trk100.zperform.com Open in urlscan Pro
2606:4700:3037::6815:6096 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://numl.org/GUx
Effective URL:
https://trk100.zperform.com/l/26998185f560e9f5414c.js?sub=6108050d30082700016312bd&source=503
Submission: On August 02 via manual (August 2nd 2021, 2:45:47 pm UTC) from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 6 countries across 9 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3037::6815:6096, located in United States and belongs to CLOUDFLARENET, US. The main domain is trk100.zperform.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.

This is the only time trk100.zperform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.28.87.40 194.28.87.40	196645 (HOSTPRO-AS) (HOSTPRO-AS)
1	46.17.107.46 46.17.107.46	204154 (FIRST-SER...) (FIRST-SERVER-US-AS)
3	2606:4700:303... 2606:4700:3035::6815:4acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
2 3	213.32.106.141 213.32.106.141	16276 (OVH) (OVH)
1 1	213.227.156.21 213.227.156.21	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	2606:4700:303... 2606:4700:3035::6815:1ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::6815:6096	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	7

1 194.28.87.40 (Ukraine) 1 redirects

ASN196645 (HOSTPRO-AS, UA)
PTR: py-studio.com

numl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.17.107.46 (New York, United States)

ASN204154 (FIRST-SERVER-US-AS, SC)
PTR: f05frolov19902.example.com

1b7543953449448.linodrvs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6815:4acf (United States)

ASN13335 (CLOUDFLARENET, US)

lead-go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.32.106.141 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip141.ip-213-32-106.eu

www.bestofferxxx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.156.21 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

admoustache.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:1ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

misctraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:6096 (United States)

ASN13335 (CLOUDFLARENET, US)

trk100.zperform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	bestofferxxx.com 2 redirects www.bestofferxxx.com	5 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	lead-go.com lead-go.com	14 KB
2	zperform.com trk100.zperform.com	12 KB
1	misctraff.com 1 redirects misctraff.com	696 B
1	go2affise.com 1 redirects admoustache.go2affise.com	218 B
1	doubleclick.net stats.g.doubleclick.net	82 B
1	linodrvs.ru 1b7543953449448.linodrvs.ru	382 B
1	numl.org 1 redirects numl.org	146 B
11	9

	Domain	Requested by
3	www.bestofferxxx.com	2 redirects lead-go.com
3	www.google-analytics.com	lead-go.com www.google-analytics.com
3	lead-go.com	1b7543953449448.linodrvs.ru lead-go.com
2	trk100.zperform.com	www.bestofferxxx.com 1b7543953449448.linodrvs.ru
1	misctraff.com	1 redirects
1	admoustache.go2affise.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	1b7543953449448.linodrvs.ru
1	numl.org	1 redirects
11	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-13` - `2022-04-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.bestofferxxx.com R3	`2021-06-09` - `2021-09-07`	3 months	crt.sh

This page contains 1 frames:

