Submitted URL: https://news.manutan.fr/optiext/optiextension.dll?ID=YqrYuLKVU3hUc8gVwxZMZ2eevRhj3ciSfSKeNmn%2BLlcHXkbc77NsRHyzLd7A3ewUH...
Effective URL: https://validate.perfdrive.com/777531289350272ce9c275d6de61c70c/?ssa=9737a10d-2142-455f-b0dd-ad1fccb69d40&ssb=49862260920&ssc=h...
Submission: On June 30 via api from IE — Scanned from FR

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 35.190.62.213, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is validate.perfdrive.com. The Cisco Umbrella rank of the primary domain is 44561.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 31st 2021. Valid for: a year.
This is the only time validate.perfdrive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 143.204.89.101 16509 (AMAZON-02)
1 35.190.62.213 15169 (GOOGLE)
3 13.32.123.42 16509 (AMAZON-02)
8 104.16.169.131 13335 (CLOUDFLAR...)
1 130.211.29.114 15169 (GOOGLE)
3 35.241.15.240 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
21 7
Apex Domain
Subdomains
Transfer
8 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 7523
newassets.hcaptcha.com — Cisco Umbrella Rank: 11448
657 KB
5 gstatic.com
fonts.gstatic.com
92 KB
5 perfdrive.com
validate.perfdrive.com — Cisco Umbrella Rank: 44561
cdn.perfdrive.com — Cisco Umbrella Rank: 17664
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 8350
16 KB
3 manutan.co.uk
www.manutan.co.uk — Cisco Umbrella Rank: 362744
20 KB
2 manutan.fr
news.manutan.fr
www.manutan.fr — Cisco Umbrella Rank: 269430
3 KB
21 5
Domain Requested by
6 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
5 fonts.gstatic.com www.manutan.co.uk
3 cas.avalon.perfdrive.com cdn.perfdrive.com
3 www.manutan.co.uk validate.perfdrive.com
www.manutan.co.uk
2 hcaptcha.com validate.perfdrive.com
newassets.hcaptcha.com
1 cdn.perfdrive.com validate.perfdrive.com
1 validate.perfdrive.com
1 www.manutan.fr 1 redirects
1 news.manutan.fr 1 redirects
21 9

This site contains no links.

Subject Issuer Validity Valid
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2
2021-08-31 -
2022-09-26
a year crt.sh
www.manutan.co.uk
R3
2022-06-29 -
2022-09-27
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-15 -
2023-05-15
a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2
2021-08-04 -
2022-08-05
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh

This page contains 3 frames:

Primary Page: https://validate.perfdrive.com/777531289350272ce9c275d6de61c70c/?ssa=9737a10d-2142-455f-b0dd-ad1fccb69d40&ssb=49862260920&ssc=https%3A%2F%2Fwww.manutan.fr%2Fblog%3Futm_source%3DSIM%26utm_medium%3Demail%26utm_campaign%3Doffice-staging2022%26utm_content%3DFR_20220630_NL_Office-staging-entrepot%26utm_term%3D_%26m_i%3DvHKtYi6a294cuwBk2WaVxLfr%252BBh7ts7Pn4hmegq_rvLcdDe0raT%252B8NcaQRuBxrmh3wrfoKz5TdRDdadohXrJrYTsWgNsVxfvva&ssi=a0e0c373-bhgj-4f6e-bbec-4af87de8c647&ssk=support@shieldsquare.com&ssm=78061901485791263102689756548574&ssn=11a080cdefe474fe20e469c8e08e4232cbaeb7e68427-c015-4fde-98f286&sso=8190278f-bca004e721f14fce0acc9a8ba36bfa66556b9608f13a4295&ssp=31387895511656518908165652717159788&ssq=39146868224663893876882246714145807073163&ssr=MTc4LjMzLjE0NC4xNzk=&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ssv=&ssw=&ssx=W10=
Frame ID: 3DD5B24C928737227778B486F48A0D1D
Requests: 14 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
Frame ID: 5F8A7458338E1DCD7A9B8C9906955011
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
Frame ID: 38261AD29260DD205AC5FC7BE3C01098
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

