urlscan.io logo urlscan.io
SecurityTrails logo

validate.perfdrive.com Open in urlscan Pro
35.190.62.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://allo.ua/
Effective URL: http://validate.perfdrive.com/2597d12be36a26501c63e1f4fe6b45f5/?ssa=686d27b3-426d-48cb-86ed-5e82752892c5&ssb=48341248600&ssc=h...
Submission: On March 22 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 5 domains to perform 16 HTTP transactions. The main IP is 35.190.62.213, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is validate.perfdrive.com. The Cisco Umbrella rank of the primary domain is 70733.
This is the only time validate.perfdrive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 195.13.253.228 12578 (APOLLO-AS...)
1 35.190.62.213 15169 (GOOGLE)
1 35.241.3.56 15169 (GOOGLE)
8 104.16.168.131 13335 (CLOUDFLAR...)
1 130.211.29.114 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 35.241.15.240 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 8
2    195.13.253.228 (Riga, Latvia)

ASN12578 (APOLLO-AS Latvia, LV)
PTR: srv17.allo.ua
allo.ua
1    35.190.62.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.62.190.35.bc.googleusercontent.com
validate.perfdrive.com
1    35.241.3.56 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 56.3.241.35.bc.googleusercontent.com
captcha.perfdrive.com
8    104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
1    130.211.29.114 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 8035
newassets.hcaptcha.com — Cisco Umbrella Rank: 10652
479 KB
6 perfdrive.com
validate.perfdrive.com — Cisco Umbrella Rank: 70733
captcha.perfdrive.com — Cisco Umbrella Rank: 128039
cdn.perfdrive.com — Cisco Umbrella Rank: 18603
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 8033
18 KB
2 allo.ua
allo.ua — Cisco Umbrella Rank: 422865
1 KB
1 gstatic.com
fonts.gstatic.com
24 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
858 B
16 5
Domain Requested by
5 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
3 cas.avalon.perfdrive.com cdn.perfdrive.com
3 hcaptcha.com validate.perfdrive.com
newassets.hcaptcha.com
2 allo.ua 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com captcha.perfdrive.com
1 cdn.perfdrive.com validate.perfdrive.com
1 captcha.perfdrive.com validate.perfdrive.com
1 validate.perfdrive.com
16 9

This site contains no links.

Subject Issuer Validity Valid
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2021-08-31 -
2022-09-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2021-08-04 -
2022-08-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://validate.perfdrive.com/2597d12be36a26501c63e1f4fe6b45f5/?ssa=686d27b3-426d-48cb-86ed-5e82752892c5&ssb=48341248600&ssc=https%3A%2F%2Fallo.ua%2F&ssi=6bc4790c-bjpv-4a25-ade9-fdceb210f468&ssk=support@shieldsquare.com&ssm=33893580848155191100602510781757&ssn=478b855992b0cf4977e6e70acc444f0f280bdc2f597c-8c0f-4c56-bf65fc&sso=69f23076-d6b0e2132bf1ce6a0f4e9cbe0c5a4793e4e11e6ddca45cf1&ssp=49362898991647973084164795257734479&ssq=68010041496277826269414962835355900577073&ssr=NS4xODcuMjEuMTA2&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&ssv=&ssw=
Frame ID: 4A68228A14C1542E914B36CE3F361055
Requests: 9 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/597d171/static/hcaptcha-challenge.html
Frame ID: 5ECB04C24803E9614C331BCA1B092F45
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/597d171/static/hcaptcha-checkbox.html
Frame ID: 36301212178FC9B0E366D41A51DD44E9
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ShieldSquare Captcha

Page URL History Show full URLs

  1. http://allo.ua/ HTTP 301
    https://allo.ua/ HTTP 302
    http://validate.perfdrive.com/2597d12be36a26501c63e1f4fe6b45f5/?ssa=686d27b3-426d-48cb-86ed-5e82752892c5&s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