Frame: https://trk100.zperform.com/l/26998185f560e9f5414c.js?sub=6108050d30082700016312bd&source=503&code=3dY3VvBDU7OD5BOj9AP0A-Q0kRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3eVm6OnUKlqaZNrajesnKI8PGl4AzQ6NTYHcXELPD49Pg9xiBNESkVGF3mBG0xOTU4flJsjUFVXVieKnpOPLS2RmpUyYzOXoJk4aDmprap0AgJ5cmkHTnd4cXdxLVd9cz8Se4d7eRiMi4.AHIOQjCGHg4.XiiaciSp3mqaWmpuRYGdhZFVejqGnnqqzcyFQVyQ2NjU4RCpidXtEQ0sxiklIPjZYiImGgHOCgGqJlVFYV1xUWl5JUnZ0gXt7XFGenJ.aVn6dnKWqZSBEanVzcms2QEI4OzpBQUdJP0lFNGh3fXmLg0pRUFVNU1cihJomXieMlitjLI5iYjFhYmRkZWY3mW1uPGwwAXVpBTU2NzgJcHENPj8-EHR6dxVFFn2EjxuBfYmRhCCEipAlVldYKJWYki1eXl9gMaWnppw3aGhqa2xtMAFxdmd1ewgIeXxvf4JwEEJBQkZERkZOGH6Qh4oeUVIgk4eJJSWYiYuMK1xcX2NgYWZlM5ejqqc5ObGpqQEBeWpwewc3CGxucg0.P0BBQkNERUVGR0lKSktMTk9QUVJTVFVWV1hZWltcXV1fYGFiY2RlZmdoaWlrbG0xMjM0NTY3ODk6Ozw9Pj5AEHR7iBVGR0hJSktMTU5PUFFSUlRVVVdXWVpbXF0tpaSkMqlhZHCtZZFvkJF3dy90N3JzdHVDgDh3QHt8fX5MiUGIS4tSj0dfZolVdB.LjZCKJYqUVH18Kp2goS9fMJ2TojU1nqOrOmo7qnQCMzQ0Njc4ODo6C4NxD0BBQnRFFHiIjxkZjX6AHlBTIJSShyVXWieMmZwsXS2ckpQyY2M0oqqnOWpv&_tdf=13
Frame ID: 4BEACD6222BA9C8930458834FC78DB58
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://numl.org/GUx HTTP 302
http://1b7543953449448.linodrvs.ru/6fd273a2/df5e1dc1023b/005044d786cb5d61d3dd Page URL
https://lead-go.com/p/6ADb/3tLK/Zihm Page URL
https://www.bestofferxxx.com/?sl=5272821-288ac&tag=mlClick-ycIso7uk&website=258772 Page URL
https://www.bestofferxxx.com/?sl=5272821-288ac&tag=mlClick-ycIso7uk&website=258772&eyeg=eef802bba2aab4a65... HTTP 302
https://www.bestofferxxx.com/?sl=5272821-288ac&tag=mlClick-ycIso7uk&website=258772&oyeg=eef802bba2aab4a65... HTTP 301
https://admoustache.go2affise.com/sl?id=5f07120cd1fc3bbe7f2be68c&pid=503&sub1=331004281be366fe18daefc5f1665c43... HTTP 302
https://misctraff.com/l/26998185f560e9f5414c?sub=6108050d30082700016312bd&source=503 HTTP 302
https://trk100.zperform.com/l/26998185f560e9f5414c.js?sub=6108050d30082700016312bd&source=503 Page URL

Detected technologies

Microsoft HTTPAPI (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /Microsoft-HTTPAPI(?:\/([\d.]+))?/i

Page Statistics

11
Requests

91 %
HTTPS

60 %
IPv6

9
Domains

9
Subdomains

7
IPs

6
Countries

50 kB
Transfer

122 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://numl.org/GUx HTTP 302
http://1b7543953449448.linodrvs.ru/6fd273a2/df5e1dc1023b/005044d786cb5d61d3dd Page URL
https://lead-go.com/p/6ADb/3tLK/Zihm Page URL
https://www.bestofferxxx.com/?sl=5272821-288ac&tag=mlClick-ycIso7uk&website=258772 Page URL
https://www.bestofferxxx.com/?sl=5272821-288ac&tag=mlClick-ycIso7uk&website=258772&eyeg=eef802bba2aab4a65e487ed95b328ffe&eyer=0.7462850231778961&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=lead-go.com HTTP 302
https://www.bestofferxxx.com/?sl=5272821-288ac&tag=mlClick-ycIso7uk&website=258772&oyeg=eef802bba2aab4a65e487ed95b328ffe&eyer=0.7462850231778961&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=lead-go.com&eyeg=3 HTTP 301
https://admoustache.go2affise.com/sl?id=5f07120cd1fc3bbe7f2be68c&pid=503&sub1=331004281be366fe18daefc5f1665c43e6d0f0802-202108-flb*5272821-288ac*mlClick-ycIso7uk*sl_5272821-288ac*16bb9fd84576d582b76004eca85ed820acddd863*258772* HTTP 302
https://misctraff.com/l/26998185f560e9f5414c?sub=6108050d30082700016312bd&source=503 HTTP 302
https://trk100.zperform.com/l/26998185f560e9f5414c.js?sub=6108050d30082700016312bd&source=503 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://numl.org/GUx HTTP 302
http://1b7543953449448.linodrvs.ru/6fd273a2/df5e1dc1023b/005044d786cb5d61d3dd

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

005044d786cb5d61d3dd Show response
1b7543953449448.linodrvs.ru/6fd273a2/df5e1dc1023b/
Redirect Chain

https://numl.org/GUx
http://1b7543953449448.linodrvs.ru/6fd273a2/df5e1dc1023b/005044d786cb5d61d3dd

