
Requested by
Host: cimentbuilder.one
URL: http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website=26063-62913840-50573cbd&placement=26063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.223.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7344928554791993489&website=26063-62913840-50573cbd&placement=26063
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
862ee680dab88dd3-MIA
content-encoding
br
content-type
text/html;charset=ISO-8859-1
date
Mon, 11 Mar 2024 22:14:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFPYPY4%2BwVo4lAFDlwBXLQOJNxuuFiFcHGqKVhAyY1OxCz2w0kL%2B6vE4LUTXiJZf1jXD%2FyH8X4P5%2BJMF8S752b80PYOnwOL18oRqkb%2B594CrqkfVV4uB2qTmbJg0og%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
862ee67e78e39ab7-MIA
content-length
89
content-type
text/html; charset=utf-8
date
Mon, 11 Mar 2024 22:14:57 GMT
location
https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aC8mEUKVtwnE7R1UoPCYa3rgSyGQbGtRJIIWXqPEeNQWiEuf5%2F%2BZkL7MLjufu1BxydFUTpV7Llu%2BguHFnQq8RGxSkq1dIwO4OjIYRVrjyUpgyVInvwA2mQIG4w90L0Xfa7rUwu1%2F8Rbc5XAS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request 270226461dc64814f22c.js
trk5.zzzperform.com/l/
Redirect Chain
  • https://dakotatraff.com/l/270226461dc64814f22c?sub={yourClickId}&source=ww&wnw=false
  • https://trk5.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false
36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk5.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false
Requested by
Host: manuqas.com
URL: https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d0b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a

Request headers

Referer
https://manuqas.com/kalo/unite?five=YezU%2FXi5GKBf9HGBsDaIxw%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
837
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000
cf-cache-status
HIT
cf-ray
862ee6868af3746d-MIA
content-encoding
br
content-type
text/html
date
Mon, 11 Mar 2024 22:14:58 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Fri, 22 Sep 2023 11:17:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pn9SZxyKfEisj8Q7KFReOAF5b95005Uz%2FI%2BBjivW0LoHYxKwtacyy%2BaKtHZAwXjNTjBB%2Fh6KkecFAkAC8j0tHUmmNgziFubWziOwzzndphLhBpp1Vc92UjghbE%2BOol6B6Rf0LRmXG%2FdHk4DklBfG3Tiw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
862ee685ab55da0f-MIA
date
Mon, 11 Mar 2024 22:14:58 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://trk5.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxT87ZCj0wl2oK4Wm%2BRQB0pFXoXZXntYHIUeoNYxBknvN5QEeZxrH1UbMQM6%2BgkOnOto6XNn37RsEWYsf46J0MlJQkudY97OMjOgltVXzLmVvjv4ftM%2F4HZbRcyrre3OkZMjvdpfg5qeCtekrVc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gw2.js
allowedpush.com/
Redirect Chain
  • https://trk5.zzzperform.com/l/270226461dc64814f22c.js?sub={yourClickId}&source=ww&wnw=false&code=62Y3VvBDU8Nzc5Qj89RUVBRkURhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK4KVm2FhMKWVmzU1n645anBrbD2np0FydHN0Rae.SX...
  • https://allowedpush.com/gw2.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20240311231458_511d6aa0...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
allowedpush.com
URL
https://allowedpush.com/gw2.js?sub=%7ByourClickId%7D&source=ww&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20240311231458_511d6aa0_7740_4ef5_bd83_6bdf2432e21a%26source%3D139445%26sub_source%3Dww&vId=bmconv_20240311231458_511d6aa0_7740_4ef5_bd83_6bdf2432e21a&hash=270226461dc64814f22c&ete=true&pn=true

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
trk5.zzzperform.com/ Name: BSESSID
Value: trk6df06115-7f2a-459c-93ea-fd55fa033aff