hkvalidate.perfdrive.com
Open in
urlscan Pro
35.190.62.213
Public Scan
Effective URL: https://hkvalidate.perfdrive.com/cebu/captcha?ssa=debfdf62-f6d1-45ce-ab9b-0da121ccc803&ssb=m6akeglge6l5zz631k304pm6l&ssc=https%3A...
Submission: On June 21 via api from US
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 24th 2019. Valid for: a year.
This is the only time hkvalidate.perfdrive.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 5 | 68.142.68.27 68.142.68.27 | 22822 (LLNW) (LLNW) | |
1 1 | 52.16.90.136 52.16.90.136 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 35.190.62.213 35.190.62.213 | 15169 (GOOGLE) (GOOGLE) | |
1 | 35.241.3.56 35.241.3.56 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:825::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
6 | 4 |
ASN22822 (LLNW, US)
PTR: https-68-142-68-27.any.llnw.net
book.cebupacificair.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-90-136.eu-west-1.compute.amazonaws.com
cebupacificair.queue-it.net |
ASN15169 (GOOGLE, US)
PTR: 213.62.190.35.bc.googleusercontent.com
hkvalidate.perfdrive.com |
ASN15169 (GOOGLE, US)
PTR: 56.3.241.35.bc.googleusercontent.com
captcha.perfdrive.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
cebupacificair.com
5 redirects
book.cebupacificair.com |
3 KB |
3 |
google.com
www.google.com |
535 B |
2 |
perfdrive.com
hkvalidate.perfdrive.com captcha.perfdrive.com |
9 KB |
1 |
gstatic.com
www.gstatic.com |
124 KB |
1 |
queue-it.net
1 redirects
cebupacificair.queue-it.net |
457 B |
6 | 5 |
Domain | Requested by | |
---|---|---|
5 | book.cebupacificair.com | 5 redirects |
3 | www.google.com |
hkvalidate.perfdrive.com
www.gstatic.com |
1 | www.gstatic.com |
www.google.com
|
1 | captcha.perfdrive.com |
hkvalidate.perfdrive.com
|
1 | hkvalidate.perfdrive.com | |
1 | cebupacificair.queue-it.net | 1 redirects |
6 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.perfdrive.com Go Daddy Secure Certificate Authority - G2 |
2019-09-24 - 2020-09-26 |
a year | crt.sh |
www.google.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://hkvalidate.perfdrive.com/cebu/captcha?ssa=debfdf62-f6d1-45ce-ab9b-0da121ccc803&ssb=m6akeglge6l5zz631k304pm6l&ssc=https%3A%2F%2Fbook.cebupacificair.com%2F%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3DTactical_June211_06212020%29%3B&ssd=113208246221559&sse=edama@fbndbna@f&ssf=bf44ae4d273c7381c833c5dbb2083bef79b1f09c&ssg=61a3f7b3-efd6-4ff8-8b7f-5d2b4e94b24e&ssh=bfd0a69e-4eb4-4e8c-a579-51f629636023&ssi=e133bd42-9885-4932-826f-e86be6bdb594&ssj=e1931c4d-6002-4959-ae53-b1c939fd4350&ssk=support@shieldsquare.com&ssl=268514497435&ssm=12879970194359627223287054143065&ssn=9b875cd6eaeded02a919c3a09573e8ac6da80c3c9b20-4b6d-40fb-a1d560&sso=83a8c96b-2d5a919512a946058e99ebb5a4012335cd4ef9464b03283f&ssp=79992696961592744467159274240175522&ssq=45296640889644009531108894055932033045801&ssr=ODIuMTAyLjE5LjEzNg==&sss=Mozilla/4.0%20(compatible;%20MSIE%208.0;%20Windows%20NT%206.1)%20Gecko/20100101%20Firefox/39.0&sst=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&ssu=Mozilla/4.0%20(Windows%20NT%205.1)%20AppleWebKit/535.7%20(KHTML,like%20zeco)%20Chrome/33.0.1750.154%20Safari/536.7&ssv=14qup@33oup@lvs&ssw=&ssx=149476372331031&ssy=gcg@okgkkgelmoeacipnbcjdekdfmkbpeoghamng&ssz=324813134360534
Frame ID: 99746789BB0212998E3EFAB9B0973997
Requests: 4 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeH3loUAAAAAI_m15sXabjr8-Iqj2yI3F3JeK8X&co=aHR0cHM6Ly9oa3ZhbGlkYXRlLnBlcmZkcml2ZS5jb206NDQz&hl=en&v=oqtdXEs9TE9ZUAIhXNz5JBt_&size=normal&cb=23x0nhm6mfww
Frame ID: 33412B9CB7DEDE24B237F694114D2A9A
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=oqtdXEs9TE9ZUAIhXNz5JBt_&k=6LeH3loUAAAAAI_m15sXabjr8-Iqj2yI3F3JeK8X&cb=xtx5y5i9u1zv
Frame ID: 13790B6C33DEB7D2A4DEF407F14FC012
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://book.cebupacificair.com/?utm_source=email&utm_medium=email&utm_campaign=Tactical_June211_06212020);
HTTP 302
https://book.cebupacificair.com/Flight/QueueItRedirect HTTP 302
https://cebupacificair.queue-it.net/?c=cebupacificair&e=june2020&ver=v3-aspnet-3.5.1&cver=97&t=https%3a%2f%2fboo... HTTP 302
https://book.cebupacificair.com/?utm_source=email&utm_medium=email&utm_campaign=Tactical_June211_06212020);&... HTTP 302
https://book.cebupacificair.com/Flight/QueueItRedirect HTTP 302