216 B
382 B

282ms
181ms

Document
text/html

46.17.107.46
FIRST-SERVER-US-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://1b7543953449448.linodrvs.ru/6fd273a2/df5e1dc1023b/005044d786cb5d61d3dd
Protocol: HTTP/1.1
Server: 46.17.107.46 New York, United States, ASN204154 (FIRST-SERVER-US-AS, SC),
Reverse DNS: f05frolov19902.example.com
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 5b814d4834858aafe40bcbfe779203d0b2d3e3c98834fca6bd476195b42fc4c9

Request headers

Host: 1b7543953449448.linodrvs.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 02 Aug 2021 21:45:31 GMT

Redirect headers

server: nginx
date: Mon, 02 Aug 2021 14:45:31 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: http://1b7543953449448.linodrvs.ru/6fd273a2/df5e1dc1023b/005044d786cb5d61d3dd
x-powered-by: PHP/5.6.40

GET
H2 200 Zihm Show response
lead-go.com/p/6ADb/3tLK/ 2 KB
1 KB 425ms
401ms Document
text/html 2606:4700:3035::6815:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lead-go.com/p/6ADb/3tLK/Zihm
Requested by: Host: 1b7543953449448.linodrvs.ru
URL: http://1b7543953449448.linodrvs.ru/6fd273a2/df5e1dc1023b/005044d786cb5d61d3dd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e0729e931f29f453706cb46d8a930701cd6142201c764172cef0860685c0bf6

Request headers

:method: GET
:authority: lead-go.com
:scheme: https
:path: /p/6ADb/3tLK/Zihm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://1b7543953449448.linodrvs.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://1b7543953449448.linodrvs.ru/

Response headers

date: Mon, 02 Aug 2021 14:45:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, private
x-robots-tag: noindex, nofollow
set-cookie: f34e96995ddf3ff5eb1bfde138cfe29c=f34e96995ddf3ff5eb1bfde138cfe29c; expires=Tue, 02-Aug-2022 14:45:32 GMT; Max-Age=31536000; path=/; httponly
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDk7TZ0lXu0xy6qvsvjBxwFdKowOO4hT8pqx9oFZMUfHv4sSBSMWVzYKbYLGXN44PlAWP2QNqCNi5YuagDI502i9WXCtbMidM88wSfjm5giMYSU128FEpQuh5w%2FcBCpYIqXs7oBRJ%2F2dyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67881729eebfdfc3-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 03032020.min.js Show response
lead-go.com/js/ 32 KB
12 KB 62ms
22ms Script
application/javascript 2606:4700:3035::6815:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lead-go.com/js/03032020.min.js
Requested by: Host: lead-go.com
URL: https://lead-go.com/p/6ADb/3tLK/Zihm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a0dd05cafdce90b48c1b89ae4d86f1120a0fdc7a9e929edb1ebe0404f663dad

Request headers

sec-fetch-mode: no-cors
device-memory: 8
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: script
cookie: f34e96995ddf3ff5eb1bfde138cfe29c=f34e96995ddf3ff5eb1bfde138cfe29c
:path: /js/03032020.min.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: lead-go.com
referer: https://lead-go.com/p/6ADb/3tLK/Zihm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Device-Memory: 8
Referer: https://lead-go.com/p/6ADb/3tLK/Zihm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 14:45:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Mar 2020 10:38:41 GMT
server: cloudflare
age: 5693
etag: W/"5e5e33b1-813d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UbE6h%2FxEI0BUsQvL%2FJR%2BpUi%2BsmrFbU1%2FrcSP80cz5zEYYr3PZMuqHujgcI9cLWkohm5ZFBqMkDRHOUYxNQ78FL2wbtUumiS3br5ZW3W7NWHov46WqHbOpheZ7Aap9VqkJ9l6fj9wG%2FzDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6788172cb9bddfeb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: lead-go.com
URL: https://lead-go.com/p/6ADb/3tLK/Zihm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lead-go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4138
date: Mon, 02 Aug 2021 13:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 02 Aug 2021 15:36:34 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 33ms
18ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1910431623&t=pageview&_s=1&dl=https%3A%2F%2Flead-go.com%2Fp%2F6ADb%2F3tLK%2FZihm&dr=http%3A%2F%2F1b7543953449448.linodrvs.ru%2F&ul=en-us&de=UTF-8&dt=lead-go.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1447231595&gjid=633181956&cid=756064359.1627915532&tid=UA-110090096-2&_gid=522030434.1627915532&_r=1&_slc=1&z=939329987

