Submitted URL: https://sso.interactief.gva.be/app-newsletter/optiext/optiextension.dll?ID=lq4nPnfHPMQmhlmN1h5sPGBskpKZAVm3ar0Bh2EdD_+nmbTbaL1v...
Effective URL: https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=59d0589c-dcf0-4efb-92f3-06a0cbbe18a9&ssb=37801212678&ssc=h...
Submission: On May 01 via api from BE — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 35.190.62.213, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is validate.perfdrive.com. The Cisco Umbrella rank of the primary domain is 60062.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 31st 2021. Valid for: a year.
This is the only time validate.perfdrive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 185.43.127.189 199796 (MEDIAHUIS)
2 2 178.23.41.211 44806 (KINAMO-BA...)
1 35.190.62.213 15169 (GOOGLE)
8 104.16.169.131 13335 (CLOUDFLAR...)
1 130.211.29.114 15169 (GOOGLE)
3 35.241.15.240 15169 (GOOGLE)
13 5
Apex Domain
Subdomains
Transfer
8 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 7823
newassets.hcaptcha.com — Cisco Umbrella Rank: 11454
492 KB
5 perfdrive.com
validate.perfdrive.com — Cisco Umbrella Rank: 60062
cdn.perfdrive.com — Cisco Umbrella Rank: 18502
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 8113
19 KB
2 zimmo.be
www.zimmo.be — Cisco Umbrella Rank: 180707
2 KB
2 gva.be
sso.interactief.gva.be
interactief.gva.be
789 B
13 4
Domain Requested by
5 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
3 cas.avalon.perfdrive.com cdn.perfdrive.com
3 hcaptcha.com validate.perfdrive.com
newassets.hcaptcha.com
2 www.zimmo.be 2 redirects
1 cdn.perfdrive.com validate.perfdrive.com
1 validate.perfdrive.com
1 interactief.gva.be 1 redirects
1 sso.interactief.gva.be 1 redirects
13 8

This site contains no links.

Subject Issuer Validity Valid
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2
2021-08-31 -
2022-09-26
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-15 -
2022-06-14
a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2
2021-08-04 -
2022-08-05
a year crt.sh

This page contains 3 frames:

Primary Page: https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=59d0589c-dcf0-4efb-92f3-06a0cbbe18a9&ssb=37801212678&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2Fantwerpen-2000%2Fte-koop%2Fappartement%2FK1SQ0%2F%3Futm_source%3Dgva%26utm_medium%3Dnewsletter_avond%26utm_campaign%3Dcrosspromo%26utm_content%3Dfoto&ssi=e3b2dc6a-a26d-40ed-bdf4-8525461aa18a&ssk=helpdesk@zimmo.be&ssm=39842374084774557100283443693624&ssn=1af5e31783ca6eb951723b64607d812b404e3e139992-3593-4012-aa3496&sso=035fdab3-7363ce639548b3626ed1bd22474d4bdd4dd6b19ebc0408fb&ssp=47894105711651419677165146658369721&ssq=97153192374561606358123745931779480588452&ssr=MzcuNTguNTguMjQ2&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.41%20Safari/537.36&ssv=&ssw=&ssx=W10=
Frame ID: 01222E82C8753B0B69B1FBB13F36DBAA
Requests: 6 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Frame ID: 11016F0FC2A800B9F4E2D079E31BB4F2
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Frame ID: DF14B440A565A48EC1E582798A829FF1
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

ShieldSquare CaptchaCAPTCHA

Page URL History Show full URLs

  1. https://sso.interactief.gva.be/app-newsletter/optiext/optiextension.dll?ID=lq4nPnfHPMQmhlmN1h5sPGBskpKZAVm3... HTTP 302
    http://interactief.gva.be/optiext/optiextension.dll?ID=lq4nPnfHPMQmhlmN1h5sPGBskpKZAVm3ar0Bh2EdD_+nmbT... HTTP 302
    http://www.zimmo.be/nl/antwerpen-2000/te-koop/appartement/K1SQ0/?utm_source=gva&utm_medium=newsl... HTTP 301
    https://www.zimmo.be/nl/antwerpen-2000/te-koop/appartement/K1SQ0/?utm_source=gva&utm_medium=newsl... HTTP 302
    https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=59d0589c-dcf0-4efb-92f3-06a0cbbe18a9&s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

