trk74.zzzperform.com

Summary

This website contacted 2 IPs in 4 countries across 2 domains to perform 3 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is trk74.zzzperform.com.
TLS certificate: Issued by WE1 on July 12th 2024. Valid for: 3 months.

This is the only time trk74.zzzperform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 3	188.114.96.3 188.114.96.3		13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2

3 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

trk74.zzzperform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	zzzperform.com 1 redirects trk74.zzzperform.com	14 KB
0	popcash.net Failed popcash.net Failed
3	2

	Domain	Requested by
3	trk74.zzzperform.com	1 redirects trk74.zzzperform.com
0	popcash.net Failed	trk74.zzzperform.com
3	2

This site contains no links.

Subject Issuer	Validity	Valid
zzzperform.com WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh

This page contains 1 frames:

Frame: https://popcash.net/world/go/134600/317186
Frame ID: ED86002F47F469F8615ADDBF5126560B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https HTTP 307
https://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https Page URL
https://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https&code=4cY3VvBDU8ODs4Pj1CRD... HTTP 302
https://trk74.zzzperform.com/gw.js?source=unknown&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omni... Page URL

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

4
Countries

13 kB
Transfer

37 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https HTTP 307
https://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https Page URL
https://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https&code=4cY3VvBDU8ODs4Pj1CRD5DRkcRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3eVm6OnUKlqaZNrajesnKI8PKa1QHF3cnNErq5IeXt6ewBieQQ1OzY3CGpyDD0-Pj8QhYwUQUZIRxh7j4SAHh6Ci4YjVCSIkYopWSqanpuiMDCnoJc1fKWmn6WfW4WroW1AqbWpp0a6ub2uSrFybgNpZXF5bAh.awxZfIh4fH1zQklDRjdAcUtMVz1qiI6WmkOcXVyGXl1TS22dnpuViJeVf56qZm1scWlvc15ni4mWkJBxZrOxtK9rR2ZlbnMuJkpwe3l4cTw-QUc-QkFEQ0Y3a3qAfI6GTVRTWFBWWiWHnSlhKo.ZLmYvkWVlNGRlZ2doaTqccHE-b3BBtalFdXZ3eUmwsQEyMzMEaG5rCToKcXiDD3VxfYV4FHh.hBlKS0wciYyGIVJSU1QlmZuakCtcXV5fYGFhMqKnmKasOTmqraCws6FBc3Jzd3V3d39Jr8FsbwM2NwV4bG4KCn1ucHEQQUFESEVGS0oYfIiPjB4elo6OIyObjJKdKXKYn5GZTnielGAzl5mdOGlqa2xtbm9wcHFydHV2d3h5ent8MTIzNDU2Nzg5Ojs8PD4-QEFCQ0RFRkdISEpLTE1OT1BRUlNUVVZXWFlaWlsskJekMWJjZGRmZ2hpamtsbW5vcHFxc3N1dnd4eUnBwHQCeTE0QH01YT9gYUeEPIFEf4CBglCNRYRNiImKi1mWTpVYmF.cVGxzlmKBLJianZcyl6Fhiolynac6rbCxP3RwQa6ks0ZGr7S8S3sAb3YENTY2Nzk5Ojw9DYVzEUJDQ3ZHFnqKkRtrYGM.dYmGmYiWoY.VnI6cmY2ZW5.Ul1.pnZqtnKp0faOurKukYJGGiWSbr6y-rrzHaW92aHZzZ3M1eW5xOYN3dId2hE5XfYiGhYKPiDxtYmVAd4uIm4qYo5GXnpCem4.bXaGWmWGrn5yvnqx2iaahsa.0sam4ZYurr65qm0RHIlltan1seoVzeYBygH1xfT.DeHtDjYF.kYCOWHWEgmyLl0SHm5CUnVeUmk1.c3atm6GomqilmaVnq6Cja7WpprmotkW5qqxKfH8AdHJnBTc6B2x5fAw9DXxydBJDQxSCiocZSk8_&_tdf=300 HTTP 302
https://trk74.zzzperform.com/gw.js?source=unknown&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20240819094942_4393ae28_e315_4839_9889_d4986efd99dc%26s%3D135921_unknown&vId=bmconv_20240819094942_4393ae28_e315_4839_9889_d4986efd99dc&hash=26997115f3e3b5c262a2&ete=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https HTTP 307
https://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https

Request Chain 1

https://t3.lowtid.com/e.php?p=c:7omnig4vvdmjho1zq&d=635151a79ddd643b302b5908&pid=bmconv_20240819094942_4393ae28_e315_4839_9889_d4986efd99dc&s=135921_unknown HTTP 302
https://go.savethereef.xyz/redirect?feed=602369&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_11jspnu75w.nl.linux.chrome&query=135921_unknown&pub_clickid=66c2f917afce5a7d8155be4d&default_url=https%3A%2F%2Ft1.hightid.com%2Fr.php%3Fp%3Dc%3As_8942pgf_9qrwlx0%26d%3D653c9411464a4419c012ddb2%26s%3D%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D HTTP 302
https://t1.hightid.com/r.php?p=c:s_8942pgf_9qrwlx0&d=653c9411464a4419c012ddb2&s=602369&d2=www.twtch.co HTTP 302
https://go.savethereef.xyz/redirect?feed=465513&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_10utabg6hk.nl.linux.chrome&query=602369&pub_clickid=66c2f918163b49042604aca3&default_url=https%3A%2F%2Ft10.lowtid.com%2Fs.php%3Fp%3Dc%3A5mklge2tsml349y_c%26d%3D655744eb46c1f060291a7ac7%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D%26d1%3D%7Bquery%7D HTTP 302
https://t10.lowtid.com/s.php?p=c:5mklge2tsml349y_c&d=655744eb46c1f060291a7ac7&s=du.465513&d2=www.twtch.co&d1=602369 HTTP 302
https://popcash.net/world/go/134600/317186