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lead-go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 14:45:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lead-go.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
18ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lead-go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 14:45:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://lead-go.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
82 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-110090096-2&cid=756064359.1627915532&jid=1447231595&gjid=633181956&_gid=522030434.1627915532&_u=IEBAAEAAAAAAAC~&z=1599683673

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lead-go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 02 Aug 2021 14:45:32 GMT
content-type: text/plain
access-control-allow-origin: https://lead-go.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 finger
lead-go.com/ 20 B
552 B 169ms
168ms XHR
application/json 2606:4700:3035::6815:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lead-go.com/finger
Requested by: Host: lead-go.com
URL: https://lead-go.com/js/03032020.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-fetch-mode: cors
device-memory: 8
origin: https://lead-go.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: f34e96995ddf3ff5eb1bfde138cfe29c=f34e96995ddf3ff5eb1bfde138cfe29c; _ga=GA1.2.756064359.1627915532; _gid=GA1.2.522030434.1627915532; _gat=1
content-length: 970
:path: /finger
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: lead-go.com
referer: https://lead-go.com/p/6ADb/3tLK/Zihm
:scheme: https
sec-fetch-site: same-origin
:method: POST
Device-Memory: 8
Referer: https://lead-go.com/p/6ADb/3tLK/Zihm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 02 Aug 2021 14:45:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NI9JSIq2m304Bfo5i2shf3CJ%2Brjxp0QSKcpGlX0QqtNaukkymfoAGTUSU5X95mpQI0LAFN5KRZmq8jL%2BN5jAxitUb3B7PUjHRgHUwknEUWYWlGeuyMUoqPQ3pRyce3dxIq69a%2FWm19J8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
cf-ray: 6788172e4c64dfeb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK / Show response
www.bestofferxxx.com/ 4 KB
4 KB 141ms
31ms Document
text/html 213.32.106.141
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bestofferxxx.com/?sl=5272821-288ac&tag=mlClick-ycIso7uk&website=258772
Requested by: Host: lead-go.com
URL: https://lead-go.com/js/03032020.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.32.106.141 , France, ASN16276 (OVH, FR),
Reverse DNS: ip141.ip-213-32-106.eu
Software: /
Resource Hash: cafbebfd8c65624c46ade52808a26b416155a5ada108637514163841f7f1a030

Request headers

Host: www.bestofferxxx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://lead-go.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lead-go.com/

Response headers

Date: Mon, 02 Aug 2021 14:45:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform

GET
H2

200

Primary Request 26998185f560e9f5414c.js Show response
trk100.zperform.com/l/
Redirect Chain

https://www.bestofferxxx.com/?sl=5272821-288ac&tag=mlClick-ycIso7uk&website=258772&eyeg=eef802bba2aab4a65e487ed95b328ffe&eyer=0.7462850231778961&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=lead-go.com
https://www.bestofferxxx.com/?sl=5272821-288ac&tag=mlClick-ycIso7uk&website=258772&oyeg=eef802bba2aab4a65e487ed95b328ffe&eyer=0.7462850231778961&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=lead-go.co...
https://admoustache.go2affise.com/sl?id=5f07120cd1fc3bbe7f2be68c&pid=503&sub1=331004281be366fe18daefc5f1665c43e6d0f0802-202108-flb*5272821-288ac*mlClick-ycIso7uk*sl_5272821-288ac*16bb9fd84576d582b7...
https://misctraff.com/l/26998185f560e9f5414c?sub=6108050d30082700016312bd&source=503
https://trk100.zperform.com/l/26998185f560e9f5414c.js?sub=6108050d30082700016312bd&source=503

36 KB
12 KB

48ms
25ms

Document
text/html

2606:4700:3037::6815:6096
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk100.zperform.com/l/26998185f560e9f5414c.js?sub=6108050d30082700016312bd&source=503
Requested by: Host: www.bestofferxxx.com
URL: https://www.bestofferxxx.com/?sl=5272821-288ac&tag=mlClick-ycIso7uk&website=258772
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:6096 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a