8
Subdomains

5
IPs

3
Countries

511 kB
Transfer

1442 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sso.interactief.gva.be/app-newsletter/optiext/optiextension.dll?ID=lq4nPnfHPMQmhlmN1h5sPGBskpKZAVm3ar0Bh2EdD_+nmbTbaL1vnNBIrEIRUgG2mhalyHMxyQ62HeH4R0Ptd8GXP0hX_ALF6WlHmIUllR HTTP 302
    http://interactief.gva.be/optiext/optiextension.dll?ID=lq4nPnfHPMQmhlmN1h5sPGBskpKZAVm3ar0Bh2EdD_+nmbTbaL1vnNBIrEIRUgG2mhalyHMxyQ62HeH4R0Ptd8GXP0hX_ALF6WlHmIUllR HTTP 302
    http://www.zimmo.be/nl/antwerpen-2000/te-koop/appartement/K1SQ0/?utm_source=gva&utm_medium=newsletter_avond&utm_campaign=crosspromo&utm_content=foto HTTP 301
    https://www.zimmo.be/nl/antwerpen-2000/te-koop/appartement/K1SQ0/?utm_source=gva&utm_medium=newsletter_avond&utm_campaign=crosspromo&utm_content=foto HTTP 302
    https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=59d0589c-dcf0-4efb-92f3-06a0cbbe18a9&ssb=37801212678&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2Fantwerpen-2000%2Fte-koop%2Fappartement%2FK1SQ0%2F%3Futm_source%3Dgva%26utm_medium%3Dnewsletter_avond%26utm_campaign%3Dcrosspromo%26utm_content%3Dfoto&ssi=e3b2dc6a-a26d-40ed-bdf4-8525461aa18a&ssk=helpdesk@zimmo.be&ssm=39842374084774557100283443693624&ssn=1af5e31783ca6eb951723b64607d812b404e3e139992-3593-4012-aa3496&sso=035fdab3-7363ce639548b3626ed1bd22474d4bdd4dd6b19ebc0408fb&ssp=47894105711651419677165146658369721&ssq=97153192374561606358123745931779480588452&ssr=MzcuNTguNTguMjQ2&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.41%20Safari/537.36&ssv=&ssw=&ssx=W10= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/
Redirect Chain
  • https://sso.interactief.gva.be/app-newsletter/optiext/optiextension.dll?ID=lq4nPnfHPMQmhlmN1h5sPGBskpKZAVm3ar0Bh2EdD_+nmbTbaL1vnNBIrEIRUgG2mhalyHMxyQ62HeH4R0Ptd8GXP0hX_ALF6WlHmIUllR
  • http://interactief.gva.be/optiext/optiextension.dll?ID=lq4nPnfHPMQmhlmN1h5sPGBskpKZAVm3ar0Bh2EdD_+nmbTbaL1vnNBIrEIRUgG2mhalyHMxyQ62HeH4R0Ptd8GXP0hX_ALF6WlHmIUllR
  • http://www.zimmo.be/nl/antwerpen-2000/te-koop/appartement/K1SQ0/?utm_source=gva&utm_medium=newsletter_avond&utm_campaign=crosspromo&utm_content=foto
  • https://www.zimmo.be/nl/antwerpen-2000/te-koop/appartement/K1SQ0/?utm_source=gva&utm_medium=newsletter_avond&utm_campaign=crosspromo&utm_content=foto
  • https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=59d0589c-dcf0-4efb-92f3-06a0cbbe18a9&ssb=37801212678&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2Fantwerpen-2000%2Fte-koop%2Fappartemen...
14 KB
5 KB
Document
General
Full URL
https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=59d0589c-dcf0-4efb-92f3-06a0cbbe18a9&ssb=37801212678&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2Fantwerpen-2000%2Fte-koop%2Fappartement%2FK1SQ0%2F%3Futm_source%3Dgva%26utm_medium%3Dnewsletter_avond%26utm_campaign%3Dcrosspromo%26utm_content%3Dfoto&ssi=e3b2dc6a-a26d-40ed-bdf4-8525461aa18a&ssk=helpdesk@zimmo.be&ssm=39842374084774557100283443693624&ssn=1af5e31783ca6eb951723b64607d812b404e3e139992-3593-4012-aa3496&sso=035fdab3-7363ce639548b3626ed1bd22474d4bdd4dd6b19ebc0408fb&ssp=47894105711651419677165146658369721&ssq=97153192374561606358123745931779480588452&ssr=MzcuNTguNTguMjQ2&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.41%20Safari/537.36&ssv=&ssw=&ssx=W10=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.62.190.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
ea1faf9d029185b48a04d5880a68a3961a39c2f5bb2b0b59d09a21a5473d3413

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
4609
content-type
text/html; charset=UTF-8
date
Sun, 01 May 2022 16:49:05 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
via
1.1 google

Redirect headers

Connection
keep-alive
Content-Length
142
Content-Type
text/html
Date
Sun, 01 May 2022 16:49:05 GMT
Location
https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=59d0589c-dcf0-4efb-92f3-06a0cbbe18a9&ssb=37801212678&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2Fantwerpen-2000%2Fte-koop%2Fappartement%2FK1SQ0%2F%3Futm_source%3Dgva%26utm_medium%3Dnewsletter_avond%26utm_campaign%3Dcrosspromo%26utm_content%3Dfoto&ssi=e3b2dc6a-a26d-40ed-bdf4-8525461aa18a&ssk=helpdesk@zimmo.be&ssm=39842374084774557100283443693624&ssn=1af5e31783ca6eb951723b64607d812b404e3e139992-3593-4012-aa3496&sso=035fdab3-7363ce639548b3626ed1bd22474d4bdd4dd6b19ebc0408fb&ssp=47894105711651419677165146658369721&ssq=97153192374561606358123745931779480588452&ssr=MzcuNTguNTguMjQ2&sst=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36&ssv=&ssw=&ssx=W10=
Server
openresty
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
DENY
api.js
hcaptcha.com/1/
80 KB
26 KB
Script
General
Full URL
https://hcaptcha.com/1/api.js
Requested by
Host: validate.perfdrive.com
URL: https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=59d0589c-dcf0-4efb-92f3-06a0cbbe18a9&ssb=37801212678&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2Fantwerpen-2000%2Fte-koop%2Fappartement%2FK1SQ0%2F%3Futm_source%3Dgva%26utm_medium%3Dnewsletter_avond%26utm_campaign%3Dcrosspromo%26utm_content%3Dfoto&ssi=e3b2dc6a-a26d-40ed-bdf4-8525461aa18a&ssk=helpdesk@zimmo.be&ssm=39842374084774557100283443693624&ssn=1af5e31783ca6eb951723b64607d812b404e3e139992-3593-4012-aa3496&sso=035fdab3-7363ce639548b3626ed1bd22474d4bdd4dd6b19ebc0408fb&ssp=47894105711651419677165146658369721&ssq=97153192374561606358123745931779480588452&ssr=MzcuNTguNTguMjQ2&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.41%20Safari/537.36&ssv=&ssw=&ssx=W10=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05ff20a409e1b8404326b2253467f94d3e8f4af41a7dcb90cf9b27829d35a46b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://validate.perfdrive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 16:49:05 GMT
via
1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
etag
W/"b4d3dce1e99506a4288cef5fa44792b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-pop
DUS51-P2
cf-ray
704a0228bd016963-FRA
x-amz-cf-id
-G2ebpIkZw3Ss24dCj7BfhX8iSvqPFq2U1qam5xJoLka0W7XiV69cg==
aperture.js
cdn.perfdrive.com/aperture/
44 KB
13 KB
Script
General
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: validate.perfdrive.com
URL: https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=59d0589c-dcf0-4efb-92f3-06a0cbbe18a9&ssb=37801212678&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2Fantwerpen-2000%2Fte-koop%2Fappartement%2FK1SQ0%2F%3Futm_source%3Dgva%26utm_medium%3Dnewsletter_avond%26utm_campaign%3Dcrosspromo%26utm_content%3Dfoto&ssi=e3b2dc6a-a26d-40ed-bdf4-8525461aa18a&ssk=helpdesk@zimmo.be&ssm=39842374084774557100283443693624&ssn=1af5e31783ca6eb951723b64607d812b404e3e139992-3593-4012-aa3496&sso=035fdab3-7363ce639548b3626ed1bd22474d4bdd4dd6b19ebc0408fb&ssp=47894105711651419677165146658369721&ssq=97153192374561606358123745931779480588452&ssr=MzcuNTguNTguMjQ2&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.41%20Safari/537.36&ssv=&ssw=&ssx=W10=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
1ef89c6057c63e1fd2bda3054817b95cb244d353dc1dafd2736e0ad49ca97924

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://validate.perfdrive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 16:26:06 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 12:48:01 GMT
server
nginx/1.10.1
age
1379
etag
W/"616ebe81-ae3a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13453
via
1.1 google
jsdata
cas.avalon.perfdrive.com/
151 B
210 B
XHR
General
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
f8843122615010826c40b167b8242adeb50ad505fc8c40dacd703a5d156e6124

Request headers

Referer
https://validate.perfdrive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Sun, 01 May 2022 16:49:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/
151 B
304 B
XHR
General
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
6eb90ca1521a8b6bc095d116bae7149d94ac784b5e742f1597911abed410975d

Request headers

Referer
https://validate.perfdrive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Sun, 01 May 2022 16:49:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/
151 B
215 B
XHR
General
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
66174f560b55853b9a8be282d45092b5f70cb94fbd8aa351d9a8bdc7683da9a4

Request headers

Referer
https://validate.perfdrive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
10ms
date
Sun, 01 May 2022 16:49:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
content-type
text/plain; charset=UTF-8
hcaptcha-challenge.html
newassets.hcaptcha.com/captcha/v1/c65510b/static/ Frame 1101
2 KB
1 KB
Document
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2ad0beae827eb96a0a35819f8789699421717a0a283d89b1399f89ed942486e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://validate.perfdrive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8195
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
704a02298f616963-FRA
content-encoding
gzip
content-type
text/html
date
Sun, 01 May 2022 16:49:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
x-amz-cf-id
SdaHqpYG1xx7AjBylcTSdueLG_ACZ6T8OH4r4ddZjRYaTAVXhpDoVg==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha-checkbox.html
newassets.hcaptcha.com/captcha/v1/c65510b/static/ Frame DF14
2 KB
1 KB
Document
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe5013fd6295f6ca0e825ccdbebd28691cd7329c475c6cfb5c2477bfa00fa5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://validate.perfdrive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8194
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
704a02298f626963-FRA
content-encoding
gzip
content-type
text/html
date
Sun, 01 May 2022 16:49:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-id
bCEjd3irkuiim1fkhDZMQYS_nmokCahaaTseThA1ZDqBjWEFfP23kQ==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/c65510b/ Frame 1101
206 KB
59 KB
Script
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-challenge.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea8974edf42587189349d61e463c18f56b970fa9f767baac038af41ac7f9546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 16:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
8194
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60442
access-control-allow-origin
*
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
etag
"afd4b48e139bbf94eb2c3439625e497a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
cf-ray
704a022a187e6963-FRA
x-amz-cf-id
W5C4yfGNAls5Ets_nVoJ9b7t9yoCksxqWctV-3puSKftWXCzDCBemQ==
hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/c65510b/ Frame DF14
134 KB
43 KB
Script
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-checkbox.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9e4c5b88baadb7f64da4b24832b535113a18f22ebc919e1f8f5dd0f9a18d400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 16:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
8194
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43687
access-control-allow-origin
*
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
etag
"d17ce84807a9ca89bce386d8552b9ec2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
cf-ray
704a022a18816963-FRA
x-amz-cf-id
WRPlCgsqOG3NHzJDRCxgmXDhZ4c29NcQxbK6_u9KILx13B9QxQ3Tgw==
truncated
/ Frame DF14
798 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame DF14
543 B
921 B
XHR
General
Full URL
https://hcaptcha.com/checksiteconfig?v=c65510b&host=validate.perfdrive.com&sitekey=ae73173b-7003-44e0-bc87-654d0dab8b75&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-checkbox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e44a7a0915a6816e01f5c0dedf6ba7b9f363621d356e2a282bc9ec89ec7e0b8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Cache-Control
no-cache
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Sun, 01 May 2022 16:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
704a022af8dd91ea-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
checksiteconfig
hcaptcha.com/ Frame
0
0
Preflight
General
Full URL
https://hcaptcha.com/checksiteconfig?v=c65510b&host=validate.perfdrive.com&sitekey=ae73173b-7003-44e0-bc87-654d0dab8b75&sc=1&swa=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type
Access-Control-Request-Method
GET
Origin
https://newassets.hcaptcha.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://newassets.hcaptcha.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
704a022adc729c0c-FRA
content-length
0
date
Sun, 01 May 2022 16:49:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
hsw.js
newassets.hcaptcha.com/c/9bbde097/ Frame 1101
958 KB
360 KB
Script
General
Full URL
https://newassets.hcaptcha.com/c/9bbde097/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d45794c83356dbd469f1ac17acf38661dae1d569bb2348711da4a9f9732c5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 16:49:05 GMT
via
1.1 7dc4dc0842848b027020e8c90aa3042c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
11760
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 28 Apr 2022 13:27:15 GMT
server
cloudflare
etag
W/"11a03d285fbe15888c6a0f0e9586e068"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
LHR3-C1
cf-ray
704a022b69ba91ea-FRA
x-amz-cf-id
XVA_bjFJMkNoGXR8S2g9OaQOrbsE24yT9JDmvWE5-229bzuaVTs-QA==

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| __uzdbm_1 string| __uzdbm_2 number| SSJSInternal object| SSJSConnectorObj object| ssTimeLogs object| BrowserStyle string| j function| ssJSActionTaker function| ssJSConnWriteCookies number| __sstemp object| ssEventCollectorFunctions string| eventName object| hcaptcha object| grecaptcha

17 Cookies

Domain/Path Name / Value
www.zimmo.be/ Name: __uzma
Value: 3e139992-3593-4012-aab3-7363ce639548
www.zimmo.be/ Name: __uzmb
Value: 1651423745
www.zimmo.be/ Name: __uzme
Value: 0627
www.zimmo.be/ Name: __uzmc
Value: 817681046416
www.zimmo.be/ Name: __uzmd
Value: 1651423745
www.zimmo.be/ Name: rdw_storereferer
Value:
validate.perfdrive.com/ Name: PHPSESSID
Value: fun0jktue901saatrj2e7kauj9
validate.perfdrive.com/ Name: __uzma
Value: 3e139992-3593-4012-aab3-7363ce639548
validate.perfdrive.com/ Name: __uzmb
Value: 1651423745
validate.perfdrive.com/ Name: __uzmc
Value: 233021025115
validate.perfdrive.com/ Name: __uzmd
Value: 1651423745
.perfdrive.com/ Name: __ssds
Value: 2
.perfdrive.com/ Name: __ssuzjsr2
Value: a9be0cd8e
.perfdrive.com/ Name: __uzmaj2
Value: d51787a5-8d54-45d3-832b-fd706b77b0ec
.perfdrive.com/ Name: __uzmbj2
Value: 1651423745
.perfdrive.com/ Name: __uzmcj2
Value: 618421067726
.perfdrive.com/ Name: __uzmdj2
Value: 1651423745