16
Requests

94 %
HTTPS

25 %
IPv6

5
Domains

9
Subdomains

8
IPs

4
Countries

521 kB
Transfer

1417 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://allo.ua/ HTTP 301
    https://allo.ua/ HTTP 302
    http://validate.perfdrive.com/2597d12be36a26501c63e1f4fe6b45f5/?ssa=686d27b3-426d-48cb-86ed-5e82752892c5&ssb=48341248600&ssc=https%3A%2F%2Fallo.ua%2F&ssi=6bc4790c-bjpv-4a25-ade9-fdceb210f468&ssk=support@shieldsquare.com&ssm=33893580848155191100602510781757&ssn=478b855992b0cf4977e6e70acc444f0f280bdc2f597c-8c0f-4c56-bf65fc&sso=69f23076-d6b0e2132bf1ce6a0f4e9cbe0c5a4793e4e11e6ddca45cf1&ssp=49362898991647973084164795257734479&ssq=68010041496277826269414962835355900577073&ssr=NS4xODcuMjEuMTA2&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&ssv=&ssw= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
validate.perfdrive.com/2597d12be36a26501c63e1f4fe6b45f5/
Redirect Chain
  • http://allo.ua/
  • https://allo.ua/
  • http://validate.perfdrive.com/2597d12be36a26501c63e1f4fe6b45f5/?ssa=686d27b3-426d-48cb-86ed-5e82752892c5&ssb=48341248600&ssc=https%3A%2F%2Fallo.ua%2F&ssi=6bc4790c-bjpv-4a25-ade9-fdceb210f468&ssk=su...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://validate.perfdrive.com/2597d12be36a26501c63e1f4fe6b45f5/?ssa=686d27b3-426d-48cb-86ed-5e82752892c5&ssb=48341248600&ssc=https%3A%2F%2Fallo.ua%2F&ssi=6bc4790c-bjpv-4a25-ade9-fdceb210f468&ssk=support@shieldsquare.com&ssm=33893580848155191100602510781757&ssn=478b855992b0cf4977e6e70acc444f0f280bdc2f597c-8c0f-4c56-bf65fc&sso=69f23076-d6b0e2132bf1ce6a0f4e9cbe0c5a4793e4e11e6ddca45cf1&ssp=49362898991647973084164795257734479&ssq=68010041496277826269414962835355900577073&ssr=NS4xODcuMjEuMTA2&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&ssv=&ssw=
Protocol
HTTP/1.1
Server
35.190.62.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.62.190.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
6bf25f322a79c66fb7a9d64f4b51c2cb3432ccaf582d62c01a089b20030e8608

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Date
Tue, 22 Mar 2022 02:09:22 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1278
Content-Type
text/html; charset=UTF-8
Via
1.1 google

Redirect headers

server
nginx
date
Tue, 22 Mar 2022 02:09:22 GMT
content-type
text/html
location
http://validate.perfdrive.com/2597d12be36a26501c63e1f4fe6b45f5/?ssa=686d27b3-426d-48cb-86ed-5e82752892c5&ssb=48341248600&ssc=https%3A%2F%2Fallo.ua%2F&ssi=6bc4790c-bjpv-4a25-ade9-fdceb210f468&ssk=support@shieldsquare.com&ssm=33893580848155191100602510781757&ssn=478b855992b0cf4977e6e70acc444f0f280bdc2f597c-8c0f-4c56-bf65fc&sso=69f23076-d6b0e2132bf1ce6a0f4e9cbe0c5a4793e4e11e6ddca45cf1&ssp=49362898991647973084164795257734479&ssq=68010041496277826269414962835355900577073&ssr=NS4xODcuMjEuMTA2&sst=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36&ssv=&ssw=
shieldsquare_styles.min.css
captcha.perfdrive.com/captcha-public/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://captcha.perfdrive.com/captcha-public/css/shieldsquare_styles.min.css
Requested by
Host: validate.perfdrive.com
URL: http://validate.perfdrive.com/2597d12be36a26501c63e1f4fe6b45f5/?ssa=686d27b3-426d-48cb-86ed-5e82752892c5&ssb=48341248600&ssc=https%3A%2F%2Fallo.ua%2F&ssi=6bc4790c-bjpv-4a25-ade9-fdceb210f468&ssk=support@shieldsquare.com&ssm=33893580848155191100602510781757&ssn=478b855992b0cf4977e6e70acc444f0f280bdc2f597c-8c0f-4c56-bf65fc&sso=69f23076-d6b0e2132bf1ce6a0f4e9cbe0c5a4793e4e11e6ddca45cf1&ssp=49362898991647973084164795257734479&ssq=68010041496277826269414962835355900577073&ssr=NS4xODcuMjEuMTA2&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&ssv=&ssw=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.3.56 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
56.3.241.35.bc.googleusercontent.com
Software
nginx/1.15.12 /
Resource Hash
2fcdc3b4f2aed79bbe5b2bb0b20ee2054efde2b66244387b69c6ca030635de31