Request headers

:method: GET
:authority: trk100.zperform.com
:scheme: https
:path: /l/26998185f560e9f5414c.js?sub=6108050d30082700016312bd&source=503
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bestofferxxx.com/?sl=5272821-288ac&tag=mlClick-ycIso7uk&website=258772

Response headers

date: Mon, 02 Aug 2021 14:45:33 GMT
content-type: text/html
last-modified: Thu, 08 Oct 2020 11:15:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 9819
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RfzVcb9TQ0UerDIH%2FFezmWt2hoLyof12d4xc5SRGbV3tlYfKdQscr%2BeQcf0WPHzDnapMIlFQ5UiNhFF0c3oQJIH7aFeH5M1DJLar3HGdzfo0rQ%2F4ymo8r2csAQMfmXvols19s3%2Fb4gJFSIDQUv809Dz"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67881731fca04e3d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Mon, 02 Aug 2021 14:45:33 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://trk100.zperform.com/l/26998185f560e9f5414c.js?sub=6108050d30082700016312bd&source=503
cf-request-id: 0ba8ecd30f0000dfa5c88a8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOBVgiREIVVZb1AOBd%2B0GXXqNouyn2J1lmJ48vLdrPiOVx9Emd0rTe2QVi1LN%2Bu1I9UyZbe9NOI8LNaY4DTlFHEPF%2FP8KdiKnhN74jCF7blMZgPAIHwgobAc3JbVHkz1Iye7jdMPnhr7%2Bpe3"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67881731ba98dfa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 204 26998185f560e9f5414c.js
trk100.zperform.com/l/ 0
0 41ms
40ms Document
text/plain 2606:4700:3037::6815:6096
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk100.zperform.com/l/26998185f560e9f5414c.js?sub=6108050d30082700016312bd&source=503&code=3dY3VvBDU7OD5BOj9AP0A-Q0kRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3eVm6OnUKlqaZNrajesnKI8PGl4AzQ6NTYHcXELPD49Pg9xiBNESkVGF3mBG0xOTU4flJsjUFVXVieKnpOPLS2RmpUyYzOXoJk4aDmprap0AgJ5cmkHTnd4cXdxLVd9cz8Se4d7eRiMi4.AHIOQjCGHg4.XiiaciSp3mqaWmpuRYGdhZFVejqGnnqqzcyFQVyQ2NjU4RCpidXtEQ0sxiklIPjZYiImGgHOCgGqJlVFYV1xUWl5JUnZ0gXt7XFGenJ.aVn6dnKWqZSBEanVzcms2QEI4OzpBQUdJP0lFNGh3fXmLg0pRUFVNU1cihJomXieMlitjLI5iYjFhYmRkZWY3mW1uPGwwAXVpBTU2NzgJcHENPj8-EHR6dxVFFn2EjxuBfYmRhCCEipAlVldYKJWYki1eXl9gMaWnppw3aGhqa2xtMAFxdmd1ewgIeXxvf4JwEEJBQkZERkZOGH6Qh4oeUVIgk4eJJSWYiYuMK1xcX2NgYWZlM5ejqqc5ObGpqQEBeWpwewc3CGxucg0.P0BBQkNERUVGR0lKSktMTk9QUVJTVFVWV1hZWltcXV1fYGFiY2RlZmdoaWlrbG0xMjM0NTY3ODk6Ozw9Pj5AEHR7iBVGR0hJSktMTU5PUFFSUlRVVVdXWVpbXF0tpaSkMqlhZHCtZZFvkJF3dy90N3JzdHVDgDh3QHt8fX5MiUGIS4tSj0dfZolVdB.LjZCKJYqUVH18Kp2goS9fMJ2TojU1nqOrOmo7qnQCMzQ0Njc4ODo6C4NxD0BBQnRFFHiIjxkZjX6AHlBTIJSShyVXWieMmZwsXS2ckpQyY2M0oqqnOWpv&_tdf=13
Requested by: Host: 1b7543953449448.linodrvs.ru
URL: http://1b7543953449448.linodrvs.ru/6fd273a2/df5e1dc1023b/005044d786cb5d61d3dd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:6096 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: trk100.zperform.com
:scheme: https
:path: /l/26998185f560e9f5414c.js?sub=6108050d30082700016312bd&source=503&code=3dY3VvBDU7OD5BOj9AP0A-Q0kRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3eVm6OnUKlqaZNrajesnKI8PGl4AzQ6NTYHcXELPD49Pg9xiBNESkVGF3mBG0xOTU4flJsjUFVXVieKnpOPLS2RmpUyYzOXoJk4aDmprap0AgJ5cmkHTnd4cXdxLVd9cz8Se4d7eRiMi4.AHIOQjCGHg4.XiiaciSp3mqaWmpuRYGdhZFVejqGnnqqzcyFQVyQ2NjU4RCpidXtEQ0sxiklIPjZYiImGgHOCgGqJlVFYV1xUWl5JUnZ0gXt7XFGenJ.aVn6dnKWqZSBEanVzcms2QEI4OzpBQUdJP0lFNGh3fXmLg0pRUFVNU1cihJomXieMlitjLI5iYjFhYmRkZWY3mW1uPGwwAXVpBTU2NzgJcHENPj8-EHR6dxVFFn2EjxuBfYmRhCCEipAlVldYKJWYki1eXl9gMaWnppw3aGhqa2xtMAFxdmd1ewgIeXxvf4JwEEJBQkZERkZOGH6Qh4oeUVIgk4eJJSWYiYuMK1xcX2NgYWZlM5ejqqc5ObGpqQEBeWpwewc3CGxucg0.P0BBQkNERUVGR0lKSktMTk9QUVJTVFVWV1hZWltcXV1fYGFiY2RlZmdoaWlrbG0xMjM0NTY3ODk6Ozw9Pj5AEHR7iBVGR0hJSktMTU5PUFFSUlRVVVdXWVpbXF0tpaSkMqlhZHCtZZFvkJF3dy90N3JzdHVDgDh3QHt8fX5MiUGIS4tSj0dfZolVdB.LjZCKJYqUVH18Kp2goS9fMJ2TojU1nqOrOmo7qnQCMzQ0Njc4ODo6C4NxD0BBQnRFFHiIjxkZjX6AHlBTIJSShyVXWieMmZwsXS2ckpQyY2M0oqqnOWpv&_tdf=13
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://trk100.zperform.com/l/26998185f560e9f5414c.js?sub=6108050d30082700016312bd&source=503
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://trk100.zperform.com/l/26998185f560e9f5414c.js?sub=6108050d30082700016312bd&source=503