ShieldSquare Captcha

Page URL History Show full URLs

  1. https://news.manutan.fr/optiext/optiextension.dll?ID=YqrYuLKVU3hUc8gVwxZMZ2eevRhj3ciSfSKeNmn%2BLlcHX... HTTP 302
    https://www.manutan.fr/blog?utm_source=SIM&utm_medium=email&utm_campaign=office-staging2022&utm_con... HTTP 302
    https://validate.perfdrive.com/777531289350272ce9c275d6de61c70c/?ssa=9737a10d-2142-455f-b0dd-ad1fccb69d40&s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:a|link|script)[^>]*(?:href|src)=".*(?:/wcsstore/|webapp\/wcs)

Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

21
Requests

100 %
HTTPS

25 %
IPv6

5
Domains

9
Subdomains

7
IPs

3
Countries

786 kB
Transfer

2028 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://news.manutan.fr/optiext/optiextension.dll?ID=YqrYuLKVU3hUc8gVwxZMZ2eevRhj3ciSfSKeNmn%2BLlcHXkbc77NsRHyzLd7A3ewUHYMqnTc9%2Bttgf5rKG9fbreft9ahQV HTTP 302
    https://www.manutan.fr/blog?utm_source=SIM&utm_medium=email&utm_campaign=office-staging2022&utm_content=FR_20220630_NL_Office-staging-entrepot&utm_term=_&m_i=vHKtYi6a294cuwBk2WaVxLfr%2BBh7ts7Pn4hmegq_rvLcdDe0raT%2B8NcaQRuBxrmh3wrfoKz5TdRDdadohXrJrYTsWgNsVxfvva HTTP 302
    https://validate.perfdrive.com/777531289350272ce9c275d6de61c70c/?ssa=9737a10d-2142-455f-b0dd-ad1fccb69d40&ssb=49862260920&ssc=https%3A%2F%2Fwww.manutan.fr%2Fblog%3Futm_source%3DSIM%26utm_medium%3Demail%26utm_campaign%3Doffice-staging2022%26utm_content%3DFR_20220630_NL_Office-staging-entrepot%26utm_term%3D_%26m_i%3DvHKtYi6a294cuwBk2WaVxLfr%252BBh7ts7Pn4hmegq_rvLcdDe0raT%252B8NcaQRuBxrmh3wrfoKz5TdRDdadohXrJrYTsWgNsVxfvva&ssi=a0e0c373-bhgj-4f6e-bbec-4af87de8c647&ssk=support@shieldsquare.com&ssm=78061901485791263102689756548574&ssn=11a080cdefe474fe20e469c8e08e4232cbaeb7e68427-c015-4fde-98f286&sso=8190278f-bca004e721f14fce0acc9a8ba36bfa66556b9608f13a4295&ssp=31387895511656518908165652717159788&ssq=39146868224663893876882246714145807073163&ssr=MTc4LjMzLjE0NC4xNzk=&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ssv=&ssw=&ssx=W10= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
validate.perfdrive.com/777531289350272ce9c275d6de61c70c/
Redirect Chain
  • https://news.manutan.fr/optiext/optiextension.dll?ID=YqrYuLKVU3hUc8gVwxZMZ2eevRhj3ciSfSKeNmn%2BLlcHXkbc77NsRHyzLd7A3ewUHYMqnTc9%2Bttgf5rKG9fbreft9ahQV
  • https://www.manutan.fr/blog?utm_source=SIM&utm_medium=email&utm_campaign=office-staging2022&utm_content=FR_20220630_NL_Office-staging-entrepot&utm_term=_&m_i=vHKtYi6a294cuwBk2WaVxLfr%2BBh7ts7Pn4hme...
  • https://validate.perfdrive.com/777531289350272ce9c275d6de61c70c/?ssa=9737a10d-2142-455f-b0dd-ad1fccb69d40&ssb=49862260920&ssc=https%3A%2F%2Fwww.manutan.fr%2Fblog%3Futm_source%3DSIM%26utm_medium%3De...
3 KB
2 KB
Document
General
Full URL
https://validate.perfdrive.com/777531289350272ce9c275d6de61c70c/?ssa=9737a10d-2142-455f-b0dd-ad1fccb69d40&ssb=49862260920&ssc=https%3A%2F%2Fwww.manutan.fr%2Fblog%3Futm_source%3DSIM%26utm_medium%3Demail%26utm_campaign%3Doffice-staging2022%26utm_content%3DFR_20220630_NL_Office-staging-entrepot%26utm_term%3D_%26m_i%3DvHKtYi6a294cuwBk2WaVxLfr%252BBh7ts7Pn4hmegq_rvLcdDe0raT%252B8NcaQRuBxrmh3wrfoKz5TdRDdadohXrJrYTsWgNsVxfvva&ssi=a0e0c373-bhgj-4f6e-bbec-4af87de8c647&ssk=support@shieldsquare.com&ssm=78061901485791263102689756548574&ssn=11a080cdefe474fe20e469c8e08e4232cbaeb7e68427-c015-4fde-98f286&sso=8190278f-bca004e721f14fce0acc9a8ba36bfa66556b9608f13a4295&ssp=31387895511656518908165652717159788&ssq=39146868224663893876882246714145807073163&ssr=MTc4LjMzLjE0NC4xNzk=&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ssv=&ssw=&ssx=W10=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.62.190.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
c7a8a5ff4e55f59c5f7bb5b03d62fdc15021a27161d025eba0a5d1f4ff57164d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
1430
content-type
text/html; charset=UTF-8
date
Thu, 30 Jun 2022 09:44:07 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache="Set-Cookie"
content-type
text/html
date
Thu, 30 Jun 2022 09:44:06 GMT
expires
0
link
<https://www.manutan.fr/fstrz/r/s/www.manutan.fr/wcsstore/ManutanSAS/font/icons.woff2?1651507949440&frz-v=56>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.manutan.fr/fstrz/r/s/www.manutan.fr/wcsstore/ManutanSAS/font/roboto-regular-webfont.woff2?frz-v=56>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.manutan.fr/fstrz/r/s/www.manutan.fr/wcsstore/ManutanSAS/font/roboto-medium-webfont.woff2?frz-v=56>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.manutan.fr/fstrz/r/s/www.manutan.fr/wcsstore/ManutanSAS/font/marydale-webfont.woff2?frz-v=56>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.manutan.fr/fstrz/r/s/www.manutan.fr/wcsstore/ManutanSAS/font/roboto-bold-webfont.woff2?frz-v=56>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.manutan.fr/fstrz/r/s/www.manutan.fr/wcsstore/ManutanSAS/font/barlowcondensed-medium-webfont.woff2?frz-v=56>;rel="preload";as="font";type="font/woff2";crossorigin
location
https://validate.perfdrive.com/777531289350272ce9c275d6de61c70c/?ssa=9737a10d-2142-455f-b0dd-ad1fccb69d40&ssb=49862260920&ssc=https%3A%2F%2Fwww.manutan.fr%2Fblog%3Futm_source%3DSIM%26utm_medium%3Demail%26utm_campaign%3Doffice-staging2022%26utm_content%3DFR_20220630_NL_Office-staging-entrepot%26utm_term%3D_%26m_i%3DvHKtYi6a294cuwBk2WaVxLfr%252BBh7ts7Pn4hmegq_rvLcdDe0raT%252B8NcaQRuBxrmh3wrfoKz5TdRDdadohXrJrYTsWgNsVxfvva&ssi=a0e0c373-bhgj-4f6e-bbec-4af87de8c647&ssk=support@shieldsquare.com&ssm=78061901485791263102689756548574&ssn=11a080cdefe474fe20e469c8e08e4232cbaeb7e68427-c015-4fde-98f286&sso=8190278f-bca004e721f14fce0acc9a8ba36bfa66556b9608f13a4295&ssp=31387895511656518908165652717159788&ssq=39146868224663893876882246714145807073163&ssr=MTc4LjMzLjE0NC4xNzk=&sst=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36&ssv=&ssw=&ssx=W10=
server
fasterize
server-timing
edge; dur=2, origin; dur=28, cdn-cache; desc=MISS
strict-transport-security
max-age=86400
via
1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
x-akam-sw-version
0.5.0
x-amz-cf-id
TQs0o0-OOdB-WOuTydqNP62nZq3lPQaTc7gcCp7kE5c9ovQDExFJdA==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-cache-response
DISABLED
x-fstrz
stc,Z,p
x-unique-id
e78d2e3ff14de227090731a28225d7c8
style.min.css
www.manutan.co.uk/wcsstore/ManutanSAS/StaticContent/group/cbot/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.manutan.co.uk/wcsstore/ManutanSAS/StaticContent/group/cbot/style.min.css
Requested by
Host: validate.perfdrive.com
URL: https://validate.perfdrive.com/777531289350272ce9c275d6de61c70c/?ssa=9737a10d-2142-455f-b0dd-ad1fccb69d40&ssb=49862260920&ssc=https%3A%2F%2Fwww.manutan.fr%2Fblog%3Futm_source%3DSIM%26utm_medium%3Demail%26utm_campaign%3Doffice-staging2022%26utm_content%3DFR_20220630_NL_Office-staging-entrepot%26utm_term%3D_%26m_i%3DvHKtYi6a294cuwBk2WaVxLfr%252BBh7ts7Pn4hmegq_rvLcdDe0raT%252B8NcaQRuBxrmh3wrfoKz5TdRDdadohXrJrYTsWgNsVxfvva&ssi=a0e0c373-bhgj-4f6e-bbec-4af87de8c647&ssk=support@shieldsquare.com&ssm=78061901485791263102689756548574&ssn=11a080cdefe474fe20e469c8e08e4232cbaeb7e68427-c015-4fde-98f286&sso=8190278f-bca004e721f14fce0acc9a8ba36bfa66556b9608f13a4295&ssp=31387895511656518908165652717159788&ssq=39146868224663893876882246714145807073163&ssr=MTc4LjMzLjE0NC4xNzk=&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ssv=&ssw=&ssx=W10=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.123.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-123-42.hel50.r.cloudfront.net
Software
fasterize /
Resource Hash
539a1b47548cd11122c3cd74e0ba74401e5b9622929d76a546bbe8dce6a8bec9
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://validate.perfdrive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 31 May 2022 18:34:46 GMT
content-encoding
br
age
2560161
x-cache
Hit from cloudfront
content-length
1191
x-gen-id
c14d50aa915f6be5e08f43fe35fb7b70
x-unique-id
c38490ab3209df8f33c47a10e6f04a8a
last-modified
Mon, 23 May 2022 17:21:55 GMT
server
fasterize
etag
"620e5d7e-8d6"
strict-transport-security
max-age=86400
content-type
text/css
via
1.1 0e53369843ffff152c4f962eb3b91d2a.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
7RG07alj_2CNv6844CJWmPaByHOeLe0ES4BHZ_NpZQXTKaPoIrnU6A==
x-fstrz
o,c
expires
Thu, 30 Jun 2022 18:33:56 GMT
logo_desktop.webp
www.manutan.co.uk/wcsstore/ManutanSAS/StaticContent/group/cbot/
8 KB
9 KB
Image
General
Full URL
https://www.manutan.co.uk/wcsstore/ManutanSAS/StaticContent/group/cbot/logo_desktop.webp
Requested by
Host: validate.perfdrive.com
URL: https://validate.perfdrive.com/777531289350272ce9c275d6de61c70c/?ssa=9737a10d-2142-455f-b0dd-ad1fccb69d40&ssb=49862260920&ssc=https%3A%2F%2Fwww.manutan.fr%2Fblog%3Futm_source%3DSIM%26utm_medium%3Demail%26utm_campaign%3Doffice-staging2022%26utm_content%3DFR_20220630_NL_Office-staging-entrepot%26utm_term%3D_%26m_i%3DvHKtYi6a294cuwBk2WaVxLfr%252BBh7ts7Pn4hmegq_rvLcdDe0raT%252B8NcaQRuBxrmh3wrfoKz5TdRDdadohXrJrYTsWgNsVxfvva&ssi=a0e0c373-bhgj-4f6e-bbec-4af87de8c647&ssk=support@shieldsquare.com&ssm=78061901485791263102689756548574&ssn=11a080cdefe474fe20e469c8e08e4232cbaeb7e68427-c015-4fde-98f286&sso=8190278f-bca004e721f14fce0acc9a8ba36bfa66556b9608f13a4295&ssp=31387895511656518908165652717159788&ssq=39146868224663893876882246714145807073163&ssr=MTc4LjMzLjE0NC4xNzk=&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ssv=&ssw=&ssx=W10=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.123.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-123-42.hel50.r.cloudfront.net
Software
fasterize /
Resource Hash
bc441e4fb729c1fb4d50b7c03a88a8d805fc78749ead2f25d073037effdc4352
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://validate.perfdrive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 04:06:22 GMT
via
1.1 0e53369843ffff152c4f962eb3b91d2a.cloudfront.net (CloudFront)
age
1316265
x-cache
Hit from cloudfront
content-length
8598
x-gen-id
9aa47d9f97901a0bc533d13bd025651f
x-unique-id
3a225738cb3d787300012dba8fc5d87f
last-modified
Tue, 15 Feb 2022 12:35:20 GMT
server
fasterize
etag
"620b9e08-2196"
strict-transport-security
max-age=86400
content-type
image/webp
cache-control
max-age=2592000
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
MF_t0bTn2YVfWptrB81p1SinA9ouZXMSx3BHEvIsJl5KtCbNf7vebg==
x-fstrz
!o,c
expires
Fri, 15 Jul 2022 02:34:31 GMT
api.js
hcaptcha.com/1/
279 KB
79 KB
Script
General
Full URL
https://hcaptcha.com/1/api.js
Requested by
Host: validate.perfdrive.com
URL: https://validate.perfdrive.com/777531289350272ce9c275d6de61c70c/?ssa=9737a10d-2142-455f-b0dd-ad1fccb69d40&ssb=49862260920&ssc=https%3A%2F%2Fwww.manutan.fr%2Fblog%3Futm_source%3DSIM%26utm_medium%3Demail%26utm_campaign%3Doffice-staging2022%26utm_content%3DFR_20220630_NL_Office-staging-entrepot%26utm_term%3D_%26m_i%3DvHKtYi6a294cuwBk2WaVxLfr%252BBh7ts7Pn4hmegq_rvLcdDe0raT%252B8NcaQRuBxrmh3wrfoKz5TdRDdadohXrJrYTsWgNsVxfvva&ssi=a0e0c373-bhgj-4f6e-bbec-4af87de8c647&ssk=support@shieldsquare.com&ssm=78061901485791263102689756548574&ssn=11a080cdefe474fe20e469c8e08e4232cbaeb7e68427-c015-4fde-98f286&sso=8190278f-bca004e721f14fce0acc9a8ba36bfa66556b9608f13a4295&ssp=31387895511656518908165652717159788&ssq=39146868224663893876882246714145807073163&ssr=MTc4LjMzLjE0NC4xNzk=&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ssv=&ssw=&ssx=W10=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba9d0d53a8ef16369ce3d1881c0591da6718eadad04da7806676094fc4b9ee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://validate.perfdrive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:44:07 GMT
via
1.1 53f1fabf09e106b6477c73343225c058.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 27 Jun 2022 07:45:46 GMT
server
cloudflare
etag
W/"b54dcdc45f98717d93b7534357360f0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-pop
CDG52-P1
cf-ray
7235f6256a17ee60-CDG
x-amz-cf-id
AUyDyYoAbULH9433wI67EOHALfwdKOjohnpvHq4Y95YZbjThQug6SA==
aperture.js
cdn.perfdrive.com/aperture/
44 KB
13 KB
Script
General
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: validate.perfdrive.com
URL: https://validate.perfdrive.com/777531289350272ce9c275d6de61c70c/?ssa=9737a10d-2142-455f-b0dd-ad1fccb69d40&ssb=49862260920&ssc=https%3A%2F%2Fwww.manutan.fr%2Fblog%3Futm_source%3DSIM%26utm_medium%3Demail%26utm_campaign%3Doffice-staging2022%26utm_content%3DFR_20220630_NL_Office-staging-entrepot%26utm_term%3D_%26m_i%3DvHKtYi6a294cuwBk2WaVxLfr%252BBh7ts7Pn4hmegq_rvLcdDe0raT%252B8NcaQRuBxrmh3wrfoKz5TdRDdadohXrJrYTsWgNsVxfvva&ssi=a0e0c373-bhgj-4f6e-bbec-4af87de8c647&ssk=support@shieldsquare.com&ssm=78061901485791263102689756548574&ssn=11a080cdefe474fe20e469c8e08e4232cbaeb7e68427-c015-4fde-98f286&sso=8190278f-bca004e721f14fce0acc9a8ba36bfa66556b9608f13a4295&ssp=31387895511656518908165652717159788&ssq=39146868224663893876882246714145807073163&ssr=MTc4LjMzLjE0NC4xNzk=&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36&ssv=&ssw=&ssx=W10=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
1ef89c6057c63e1fd2bda3054817b95cb244d353dc1dafd2736e0ad49ca97924

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://validate.perfdrive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 08:46:39 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 12:50:01 GMT
server
nginx/1.10.1
age
3448
etag
W/"62bc4a79-ae3a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13453
via
1.1 google
jsdata
cas.avalon.perfdrive.com/
211 B
364 B
XHR
General
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
5327e9b58443f45bdcda5ce18a262787277056ce0f60801f46daa9a7950d3d59

Request headers

Referer
https://validate.perfdrive.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Thu, 30 Jun 2022 09:44:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/
211 B
270 B
XHR
General
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
fd9b1da9b9784197d6891ca4f1e38cf55aaac385d28e28c8f2c769ce14a29360

Request headers

Referer
https://validate.perfdrive.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Thu, 30 Jun 2022 09:44:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/
211 B
275 B
XHR
General
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
3134439e75f449777fa04b156d7a1fef0e195955459a047ad09a11f1c9f5a789

Request headers

Referer
https://validate.perfdrive.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
14ms
date
Thu, 30 Jun 2022 09:44:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
content-type
text/plain; charset=UTF-8
Femme-loupe.png
www.manutan.co.uk/fstrz/r/s/www.manutan.co.uk/wcsstore/ManutanSAS/StaticContent/group/cbot/
9 KB
10 KB
Image
General
Full URL
https://www.manutan.co.uk/fstrz/r/s/www.manutan.co.uk/wcsstore/ManutanSAS/StaticContent/group/cbot/Femme-loupe.png?frz-v=6
Requested by
Host: www.manutan.co.uk
URL: https://www.manutan.co.uk/wcsstore/ManutanSAS/StaticContent/group/cbot/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.123.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-123-42.hel50.r.cloudfront.net
Software
fasterize /
Resource Hash
73aa22381fa21ce9ef710b9b07f6d9560d57ed24bf79f1921dcf59d4cc9d40bd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.manutan.co.uk/wcsstore/ManutanSAS/StaticContent/group/cbot/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 31 May 2022 18:34:46 GMT
via
1.1 0e53369843ffff152c4f962eb3b91d2a.cloudfront.net (CloudFront)
age
2560161
x-cache
Hit from cloudfront
content-length
9693
x-gen-id
0574783b302ca9c19db1624e8a0c35ff
x-unique-id
459ff168eba00e13ff6b1149ce93b1e7
last-modified
Tue, 15 Feb 2022 13:28:31 GMT
server
fasterize
etag
"620baa7f-923e"
content-type
image/avif
cache-control
max-age=2592000
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
aCI81nhZuJA1s80QtpLBXVtaWm3wvD_Su4NNWyNOguTY5BO1s3PqXw==
x-fstrz
o,c
expires
Thu, 30 Jun 2022 18:34:05 GMT
HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
Requested by
Host: www.manutan.co.uk
URL: https://www.manutan.co.uk/wcsstore/ManutanSAS/StaticContent/group/cbot/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.manutan.co.uk/
Origin
https://validate.perfdrive.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 22:15:36 GMT
x-content-type-options
nosniff
age
127711
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21352
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:30:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 22:15:36 GMT
HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
Requested by
Host: www.manutan.co.uk
URL: https://www.manutan.co.uk/wcsstore/ManutanSAS/StaticContent/group/cbot/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.manutan.co.uk/
Origin
https://validate.perfdrive.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 22:51:39 GMT
x-content-type-options
nosniff
age
125548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20200
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:28:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 22:51:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.manutan.co.uk
URL: https://www.manutan.co.uk/wcsstore/ManutanSAS/StaticContent/group/cbot/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.manutan.co.uk/
Origin
https://validate.perfdrive.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 11:07:47 GMT
x-content-type-options
nosniff
age
254180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 11:07:47 GMT
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/51c8a75/static/ Frame 5F8A
2 KB
883 B
Document
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d136ed543accc2853757ecf440cf15871f889fe3fbb29136627653a9f8e5e675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://validate.perfdrive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
6911
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
7235f6266b58ee60-CDG
content-encoding
gzip
content-type
text/html
date
Thu, 30 Jun 2022 09:44:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Mon, 27 Jun 2022 07:45:45 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 78a48d8d46b0e5cf69ec8a7f633776e0.cloudfront.net (CloudFront)
x-amz-cf-id
rXGQ1bZpMUmX89aFLaurEQ2F_8-ieqaw3eqiazRYvJQmbgpKxiCz2A==
x-amz-cf-pop
CDG52-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/51c8a75/static/ Frame 3826
2 KB
1 KB
Document
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d136ed543accc2853757ecf440cf15871f889fe3fbb29136627653a9f8e5e675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://validate.perfdrive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
6911
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
7235f6266b57ee60-CDG
content-encoding
gzip
content-type
text/html
date
Thu, 30 Jun 2022 09:44:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Mon, 27 Jun 2022 07:45:45 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 78a48d8d46b0e5cf69ec8a7f633776e0.cloudfront.net (CloudFront)
x-amz-cf-id
rXGQ1bZpMUmX89aFLaurEQ2F_8-ieqaw3eqiazRYvJQmbgpKxiCz2A==
x-amz-cf-pop
CDG52-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: www.manutan.co.uk
URL: https://www.manutan.co.uk/wcsstore/ManutanSAS/StaticContent/group/cbot/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.manutan.co.uk/
Origin
https://validate.perfdrive.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 08:44:49 GMT
x-content-type-options
nosniff
age
89958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jun 2023 08:44:49 GMT
HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
Requested by
Host: www.manutan.co.uk
URL: https://www.manutan.co.uk/wcsstore/ManutanSAS/StaticContent/group/cbot/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.manutan.co.uk/
Origin
https://validate.perfdrive.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 22:15:53 GMT
x-content-type-options
nosniff
age
127694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20432
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:38:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 22:15:53 GMT
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/51c8a75/ Frame 3826
279 KB
79 KB
Script
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/51c8a75/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba9d0d53a8ef16369ce3d1881c0591da6718eadad04da7806676094fc4b9ee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
6910
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80398
access-control-allow-origin
*
last-modified
Mon, 27 Jun 2022 07:45:46 GMT
server
cloudflare
etag
"b54dcdc45f98717d93b7534357360f0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 53f1fabf09e106b6477c73343225c058.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
cf-ray
7235f626bbffee60-CDG
x-amz-cf-id
kdpePmwDz3eF0QFdtMALZvLdvgMukjR7yUyeLD7B4WPUEeB40YIJVw==
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/51c8a75/ Frame 5F8A
279 KB
79 KB
Script
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/51c8a75/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba9d0d53a8ef16369ce3d1881c0591da6718eadad04da7806676094fc4b9ee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
6910
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80398
access-control-allow-origin
*
last-modified
Mon, 27 Jun 2022 07:45:46 GMT
server
cloudflare
etag
"b54dcdc45f98717d93b7534357360f0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 53f1fabf09e106b6477c73343225c058.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
cf-ray
7235f626cc0bee60-CDG
x-amz-cf-id
kdpePmwDz3eF0QFdtMALZvLdvgMukjR7yUyeLD7B4WPUEeB40YIJVw==
truncated
/ Frame 3826
798 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 3826
551 B
927 B
XHR
General
Full URL
https://hcaptcha.com/checksiteconfig?v=51c8a75&host=validate.perfdrive.com&sitekey=ae73173b-7003-44e0-bc87-654d0dab8b75&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/51c8a75/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c374060aca99315299d9578efc4cc407a5a141f122efa457ea0f30485c81fafc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 30 Jun 2022 09:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7235f6278ff23313-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hsw.js
newassets.hcaptcha.com/c/73c052e2/ Frame 5F8A
963 KB
360 KB
Script
General
Full URL
https://newassets.hcaptcha.com/c/73c052e2/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/51c8a75/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10be47fffa11d8d498eee5ddcd8ded56b0d4846dd5ffcd992fe9260d88f2abe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:44:07 GMT
via
1.1 dc341d03bd5d53f09228219aec3f44e8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
48
x-cache
Miss from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Jun 2022 09:25:21 GMT
server
cloudflare
etag
W/"800e57a53bdccfd32c0f3d3db9d3c7b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
CDG50-C2
cf-ray
7235f627e8733313-CDG
x-amz-cf-id
ZXFG2XHYzxfUA2ZtSryJzurJFcTtUk5LHc7Kgu-_xU1gGivd1-WfGA==
e
newassets.hcaptcha.com/i/5b174c7/ Frame 5F8A
57 KB
58 KB
Fetch
General
Full URL
https://newassets.hcaptcha.com/i/5b174c7/e
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/c/73c052e2/hsw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da6e32a9eb6d7d3b2c8d66faf07ca5584b298899c24fc973861616067f6ab22f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/51c8a75/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 09:44:07 GMT
via
1.1 efde5be81ce9c9a89c77d96186504846.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
70908
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 22 Jun 2022 05:47:19 GMT
server
cloudflare
etag
W/"a99334a4a1b3b541b9e4b416ef7ca514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
CDG52-P1
cf-ray
7235f629aac53313-CDG
x-amz-cf-id
AN9H77HZ6-Jh7B0PLiwYkc08cLWrV-e6_lTiXbFq5e-GX4pW0Xl3yQ==

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| __uzdbm_1 string| __uzdbm_2 number| SSJSInternal object| SSJSConnectorObj object| ssTimeLogs object| BrowserStyle string| j function| ssJSActionTaker function| ssJSConnWriteCookies number| __sstemp object| ssEventCollectorFunctions string| eventName object| Raven object| hcaptcha object| grecaptcha

17 Cookies

Domain/Path Name / Value
www.manutan.fr/ Name: __uzma
Value: b7e68427-c015-4fde-978f-bca004e721f1
www.manutan.fr/ Name: __uzmb
Value: 1656582246
www.manutan.fr/ Name: __uzme
Value: 2639
www.manutan.fr/ Name: __uzmc
Value: 155281013166
www.manutan.fr/ Name: __uzmd
Value: 1656582246
.manutan.fr/ Name: AKA_A2
Value: A
validate.perfdrive.com/ Name: PHPSESSID
Value: dvghnul4md72qcpdem1c86jckd
validate.perfdrive.com/ Name: __uzma
Value: b7e68427-c015-4fde-978f-bca004e721f1
validate.perfdrive.com/ Name: __uzmb
Value: 1656582246
validate.perfdrive.com/ Name: __uzmc
Value: 301601089597
validate.perfdrive.com/ Name: __uzmd
Value: 1656582247
.perfdrive.com/ Name: __ssds
Value: 2
.perfdrive.com/ Name: __ssuzjsr2
Value: a9be0cd8e
.perfdrive.com/ Name: __uzmaj2
Value: 9db8d572-eb0a-4733-b0e4-720a4355ef51
.perfdrive.com/ Name: __uzmbj2
Value: 1656582247
.perfdrive.com/ Name: __uzmcj2
Value: 861021093287
.perfdrive.com/ Name: __uzmdj2
Value: 1656582247

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cas.avalon.perfdrive.com
cdn.perfdrive.com
fonts.gstatic.com
hcaptcha.com
newassets.hcaptcha.com
news.manutan.fr
validate.perfdrive.com
www.manutan.co.uk
www.manutan.fr
104.16.169.131
13.32.123.42
130.211.29.114
143.204.89.101
2606:4700::6811:7a12
2a00:1450:4001:806::2003
35.190.62.213
35.241.15.240
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb
10be47fffa11d8d498eee5ddcd8ded56b0d4846dd5ffcd992fe9260d88f2abe5
1ef89c6057c63e1fd2bda3054817b95cb244d353dc1dafd2736e0ad49ca97924
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
3134439e75f449777fa04b156d7a1fef0e195955459a047ad09a11f1c9f5a789
5327e9b58443f45bdcda5ce18a262787277056ce0f60801f46daa9a7950d3d59
539a1b47548cd11122c3cd74e0ba74401e5b9622929d76a546bbe8dce6a8bec9
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
73aa22381fa21ce9ef710b9b07f6d9560d57ed24bf79f1921dcf59d4cc9d40bd
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
bc441e4fb729c1fb4d50b7c03a88a8d805fc78749ead2f25d073037effdc4352
c374060aca99315299d9578efc4cc407a5a141f122efa457ea0f30485c81fafc
c7a8a5ff4e55f59c5f7bb5b03d62fdc15021a27161d025eba0a5d1f4ff57164d
d136ed543accc2853757ecf440cf15871f889fe3fbb29136627653a9f8e5e675
da6e32a9eb6d7d3b2c8d66faf07ca5584b298899c24fc973861616067f6ab22f
dba9d0d53a8ef16369ce3d1881c0591da6718eadad04da7806676094fc4b9ee9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd9b1da9b9784197d6891ca4f1e38cf55aaac385d28e28c8f2c769ce14a29360