urlscan.io logo urlscan.io
SecurityTrails logo

validate.perfdrive.com Open in urlscan Pro
35.190.62.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://interactief.standaard.be/optiext/optiextension.dll?ID=vHKtRoAWU2SvyIVCSy+qaxA4bHTKnDWQBNmsRnbQmWSTOoJxsjzyjyp9zNrLVeuEB_Q...
Effective URL: https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=77173c67-2855-48df-a89e-61d247ac039b&ssb=91306295656&ssc=h...
Submission: On April 29 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 35.190.62.213, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is validate.perfdrive.com. The Cisco Umbrella rank of the primary domain is 64109.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 31st 2021. Valid for: a year.
This is the only time validate.perfdrive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.43.125.189 199796 (MEDIAHUIS)
2 2 178.23.41.211 44806 (KINAMO-BA...)
1 35.190.62.213 15169 (GOOGLE)
8 104.16.169.131 13335 (CLOUDFLAR...)
1 130.211.29.114 15169 (GOOGLE)
3 35.241.15.240 15169 (GOOGLE)
13 5
1    185.43.125.189 (Mortsel, Belgium)

ASN199796 (MEDIAHUIS, BE)
PTR: messagent-2.mediahuis.be
interactief.standaard.be
2    178.23.41.211 (Belgium)

ASN44806 (KINAMO-BACKBONE, BE)
PTR: 178-23-41-211.ip.kinamo.be
www.zimmo.be
1    35.190.62.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.62.190.35.bc.googleusercontent.com
validate.perfdrive.com
8    104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
1    130.211.29.114 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
3    35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com
Apex Domain
Subdomains		 Transfer
8 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 7999
newassets.hcaptcha.com — Cisco Umbrella Rank: 11418
492 KB
5 perfdrive.com
validate.perfdrive.com — Cisco Umbrella Rank: 64109
cdn.perfdrive.com — Cisco Umbrella Rank: 18644
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 8766
19 KB
2 zimmo.be
www.zimmo.be — Cisco Umbrella Rank: 187498
2 KB
1 standaard.be
interactief.standaard.be — Cisco Umbrella Rank: 452775
397 B
13 4
Domain Requested by
5 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
3 cas.avalon.perfdrive.com cdn.perfdrive.com
3 hcaptcha.com validate.perfdrive.com
newassets.hcaptcha.com
2 www.zimmo.be 2 redirects
1 cdn.perfdrive.com validate.perfdrive.com
1 validate.perfdrive.com
1 interactief.standaard.be 1 redirects
13 7

This site contains no links.

Subject Issuer Validity Valid
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2021-08-31 -
2022-09-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2021-08-04 -
2022-08-05		 a year crt.sh

This page contains 3 frames:

Primary Page: https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=77173c67-2855-48df-a89e-61d247ac039b&ssb=91306295656&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2F%3Fgemeente%3D9920%26utm_source%3Dstandaard%26utm_campaign%3Dcrosspromo%26utm_medium%3Dnewsletter_PM%26utm_term%3Dmeer-top&ssi=d463ed6f-a26d-423c-90c8-c109cf5ee3bd&ssk=helpdesk@zimmo.be&ssm=62394366547801567105511800358595&ssn=beee121bf66ebe0a2499fc321579e7652ee66dbfa6ba-3971-45d4-ae0299&sso=7e2756cf-fa6fca035ad04534bdc115f937bf80cc2712311af581d8c2&ssp=59899303601651211859165124600763354&ssq=52941775252289651521952522053914279096772&ssr=MTc4LjE2Mi4yMDkuMTMy&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.41%20Safari/537.36&ssv=&ssw=&ssx=W10=
Frame ID: 9C3BA584E8A07184DCE0F81E70FBDFCC
Requests: 6 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Frame ID: 3CA2131385BCBDA9ACC12B529F1BCFC9
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Frame ID: 8EDBF30E4B7036B6E41E998E1BE26055
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ShieldSquare CaptchaCAPTCHA

Page URL History Show full URLs

  1. https://interactief.standaard.be/optiext/optiextension.dll?ID=vHKtRoAWU2SvyIVCSy+qaxA4bHTKnDWQBNmsRnbQmWSTOoJ... HTTP 302
    http://www.zimmo.be/nl/?gemeente=9920&utm_source=standaard&utm_campaign=crosspromo&utm_medium=ne... HTTP 301
    https://www.zimmo.be/nl/?gemeente=9920&utm_source=standaard&utm_campaign=crosspromo&utm_medium=ne... HTTP 302
    https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=77173c67-2855-48df-a89e-61d247ac039b&s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

7
Subdomains

5
IPs

3
Countries

511 kB
Transfer

1442 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://interactief.standaard.be/optiext/optiextension.dll?ID=vHKtRoAWU2SvyIVCSy+qaxA4bHTKnDWQBNmsRnbQmWSTOoJxsjzyjyp9zNrLVeuEB_QLr0ZvThXBOPaFGMaTQbnEW6NiTad7QE HTTP 302
    http://www.zimmo.be/nl/?gemeente=9920&utm_source=standaard&utm_campaign=crosspromo&utm_medium=newsletter_PM&utm_term=meer-top HTTP 301
    https://www.zimmo.be/nl/?gemeente=9920&utm_source=standaard&utm_campaign=crosspromo&utm_medium=newsletter_PM&utm_term=meer-top HTTP 302
    https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=77173c67-2855-48df-a89e-61d247ac039b&ssb=91306295656&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2F%3Fgemeente%3D9920%26utm_source%3Dstandaard%26utm_campaign%3Dcrosspromo%26utm_medium%3Dnewsletter_PM%26utm_term%3Dmeer-top&ssi=d463ed6f-a26d-423c-90c8-c109cf5ee3bd&ssk=helpdesk@zimmo.be&ssm=62394366547801567105511800358595&ssn=beee121bf66ebe0a2499fc321579e7652ee66dbfa6ba-3971-45d4-ae0299&sso=7e2756cf-fa6fca035ad04534bdc115f937bf80cc2712311af581d8c2&ssp=59899303601651211859165124600763354&ssq=52941775252289651521952522053914279096772&ssr=MTc4LjE2Mi4yMDkuMTMy&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.41%20Safari/537.36&ssv=&ssw=&ssx=W10= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/
Redirect Chain
  • https://interactief.standaard.be/optiext/optiextension.dll?ID=vHKtRoAWU2SvyIVCSy+qaxA4bHTKnDWQBNmsRnbQmWSTOoJxsjzyjyp9zNrLVeuEB_QLr0ZvThXBOPaFGMaTQbnEW6NiTad7QE
  • http://www.zimmo.be/nl/?gemeente=9920&utm_source=standaard&utm_campaign=crosspromo&utm_medium=newsletter_PM&utm_term=meer-top
  • https://www.zimmo.be/nl/?gemeente=9920&utm_source=standaard&utm_campaign=crosspromo&utm_medium=newsletter_PM&utm_term=meer-top
  • https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=77173c67-2855-48df-a89e-61d247ac039b&ssb=91306295656&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2F%3Fgemeente%3D9920%26utm_source%3Dsta...
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=77173c67-2855-48df-a89e-61d247ac039b&ssb=91306295656&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2F%3Fgemeente%3D9920%26utm_source%3Dstandaard%26utm_campaign%3Dcrosspromo%26utm_medium%3Dnewsletter_PM%26utm_term%3Dmeer-top&ssi=d463ed6f-a26d-423c-90c8-c109cf5ee3bd&ssk=helpdesk@zimmo.be&ssm=62394366547801567105511800358595&ssn=beee121bf66ebe0a2499fc321579e7652ee66dbfa6ba-3971-45d4-ae0299&sso=7e2756cf-fa6fca035ad04534bdc115f937bf80cc2712311af581d8c2&ssp=59899303601651211859165124600763354&ssq=52941775252289651521952522053914279096772&ssr=MTc4LjE2Mi4yMDkuMTMy&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.41%20Safari/537.36&ssv=&ssw=&ssx=W10=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.62.190.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
9215f667887c7b7cbdd73ddc7ce52c010dcefb406a19f208a5156acf4885ee88

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
4600
content-type
text/html; charset=UTF-8
date
Fri, 29 Apr 2022 17:15:22 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
via
1.1 google