Response headers

date: Mon, 02 Aug 2021 14:45:33 GMT
set-cookie: BSESSID=trk774b543a-4f78-4b02-b6ec-fdc3d8a51fae; Max-Age=63072000; Expires=Wed, 2 Aug 2023 14:45:33 GMT; Path=/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O65%2FIi%2F%2BQfXZ6Uy%2B5Gf4oXC61TChwSyNhuu4NIGzpQFZLEKDWAJz5v4c4DLNJ0bNUlRSnggbFPmBje5TXU%2FHUyvrPCmoRpshmyZTqAuEFdYeM%2B68NNhpM9yuH1oOJL4vSyIAesBa9rLHWQR9fLtS5R8l"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 678817324d584e3d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1b7543953449448.linodrvs.ru
admoustache.go2affise.com
lead-go.com
misctraff.com
numl.org
stats.g.doubleclick.net
trk100.zperform.com
www.bestofferxxx.com
www.google-analytics.com
194.28.87.40
213.227.156.21
213.32.106.141
2606:4700:3035::6815:1ad
2606:4700:3035::6815:4acf
2606:4700:3037::6815:6096
2a00:1450:4001:80f::200e
2a00:1450:4001:828::200e
2a00:1450:400c:c06::9a
46.17.107.46
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a
4a0dd05cafdce90b48c1b89ae4d86f1120a0fdc7a9e929edb1ebe0404f663dad
5b814d4834858aafe40bcbfe779203d0b2d3e3c98834fca6bd476195b42fc4c9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e0729e931f29f453706cb46d8a930701cd6142201c764172cef0860685c0bf6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
cafbebfd8c65624c46ade52808a26b416155a5ada108637514163841f7f1a030
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

trk100.zperform.com Open in urlscan Pro 2606:4700:3037::6815:6096 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

60 %IPv6

9 Domains

9 Subdomains

7 IPs

6 Countries

50 kBTransfer

122 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

Indicators

trk100.zperform.com Open in urlscan Pro
2606:4700:3037::6815:6096 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

60 %
IPv6

9
Domains

9
Subdomains

7
IPs

6
Countries

50 kB
Transfer

122 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions