validate.perfdrive.com
Open in
urlscan Pro
66.22.63.144
Public Scan
Submitted URL: http://serfinanzavirtual.bancoserfinanza.com/Personal/Login/LoginWithImage
Effective URL: https://validate.perfdrive.com/e86806b6bbc9e5f59788289d63543184/?ssa=d4995fb4-ef7b-4bf2-8a11-8617b762796e&ssb=91245358356&ssc=h...
Submission: On May 04 via manual from IL — Scanned from IL
Effective URL: https://validate.perfdrive.com/e86806b6bbc9e5f59788289d63543184/?ssa=d4995fb4-ef7b-4bf2-8a11-8617b762796e&ssb=91245358356&ssc=h...
Submission: On May 04 via manual from IL — Scanned from IL
Summary
This website contacted 7 IPs
in 1 countries
across 5 domains to perform 9 HTTP transactions.
The main IP is 66.22.63.144, located in
United States and
belongs to RADWARE-CLOUD-SERVICES, US.
The main domain is validate.perfdrive.com.
The Cisco Umbrella rank of the primary domain is 242796.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 21st 2023. Valid for: a year.
This is the only time validate.perfdrive.com was scanned on urlscan.io!
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 21st 2023. Valid for: a year.
This is the only time validate.perfdrive.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 66.22.28.52 66.22.28.52 | 25773 (RADWARE-C...) (RADWARE-CLOUD-SERVICES) | |
| 2 | 66.22.63.144 66.22.63.144 | 25773 (RADWARE-C...) (RADWARE-CLOUD-SERVICES) | |
| 1 | 34.117.2.119 34.117.2.119 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 | 34.110.226.84 34.110.226.84 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 | 130.211.29.114 130.211.29.114 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 | 142.250.186.42 142.250.186.42 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 35.241.15.240 35.241.15.240 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 142.250.181.227 142.250.181.227 | 15169 (GOOGLE) (GOOGLE) | |
| 9 | 7 |
1
66.22.28.52
(United States)
ASN25773 (RADWARE-CLOUD-SERVICES, US)
ASN25773 (RADWARE-CLOUD-SERVICES, US)
| serfinanzavirtual.bancoserfinanza.com |
1
34.117.2.119
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.2.117.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.2.117.34.bc.googleusercontent.com
| captcha.perfdrive.com |
1
34.110.226.84
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 84.226.110.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 84.226.110.34.bc.googleusercontent.com
| ssq_staging.shieldsquare.net |
1
130.211.29.114
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
| cdn.perfdrive.com |
1
142.250.186.42
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
| fonts.googleapis.com |
2
35.241.15.240
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com
| cas.avalon.perfdrive.com |
1
142.250.181.227
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
| fonts.gstatic.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 6 |
perfdrive.com
validate.perfdrive.com — Cisco Umbrella Rank: 242796 captcha.perfdrive.com — Cisco Umbrella Rank: 750873 cdn.perfdrive.com — Cisco Umbrella Rank: 22544 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 9249 |
23 KB |
| 1 |
gstatic.com
fonts.gstatic.com |
24 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
779 B |
| 1 |
shieldsquare.net
ssq_staging.shieldsquare.net |
49 KB |
| 1 |
bancoserfinanza.com
1 redirects
serfinanzavirtual.bancoserfinanza.com |
2 KB |
| 9 | 5 |
| Domain | Requested by | |
|---|---|---|
| 2 | cas.avalon.perfdrive.com |
cdn.perfdrive.com
|
| 2 | validate.perfdrive.com | |
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | fonts.googleapis.com |
captcha.perfdrive.com
|
| 1 | cdn.perfdrive.com |
validate.perfdrive.com
|
| 1 | ssq_staging.shieldsquare.net |
validate.perfdrive.com
|
| 1 | captcha.perfdrive.com |
validate.perfdrive.com
|
| 1 | serfinanzavirtual.bancoserfinanza.com | 1 redirects |
| 9 | 8 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.perfdrive.com Go Daddy Secure Certificate Authority - G2 |
2023-09-21 - 2024-09-26 |
a year | crt.sh |
| *.shieldsquare.net Go Daddy Secure Certificate Authority - G2 |
2024-03-17 - 2024-06-03 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
| cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2 |
2023-07-24 - 2024-08-05 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://validate.perfdrive.com/e86806b6bbc9e5f59788289d63543184/?ssa=d4995fb4-ef7b-4bf2-8a11-8617b762796e&ssb=91245358356&ssc=https%3A%2F%2Fserfinanzavirtual.bancoserfinanza.com%2FPersonal%2FLogin%2FLoginWithImage&ssi=d44f644c-cifv-4d22-93c7-1fc3876d2a11&ssk=botmanager_support@radware.com&ssm=76102628004675087105424479323845&ssn=cb5ff1045a76a2f27eb4f83a07aa1804ca734560b43a-876e-4f76-bc575f&sso=af8c96a1-0673871bb1ce1dd37b5ba45f8148b633b307e114fdb61474&ssp=60915859471714846787171483025204625&ssq=67715594570836770641745708632955574562267&ssr=MzEuMTg3Ljc4LjMx&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/124.0.0.0%20Safari/537.36&ssu=&ssv=&ssw=&ssx=eyJ1em14IjoiN2Y5MDAwMmY3MTQyZmEtNGI4Ni00NDNiLWEyNTQtMWM5OWVjNTM0ZThiMS0xNzE0ODQ1NzA4ODY3MC04NjhkMmE2YzQ1NDgxMjRiMTAiLCJfX3V6bWYiOiI3ZjYwMDAyM2MwMzJjMi1jOTcyLTRjMDEtOWQ5NC00YzNhYTNlYWM0YTgxNzE0ODQ1NzA4ODY3MC1hYTk4ZmE0ODQ4MTIwYmU4MTAiLCJyZCI6ImJhbmNvc2VyZmluYW56YS5jb20ifQ==
Frame ID: 9BFF3AB25720EDF3B63EB159D90990B3
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
Radware Bot Manager BlockPage URL History Show full URLs
-
http://serfinanzavirtual.bancoserfinanza.com/Personal/Login/LoginWithImage
HTTP 307
https://serfinanzavirtual.bancoserfinanza.com/Personal/Login/LoginWithImage HTTP 302
https://validate.perfdrive.com/e86806b6bbc9e5f59788289d63543184/?ssa=d4995fb4-ef7b-4bf2-8a11-8617b762796e&s... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://serfinanzavirtual.bancoserfinanza.com/Personal/Login/LoginWithImage
HTTP 307
https://serfinanzavirtual.bancoserfinanza.com/Personal/Login/LoginWithImage HTTP 302
https://validate.perfdrive.com/e86806b6bbc9e5f59788289d63543184/?ssa=d4995fb4-ef7b-4bf2-8a11-8617b762796e&ssb=91245358356&ssc=https%3A%2F%2Fserfinanzavirtual.bancoserfinanza.com%2FPersonal%2FLogin%2FLoginWithImage&ssi=d44f644c-cifv-4d22-93c7-1fc3876d2a11&ssk=botmanager_support@radware.com&ssm=76102628004675087105424479323845&ssn=cb5ff1045a76a2f27eb4f83a07aa1804ca734560b43a-876e-4f76-bc575f&sso=af8c96a1-0673871bb1ce1dd37b5ba45f8148b633b307e114fdb61474&ssp=60915859471714846787171483025204625&ssq=67715594570836770641745708632955574562267&ssr=MzEuMTg3Ljc4LjMx&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/124.0.0.0%20Safari/537.36&ssu=&ssv=&ssw=&ssx=eyJ1em14IjoiN2Y5MDAwMmY3MTQyZmEtNGI4Ni00NDNiLWEyNTQtMWM5OWVjNTM0ZThiMS0xNzE0ODQ1NzA4ODY3MC04NjhkMmE2YzQ1NDgxMjRiMTAiLCJfX3V6bWYiOiI3ZjYwMDAyM2MwMzJjMi1jOTcyLTRjMDEtOWQ5NC00YzNhYTNlYWM0YTgxNzE0ODQ1NzA4ODY3MC1hYTk4ZmE0ODQ4MTIwYmU4MTAiLCJyZCI6ImJhbmNvc2VyZmluYW56YS5jb20ifQ== Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
validate.perfdrive.com/e86806b6bbc9e5f59788289d63543184/ Redirect Chain
|
11 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
shieldsquare_styles.min.css
captcha.perfdrive.com/captcha-public/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ss-captcha-fingerprint.png
ssq_staging.shieldsquare.net/assets/img/ |
49 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aperture.js
cdn.perfdrive.com/aperture/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
717 B 779 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
jsdata
cas.avalon.perfdrive.com/ |
316 B 470 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
jsdata
cas.avalon.perfdrive.com/ |
211 B 277 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
validate.perfdrive.com/ |
346 B 509 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| __uzdbm_1 string| __uzdbm_2 number| SSJSInternal object| SSJSConnectorObj function| md5 object| $jscomp boolean| radCfco object| radCfdbs string| radCfresOp object| radCfeMap function| oco function| ocs function| hOpenRad function| hSolvedRad function| xrcpc function| otkhd function| getRandomNumber function| mdhx function| getQueryParams function| getPidDigestSalt function| ldlnb function| hcD function| mb3tx function| mb4tx function| radSetErrCook object| ssTimeLogs object| BrowserStyle string| j function| ssJSActionTaker function| ssJSConnWriteCookies21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| serfinanzavirtual.bancoserfinanza.com/ | Name: __uzma Value: 4560b43a-876e-4f76-b6a1-0673871bb1ce |
|
| serfinanzavirtual.bancoserfinanza.com/ | Name: __uzmb Value: 1714845708 |
|
| serfinanzavirtual.bancoserfinanza.com/ | Name: __uzme Value: 6139 |
|
| serfinanzavirtual.bancoserfinanza.com/ | Name: __uzmc Value: 666251090271 |
|
| serfinanzavirtual.bancoserfinanza.com/ | Name: __uzmd Value: 1714845708 |
|
| serfinanzavirtual.bancoserfinanza.com/ | Name: __uzmf Value: 7f600023c032c2-c972-4c01-9d94-4c3aa3eac4a817148457088670-aa98fa4848120be810 |
|
| .bancoserfinanza.com/ | Name: uzmx Value: 7f90002f7142fa-4b86-443b-a254-1c99ec534e8b1-17148457088670-868d2a6c4548124b10 |
|
| validate.perfdrive.com/ | Name: PHPSESSID Value: 2v91e698b3t4bgnrhckj38rqj8 |
|
| validate.perfdrive.com/ | Name: __uzma Value: 4560b43a-876e-4f76-b6a1-0673871bb1ce |
|
| validate.perfdrive.com/ | Name: __uzmb Value: 1714845708 |
|
| validate.perfdrive.com/ | Name: __uzmc Value: 212061094933 |
|
| validate.perfdrive.com/ | Name: __uzmd Value: 1714845709 |
|
| .perfdrive.com/ | Name: __ssds Value: 2 |
|
| .perfdrive.com/ | Name: __ssuzjsr2 Value: a9be0cd8e |
|
| .perfdrive.com/ | Name: __uzmaj2 Value: 24bd5912-d80a-44ed-bc07-b88160f78e0d |
|
| .perfdrive.com/ | Name: __uzmbj2 Value: 1714845710 |
|
| .perfdrive.com/ | Name: __uzmcj2 Value: 537861074918 |
|
| .perfdrive.com/ | Name: __uzmdj2 Value: 1714845710 |
|
| validate.perfdrive.com/ | Name: cbfmd2a11 Value: 0-0-0-0-0 |
|
| validate.perfdrive.com/ | Name: cbftd2a11 Value: 0-0-0-0-0 |
|
| validate.perfdrive.com/ | Name: cbfcld2a11 Value: container,row,col-1,col-2 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
captcha.perfdrive.com
cas.avalon.perfdrive.com
cdn.perfdrive.com
fonts.googleapis.com
fonts.gstatic.com
serfinanzavirtual.bancoserfinanza.com
ssq_staging.shieldsquare.net
validate.perfdrive.com
130.211.29.114
142.250.181.227
142.250.186.42
34.110.226.84
34.117.2.119
35.241.15.240
66.22.28.52
66.22.63.144
11f113b90ad860df8cb591d062ab13ce73ef511e422ec1ecfd04edf03e9f27c6
2fcdc3b4f2aed79bbe5b2bb0b20ee2054efde2b66244387b69c6ca030635de31
308a47a0cf2eb75fe02b6c66e8e86e1f7cfb1e730282570f318b1b4929558cb2
3ee032012a5adf96d325a0009e7eb7c9cd68fca0998b6acda87fb547b730525d
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9699aebadef08f81dd0fde9eee5cf3feeff1b1eeb84a4ae09f783db8bb0297c2
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506
f5275dd60e4ec801de1827253e54e5c184994505ec2e0962322a7bdfa6d57211