Redirect headers

Connection
keep-alive
Content-Length
142
Content-Type
text/html
Date
Fri, 29 Apr 2022 17:15:22 GMT
Location
https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=77173c67-2855-48df-a89e-61d247ac039b&ssb=91306295656&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2F%3Fgemeente%3D9920%26utm_source%3Dstandaard%26utm_campaign%3Dcrosspromo%26utm_medium%3Dnewsletter_PM%26utm_term%3Dmeer-top&ssi=d463ed6f-a26d-423c-90c8-c109cf5ee3bd&ssk=helpdesk@zimmo.be&ssm=62394366547801567105511800358595&ssn=beee121bf66ebe0a2499fc321579e7652ee66dbfa6ba-3971-45d4-ae0299&sso=7e2756cf-fa6fca035ad04534bdc115f937bf80cc2712311af581d8c2&ssp=59899303601651211859165124600763354&ssq=52941775252289651521952522053914279096772&ssr=MTc4LjE2Mi4yMDkuMTMy&sst=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36&ssv=&ssw=&ssx=W10=
Server
openresty
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
DENY
api.js
hcaptcha.com/1/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js
Requested by
Host: validate.perfdrive.com
URL: https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=77173c67-2855-48df-a89e-61d247ac039b&ssb=91306295656&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2F%3Fgemeente%3D9920%26utm_source%3Dstandaard%26utm_campaign%3Dcrosspromo%26utm_medium%3Dnewsletter_PM%26utm_term%3Dmeer-top&ssi=d463ed6f-a26d-423c-90c8-c109cf5ee3bd&ssk=helpdesk@zimmo.be&ssm=62394366547801567105511800358595&ssn=beee121bf66ebe0a2499fc321579e7652ee66dbfa6ba-3971-45d4-ae0299&sso=7e2756cf-fa6fca035ad04534bdc115f937bf80cc2712311af581d8c2&ssp=59899303601651211859165124600763354&ssq=52941775252289651521952522053914279096772&ssr=MTc4LjE2Mi4yMDkuMTMy&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.41%20Safari/537.36&ssv=&ssw=&ssx=W10=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05ff20a409e1b8404326b2253467f94d3e8f4af41a7dcb90cf9b27829d35a46b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://validate.perfdrive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 17:15:22 GMT
via
1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
etag
W/"b4d3dce1e99506a4288cef5fa44792b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-pop
DUS51-P2
cf-ray
7039adebfa7c5c14-FRA
x-amz-cf-id
-G2ebpIkZw3Ss24dCj7BfhX8iSvqPFq2U1qam5xJoLka0W7XiV69cg==
aperture.js
cdn.perfdrive.com/aperture/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: validate.perfdrive.com
URL: https://validate.perfdrive.com/21240cc12f281084e3ed3f9d063dd905/?ssa=77173c67-2855-48df-a89e-61d247ac039b&ssb=91306295656&ssc=https%3A%2F%2Fwww.zimmo.be%2Fnl%2F%3Fgemeente%3D9920%26utm_source%3Dstandaard%26utm_campaign%3Dcrosspromo%26utm_medium%3Dnewsletter_PM%26utm_term%3Dmeer-top&ssi=d463ed6f-a26d-423c-90c8-c109cf5ee3bd&ssk=helpdesk@zimmo.be&ssm=62394366547801567105511800358595&ssn=beee121bf66ebe0a2499fc321579e7652ee66dbfa6ba-3971-45d4-ae0299&sso=7e2756cf-fa6fca035ad04534bdc115f937bf80cc2712311af581d8c2&ssp=59899303601651211859165124600763354&ssq=52941775252289651521952522053914279096772&ssr=MTc4LjE2Mi4yMDkuMTMy&sst=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.41%20Safari/537.36&ssv=&ssw=&ssx=W10=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
1ef89c6057c63e1fd2bda3054817b95cb244d353dc1dafd2736e0ad49ca97924

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://validate.perfdrive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:48:52 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 12:48:00 GMT
server
nginx/1.10.1
age
1590
etag
W/"616ebe80-ae3a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13453
via
1.1 google
hcaptcha-challenge.html
newassets.hcaptcha.com/captcha/v1/c65510b/static/ Frame 3CA2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2ad0beae827eb96a0a35819f8789699421717a0a283d89b1399f89ed942486e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://validate.perfdrive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9774
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
7039adec4afe5c14-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 29 Apr 2022 17:15:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
x-amz-cf-id
SdaHqpYG1xx7AjBylcTSdueLG_ACZ6T8OH4r4ddZjRYaTAVXhpDoVg==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha-checkbox.html
newassets.hcaptcha.com/captcha/v1/c65510b/static/ Frame 8EDB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe5013fd6295f6ca0e825ccdbebd28691cd7329c475c6cfb5c2477bfa00fa5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://validate.perfdrive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
7039adec4afb5c14-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 29 Apr 2022 17:15:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-id
bCEjd3irkuiim1fkhDZMQYS_nmokCahaaTseThA1ZDqBjWEFfP23kQ==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
jsdata
cas.avalon.perfdrive.com/ 		151 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
856bad45bf7d2529e8e62d5c3e60f16bdcc02cd46a4b29595598afec98d3a8f0

Request headers

Referer
https://validate.perfdrive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Fri, 29 Apr 2022 17:15:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		151 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
c8d1eb37626d1c9e3ca099e01f1b1025e0cc353952642e4f173e0fef7788dacb

Request headers

Referer
https://validate.perfdrive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Fri, 29 Apr 2022 17:15:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		151 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
50a5b68da2af513c726c1bfdf9353255a505f93fef706f832dc40846ae62e129