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://validate.perfdrive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 02:03:23 GMT
via
1.1 google
last-modified
Mon, 07 Dec 2020 12:15:34 GMT
server
nginx/1.15.12
age
360
etag
"5fce1ce6-5e7"
content-type
text/css
cache-control
max-age=10800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1511
api.js
hcaptcha.com/1/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js
Requested by
Host: validate.perfdrive.com
URL: http://validate.perfdrive.com/2597d12be36a26501c63e1f4fe6b45f5/?ssa=686d27b3-426d-48cb-86ed-5e82752892c5&ssb=48341248600&ssc=https%3A%2F%2Fallo.ua%2F&ssi=6bc4790c-bjpv-4a25-ade9-fdceb210f468&ssk=support@shieldsquare.com&ssm=33893580848155191100602510781757&ssn=478b855992b0cf4977e6e70acc444f0f280bdc2f597c-8c0f-4c56-bf65fc&sso=69f23076-d6b0e2132bf1ce6a0f4e9cbe0c5a4793e4e11e6ddca45cf1&ssp=49362898991647973084164795257734479&ssq=68010041496277826269414962835355900577073&ssr=NS4xODcuMjEuMTA2&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&ssv=&ssw=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76dccc5e03a731dab284096da84573a3ee34adc293fc1c2d917bc06d288f6eeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://validate.perfdrive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 02:09:23 GMT
via
1.1 c499c5bd7a2c5201de6b25f3c79376f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 21 Mar 2022 08:11:07 GMT
server
cloudflare
etag
W/"c3881699d68d0d975d9b764a0de49d89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-pop
LHR50-C1
cf-ray
6efb62879d0bf3df-LHR
x-amz-cf-id
s6Vd-nLr1PTNmC4ebxFvEuhQKdFRp9avQ5JAyK2Pu03La7n4ymkpnA==
aperture.js
cdn.perfdrive.com/aperture/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: validate.perfdrive.com
URL: http://validate.perfdrive.com/2597d12be36a26501c63e1f4fe6b45f5/?ssa=686d27b3-426d-48cb-86ed-5e82752892c5&ssb=48341248600&ssc=https%3A%2F%2Fallo.ua%2F&ssi=6bc4790c-bjpv-4a25-ade9-fdceb210f468&ssk=support@shieldsquare.com&ssm=33893580848155191100602510781757&ssn=478b855992b0cf4977e6e70acc444f0f280bdc2f597c-8c0f-4c56-bf65fc&sso=69f23076-d6b0e2132bf1ce6a0f4e9cbe0c5a4793e4e11e6ddca45cf1&ssp=49362898991647973084164795257734479&ssq=68010041496277826269414962835355900577073&ssr=NS4xODcuMjEuMTA2&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&ssv=&ssw=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
1ef89c6057c63e1fd2bda3054817b95cb244d353dc1dafd2736e0ad49ca97924

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://validate.perfdrive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 01:41:42 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 12:48:01 GMT
server
nginx/1.10.1
age
1661
etag
W/"616ebe81-ae3a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13453
via
1.1 google
css
fonts.googleapis.com/ 		664 B
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: captcha.perfdrive.com
URL: https://captcha.perfdrive.com/captcha-public/css/shieldsquare_styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://captcha.perfdrive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 01:26:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 22 Mar 2022 02:09:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Mar 2022 02:09:23 GMT
jsdata
cas.avalon.perfdrive.com/ 		151 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
b7d1a012b877c72b25a4cbbf997e81ea424cc815faa0f4b5a64d7059eccfed34

Request headers

Referer
http://validate.perfdrive.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Tue, 22 Mar 2022 02:09:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		151 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
a8e2e0de3026b347fea9c9428eb0c5eb1a72a87c501361b6edeb82e71f2c3bc7

Request headers

Referer
http://validate.perfdrive.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Tue, 22 Mar 2022 02:09:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		151 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
aa86d812abde6dd5999a8678ee4e8ef74ad44349ddfb150444346e28fb498956

Request headers

Referer
http://validate.perfdrive.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
24ms
date
Tue, 22 Mar 2022 02:09:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
content-type
text/plain; charset=UTF-8
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://validate.perfdrive.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:55 GMT
x-content-type-options
nosniff
age
455908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:55 GMT
hcaptcha-challenge.html
newassets.hcaptcha.com/captcha/v1/597d171/static/ Frame 5ECB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/597d171/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f6db444c9e466fc2a2dd53da01a34dd4b7886a668fdf1382979964c497fd388
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://validate.perfdrive.com/

Response headers

date
Tue, 22 Mar 2022 02:09:23 GMT
content-type
text/html
last-modified
Mon, 21 Mar 2022 08:11:07 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 52e28d5e88c0c05ef6f40e101df14caa.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-C1
x-amz-cf-id
zko4MRzLgfMLW7KEatWLuu2KJYRVVBj_84MZEYXpfOalRtQx6AXpNw==
age
63232
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6efb6288ddbdf3df-LHR
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hcaptcha-checkbox.html
newassets.hcaptcha.com/captcha/v1/597d171/static/ Frame 3630 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/597d171/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca318021fc004d6de091797432643e9ef9d6e9f842ece472b33d4f43742a4b81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://validate.perfdrive.com/

Response headers

date
Tue, 22 Mar 2022 02:09:23 GMT
content-type
text/html
last-modified
Mon, 21 Mar 2022 08:11:07 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 3bc52f7e0135d4a9f867e6a9ee5796b0.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-C1
x-amz-cf-id
8SiOcTqL1AJMGYqRwkIWUMh5f7YTKS4BMzc0UWbVjFRoO2IUQzp7DA==
age
63232
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6efb6288ddbef3df-LHR
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/597d171/ Frame 5ECB 		206 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/597d171/hcaptcha-challenge.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/597d171/static/hcaptcha-challenge.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
288719c9d8fadfe10e423abb0546fff9b9062f97ea50064f1cc759a762db7735
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/597d171/static/hcaptcha-challenge.html
Origin
https://newassets.hcaptcha.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 02:09:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
63233
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60538
access-control-allow-origin
*
last-modified
Mon, 21 Mar 2022 08:11:07 GMT
server
cloudflare
etag
"4b6a173b326fee7ed8737bd9a6f78f3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 68126347056de2d05be3dd362ccba986.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
LHR50-C1
accept-ranges
bytes
cf-ray
6efb62893de6f3df-LHR
x-amz-cf-id
mijNwNP1d-4Js5OmAHQgmo4vwg7ROn-VSipTO9VSheP67uPMnnRU1w==
hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/597d171/ Frame 3630 		134 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/597d171/hcaptcha-checkbox.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/597d171/static/hcaptcha-checkbox.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6a588a8a0be4466d014503c204e22df32549d83dfc99cc17141fc7c6a8c663
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/597d171/static/hcaptcha-checkbox.html
Origin
https://newassets.hcaptcha.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 02:09:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
63233
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43673
access-control-allow-origin
*
last-modified
Mon, 21 Mar 2022 08:11:07 GMT
server
cloudflare
etag
"14e71797e5aea30397f0cb41b1b7642b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 3bc52f7e0135d4a9f867e6a9ee5796b0.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
LHR50-C1
accept-ranges
bytes
cf-ray
6efb62893de8f3df-LHR
x-amz-cf-id
Dtk9azphCQLWOGJhggmE3a9hM3L6vp-1vANrfBMml-NL3gcGm0pQtQ==
truncated
/ Frame 3630 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 3630 		522 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=597d171&host=validate.perfdrive.com&sitekey=ae73173b-7003-44e0-bc87-654d0dab8b75&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/597d171/hcaptcha-checkbox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c474fd2ba851798ed2e4cfe79d86171fb198c24d45b319e2ff9ec26a81a7fd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Cache-Control
no-cache
Referer
https://newassets.hcaptcha.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 22 Mar 2022 02:09:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6efb628a0f3e7413-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
checksiteconfig
hcaptcha.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=597d171&host=validate.perfdrive.com&sitekey=ae73173b-7003-44e0-bc87-654d0dab8b75&sc=1&swa=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,content-type
Origin
https://newassets.hcaptcha.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 22 Mar 2022 02:09:23 GMT
content-length
0
access-control-allow-origin
https://newassets.hcaptcha.com
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6efb6289df6a7707-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hsw.js
newassets.hcaptcha.com/c/eff21969/ Frame 5ECB 		919 KB
347 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/eff21969/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/597d171/hcaptcha-challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/597d171/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 02:09:23 GMT
via
1.1 41d0ebcbc3faecee108d3cf72e708158.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
46366
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 18 Mar 2022 12:45:34 GMT
server
cloudflare
etag
W/"777d618166357c7ea8c00b987c3ad278"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
LHR62-C5
cf-ray
6efb628a6f667413-LHR
x-amz-cf-id
eNPfyy4SZC-r8YL53iZP0YgNH4YsGYsZluNDGb1GVpLocQhSs8S5pw==

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored string| __uzdbm_1 string| __uzdbm_2 number| SSJSInternal object| SSJSConnectorObj object| ssTimeLogs object| BrowserStyle string| j function| ssJSActionTaker function| ssJSConnWriteCookies number| __sstemp object| ssEventCollectorFunctions string| eventName object| hcaptcha object| grecaptcha

18 Cookies

Domain/Path Name / Value
allo.ua/ Name: __uzma
Value: dc2f597c-8c0f-4c56-b076-d6b0e2132bf1
allo.ua/ Name: __uzmb
Value: 1647914962
allo.ua/ Name: __uzmc
Value: 295671053768
allo.ua/ Name: __uzmd
Value: 1647914962
allo.ua/ Name: __uzme
Value: 1582
.allo.ua/ Name: is_bot
Value: 0
.allo.ua/ Name: detect_mobile_type
Value: 0
validate.perfdrive.com/ Name: PHPSESSID
Value: t3navmri02c13egkoph1v9krq4
validate.perfdrive.com/ Name: __uzma
Value: dc2f597c-8c0f-4c56-b076-d6b0e2132bf1
validate.perfdrive.com/ Name: __uzmb
Value: 1647914962
validate.perfdrive.com/ Name: __uzmc
Value: 776021018079
validate.perfdrive.com/ Name: __uzmd
Value: 1647914962
.perfdrive.com/ Name: __ssds
Value: 2
.perfdrive.com/ Name: __ssuzjsr2
Value: a9be0cd8e
.perfdrive.com/ Name: __uzmaj2
Value: 8c5ac2a4-212d-442f-b92b-d421fc40ed20
.perfdrive.com/ Name: __uzmbj2
Value: 1647914963
.perfdrive.com/ Name: __uzmcj2
Value: 911291014066
.perfdrive.com/ Name: __uzmdj2
Value: 1647914963

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allo.ua
captcha.perfdrive.com
cas.avalon.perfdrive.com
cdn.perfdrive.com
fonts.googleapis.com
fonts.gstatic.com
hcaptcha.com
newassets.hcaptcha.com
validate.perfdrive.com
104.16.168.131
130.211.29.114
195.13.253.228
2a00:1450:4001:812::2003
2a00:1450:4001:830::200a
35.190.62.213
35.241.15.240
35.241.3.56
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
1ef89c6057c63e1fd2bda3054817b95cb244d353dc1dafd2736e0ad49ca97924
288719c9d8fadfe10e423abb0546fff9b9062f97ea50064f1cc759a762db7735
2f6db444c9e466fc2a2dd53da01a34dd4b7886a668fdf1382979964c497fd388
2fcdc3b4f2aed79bbe5b2bb0b20ee2054efde2b66244387b69c6ca030635de31
3c474fd2ba851798ed2e4cfe79d86171fb198c24d45b319e2ff9ec26a81a7fd7
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
6bf25f322a79c66fb7a9d64f4b51c2cb3432ccaf582d62c01a089b20030e8608
76dccc5e03a731dab284096da84573a3ee34adc293fc1c2d917bc06d288f6eeb
7d6a588a8a0be4466d014503c204e22df32549d83dfc99cc17141fc7c6a8c663
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a8e2e0de3026b347fea9c9428eb0c5eb1a72a87c501361b6edeb82e71f2c3bc7
aa86d812abde6dd5999a8678ee4e8ef74ad44349ddfb150444346e28fb498956
b7d1a012b877c72b25a4cbbf997e81ea424cc815faa0f4b5a64d7059eccfed34
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
ca318021fc004d6de091797432643e9ef9d6e9f842ece472b33d4f43742a4b81