https://book.cebupacificair.com/?utm_source=email&utm_medium=email&utm_campaign=Tactical_June211_06212020); HTTP 302
https://hkvalidate.perfdrive.com/cebu/captcha?ssa=debfdf62-f6d1-45ce-ab9b-0da121ccc803&ssb=m6akeglge6l5zz631k... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- headers server /php\/?([\d.]+)?/i
CentOS (Operating Systems) Expand
Detected patterns
- headers server /CentOS/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Google Cloud (CDN) Expand
Detected patterns
- headers via /^1\.1 google$/i
reCAPTCHA (Captchas) Expand
Detected patterns
- html /<div[^>]+class="g-recaptcha"/i
- script /\/recaptcha\/api\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://book.cebupacificair.com/?utm_source=email&utm_medium=email&utm_campaign=Tactical_June211_06212020);
HTTP 302
https://book.cebupacificair.com/Flight/QueueItRedirect HTTP 302
https://cebupacificair.queue-it.net/?c=cebupacificair&e=june2020&ver=v3-aspnet-3.5.1&cver=97&t=https%3a%2f%2fbook.cebupacificair.com%2f%3futm_source%3demail%26utm_medium%3demail%26utm_campaign%3dTactical_June211_06212020)%3b HTTP 302
https://book.cebupacificair.com/?utm_source=email&utm_medium=email&utm_campaign=Tactical_June211_06212020);&queueittoken=e_june2020~q_00000000-0000-0000-0000-000000000000~ts_1592709075~ce_false~cv_3~rt_idle~h_31d60bedc68dab12967287cb2fb8c414333f376490b1c05c17e6d5a441a811f6 HTTP 302
https://book.cebupacificair.com/Flight/QueueItRedirect HTTP 302
https://book.cebupacificair.com/?utm_source=email&utm_medium=email&utm_campaign=Tactical_June211_06212020); HTTP 302
https://hkvalidate.perfdrive.com/cebu/captcha?ssa=debfdf62-f6d1-45ce-ab9b-0da121ccc803&ssb=m6akeglge6l5zz631k304pm6l&ssc=https%3A%2F%2Fbook.cebupacificair.com%2F%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3DTactical_June211_06212020%29%3B&ssd=113208246221559&sse=edama@fbndbna@f&ssf=bf44ae4d273c7381c833c5dbb2083bef79b1f09c&ssg=61a3f7b3-efd6-4ff8-8b7f-5d2b4e94b24e&ssh=bfd0a69e-4eb4-4e8c-a579-51f629636023&ssi=e133bd42-9885-4932-826f-e86be6bdb594&ssj=e1931c4d-6002-4959-ae53-b1c939fd4350&ssk=support@shieldsquare.com&ssl=268514497435&ssm=12879970194359627223287054143065&ssn=9b875cd6eaeded02a919c3a09573e8ac6da80c3c9b20-4b6d-40fb-a1d560&sso=83a8c96b-2d5a919512a946058e99ebb5a4012335cd4ef9464b03283f&ssp=79992696961592744467159274240175522&ssq=45296640889644009531108894055932033045801&ssr=ODIuMTAyLjE5LjEzNg==&sss=Mozilla/4.0%20(compatible;%20MSIE%208.0;%20Windows%20NT%206.1)%20Gecko/20100101%20Firefox/39.0&sst=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&ssu=Mozilla/4.0%20(Windows%20NT%205.1)%20AppleWebKit/535.7%20(KHTML,like%20zeco)%20Chrome/33.0.1750.154%20Safari/536.7&ssv=14qup@33oup@lvs&ssw=&ssx=149476372331031&ssy=gcg@okgkkgelmoeacipnbcjdekdfmkbpeoghamng&ssz=324813134360534 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
captcha
hkvalidate.perfdrive.com/cebu/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cebu-logo.png
captcha.perfdrive.com/captcha-public/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
674 B 535 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/oqtdXEs9TE9ZUAIhXNz5JBt_/ |
316 KB 124 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 3341 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bframe
www.google.com/recaptcha/api2/ Frame 1379 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha object| closure_lm_7934745 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
hkvalidate.perfdrive.com/ | Name: __uzmd Value: 1592708896 |
|
hkvalidate.perfdrive.com/ | Name: __uzmb Value: 1592708894 |
|
hkvalidate.perfdrive.com/ | Name: __uzmc Value: 611922273374 |
|
hkvalidate.perfdrive.com/ | Name: __uzma Value: 0c3c9b20-4b6d-40fb-a96b-2d5a919512a9 |
|
hkvalidate.perfdrive.com/ | Name: PHPSESSID Value: ibr6p73dhcglo93ockic1i2et3 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
book.cebupacificair.com
captcha.perfdrive.com
cebupacificair.queue-it.net
hkvalidate.perfdrive.com
www.google.com
www.gstatic.com
2a00:1450:4001:80b::2003
2a00:1450:4001:825::2004
35.190.62.213
35.241.3.56
52.16.90.136
68.142.68.27
1262f412b65c8556101d256ab8b47e8e3d958826d190b3d2613b5bc3ebf8c2e2
50ab81dd4e5f9db8cbdd843fcbb7c2d6fc8e0643deaf8bc04b1fc851c546a57f
aba70a0d464cf01eb9e2a70845c3b5f70a473246f0418baed644f78f1e457f38
fd0d58e6f57b2a789f6ae1ab3251935a5e61ce010894f6db285bdf93a2037568