Request headers

Referer
https://validate.perfdrive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
10ms
date
Fri, 29 Apr 2022 17:15:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
content-type
text/plain; charset=UTF-8
hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/c65510b/ Frame 3CA2 		206 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-challenge.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea8974edf42587189349d61e463c18f56b970fa9f767baac038af41ac7f9546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 17:15:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
9773
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60442
access-control-allow-origin
*
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
etag
"afd4b48e139bbf94eb2c3439625e497a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
cf-ray
7039adec8b655c14-FRA
x-amz-cf-id
W5C4yfGNAls5Ets_nVoJ9b7t9yoCksxqWctV-3puSKftWXCzDCBemQ==
hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/c65510b/ Frame 8EDB 		134 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-checkbox.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9e4c5b88baadb7f64da4b24832b535113a18f22ebc919e1f8f5dd0f9a18d400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 17:15:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
9773
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43687
access-control-allow-origin
*
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
etag
"d17ce84807a9ca89bce386d8552b9ec2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
cf-ray
7039adec8b6a5c14-FRA
x-amz-cf-id
WRPlCgsqOG3NHzJDRCxgmXDhZ4c29NcQxbK6_u9KILx13B9QxQ3Tgw==
truncated
/ Frame 8EDB 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 8EDB 		543 B
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=c65510b&host=validate.perfdrive.com&sitekey=ae73173b-7003-44e0-bc87-654d0dab8b75&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-checkbox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eccacffcba18d9ec5b86e4eeacbe54301f0f60fdbbc69f6b5aa3f481d0dd74b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Cache-Control
no-cache
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Fri, 29 Apr 2022 17:15:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7039aded0cfe9948-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
checksiteconfig
hcaptcha.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=c65510b&host=validate.perfdrive.com&sitekey=ae73173b-7003-44e0-bc87-654d0dab8b75&sc=1&swa=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type
Access-Control-Request-Method
GET
Origin
https://newassets.hcaptcha.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://newassets.hcaptcha.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
7039adececec9b31-FRA
content-length
0
date
Fri, 29 Apr 2022 17:15:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
hsw.js
newassets.hcaptcha.com/c/9bbde097/ Frame 3CA2 		958 KB
360 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/9bbde097/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d45794c83356dbd469f1ac17acf38661dae1d569bb2348711da4a9f9732c5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 17:15:23 GMT
via
1.1 bdb48db5b688ca8c8dee7661b221599a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
13339
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 28 Apr 2022 13:27:15 GMT
server
cloudflare
etag
W/"11a03d285fbe15888c6a0f0e9586e068"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
TXL50-P3
cf-ray
7039aded5de69948-FRA
x-amz-cf-id
j0BvTuHhv9K4tFGqHYy_8_ViLsawC-9hbS3nVbjWYKKWISZdnflqqA==

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| __uzdbm_1 string| __uzdbm_2 number| SSJSInternal object| SSJSConnectorObj object| hcaptcha object| grecaptcha object| ssTimeLogs object| BrowserStyle string| j function| ssJSActionTaker function| ssJSConnWriteCookies number| __sstemp object| ssEventCollectorFunctions string| eventName

17 Cookies

Domain/Path Name / Value
www.zimmo.be/ Name: __uzma
Value: 6dbfa6ba-3971-45d4-a6cf-fa6fca035ad0
www.zimmo.be/ Name: __uzmb
Value: 1651252522
www.zimmo.be/ Name: __uzme
Value: 6671
www.zimmo.be/ Name: __uzmc
Value: 420601018989
www.zimmo.be/ Name: __uzmd
Value: 1651252522
www.zimmo.be/ Name: rdw_storereferer
Value:
validate.perfdrive.com/ Name: PHPSESSID
Value: g107ikicu7j2g3553c9ah9r4am
validate.perfdrive.com/ Name: __uzma
Value: 6dbfa6ba-3971-45d4-a6cf-fa6fca035ad0
validate.perfdrive.com/ Name: __uzmb
Value: 1651252522
validate.perfdrive.com/ Name: __uzmc
Value: 353371031369
validate.perfdrive.com/ Name: __uzmd
Value: 1651252522
.perfdrive.com/ Name: __ssds
Value: 2
.perfdrive.com/ Name: __ssuzjsr2
Value: a9be0cd8e
.perfdrive.com/ Name: __uzmaj2
Value: 7579d233-d00f-471e-a12d-af92802179dd
.perfdrive.com/ Name: __uzmbj2
Value: 1651252522
.perfdrive.com/ Name: __uzmcj2
Value: 957211024340
.perfdrive.com/ Name: __uzmdj2
Value: 1651252522