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	26997115f3e3b5c262a2.js trk74.zzzperform.com/l/ Redirect Chain http://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https https://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https	36 KB 12 KB	308ms 36ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers age 110827 alt-svc h3=":443"; ma=86400 cache-control max-age=315360000 cf-cache-status HIT cf-ray 8b588c634af54d8a-FRA content-encoding br content-type text/html date Mon, 19 Aug 2024 07:49:41 GMT expires Thu, 31 Dec 2037 23:55:55 GMT last-modified Wed, 27 Sep 2023 17:56:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HxL8dDs7PL6MqG1hlxU70tPMPgD3jBEowMSok0Wa1XcpNCe9QiIoY55%2ByE%2B50nPbaD79y5Oj%2BN4j5CdthBrBbY8jcPPXxpCxD%2BKVB58IcgQvGhd8aiYImRhkR8uqzvO0CeZBuvA74w%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers Location https://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https Non-Authoritative-Reason HttpsUpgrades
GET H3	200	Primary Request gw.js Show response trk74.zzzperform.com/ Redirect Chain https://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https&code=4cY3VvBDU8ODs4Pj1CRD5DRkcRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3eVm6OnUKlqaZNrajesnKI8PKa1QHF3cnNErq5IeXt6ewBieQQ1Oz... https://trk74.zzzperform.com/gw.js?source=unknown&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20240819094942_4393ae28_e315_4839...	1 KB 1 KB	61ms 57ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk74.zzzperform.com/gw.js?source=unknown&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20240819094942_4393ae28_e315_4839_9889_d4986efd99dc%26s%3D135921_unknown&vId=bmconv_20240819094942_4393ae28_e315_4839_9889_d4986efd99dc&hash=26997115f3e3b5c262a2&ete=true Requested by Host: trk74.zzzperform.com URL: https://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b` Request headers Referer https://trk74.zzzperform.com/l/26997115f3e3b5c262a2.js?source=unknown&url=https Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers age 110904 alt-svc h3=":443"; ma=86400 cache-control max-age=315360000 cf-cache-status HIT cf-ray 8b588c6adbc84d8a-FRA content-encoding br content-type text/html date Mon, 19 Aug 2024 07:49:42 GMT expires Thu, 31 Dec 2037 23:55:55 GMT last-modified Wed, 27 Sep 2023 17:56:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BoO2hT6PJz7FyqEis9gjhZglPSibGwcpV27Koy%2Fx7oOoUp4InmwGs6In2ciqWUMH0O6%2Fy0KVOfEVKV4ql8WBhpP8sbjwY7rOJ%2FMThhNJUqThAZ%2BdBu4Mf833cdjNc%2B%2BlWvR4itGFOw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 8b588c6a3b154d8a-FRA date Mon, 19 Aug 2024 07:49:42 GMT location https://trk74.zzzperform.com/gw.js?source=unknown&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20240819094942_4393ae28_e315_4839_9889_d4986efd99dc%26s%3D135921_unknown&vId=bmconv_20240819094942_4393ae28_e315_4839_9889_d4986efd99dc&hash=26997115f3e3b5c262a2&ete=true nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oMmpCYTLVDdASoMpyPz%2FSGYt5XPkMYI0kS6o2HTaeQvNPbiucPx8NnOOYqn5g5KYraFn%2B1q2H49uN41bwVoC3zXjfkbmRzP3FbqFgK1ehA9IOr98S5tbTgRXBR48Q0Zl2AjGyLlQ%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET		317186 popcash.net/world/go/134600/ Redirect Chain https://t3.lowtid.com/e.php?p=c:7omnig4vvdmjho1zq&d=635151a79ddd643b302b5908&pid=bmconv_20240819094942_4393ae28_e315_4839_9889_d4986efd99dc&s=135921_unknown https://go.savethereef.xyz/redirect?feed=602369&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_11jspnu75w.nl.linux.chrome&query=135921_unknown&pub_clickid=66c2f917afce5a7d8155be4d&default_url=https... https://t1.hightid.com/r.php?p=c:s_8942pgf_9qrwlx0&d=653c9411464a4419c012ddb2&s=602369&d2=www.twtch.co https://go.savethereef.xyz/redirect?feed=465513&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_10utabg6hk.nl.linux.chrome&query=602369&pub_clickid=66c2f918163b49042604aca3&default_url=https%3A%2F%2... https://t10.lowtid.com/s.php?p=c:5mklge2tsml349y_c&d=655744eb46c1f060291a7ac7&s=du.465513&d2=www.twtch.co&d1=602369 https://popcash.net/world/go/134600/317186	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: popcash.net
URL: https://popcash.net/world/go/134600/317186

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			trk74.zzzperform.com/	1970-01-21 08:30:13	Name: BSESSID Value: trk5814ee35-3412-439b-847f-eaa60144a20d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

popcash.net
trk74.zzzperform.com
popcash.net
188.114.96.3
e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b

trk74.zzzperform.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

3 Requests

67 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

4 Countries

13 kBTransfer

37 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

Indicators

trk74.zzzperform.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

4
Countries

13 kB
Transfer

37 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions