urlscan.io logo urlscan.io
SecurityTrails logo

aqsjsyjekjem8pv0jp1qda.on.drv.tw Open in urlscan Pro
47.251.10.111  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tinyurl.com/bdnae48t
Effective URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Submission: On April 24 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 13 domains to perform 31 HTTP transactions. The main IP is 47.251.10.111, located in Santa Clara, United States and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is aqsjsyjekjem8pv0jp1qda.on.drv.tw.
TLS certificate: Issued by R3 on February 27th 2024. Valid for: 3 months.
This is the only time aqsjsyjekjem8pv0jp1qda.on.drv.tw was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Dropbox (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.1.225 13335 (CLOUDFLAR...)
10 14 47.251.10.111 45102 (ALIBABA-C...)
2 104.18.11.207 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 2620:0:890::100 54113 (FASTLY)
10 10 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 20.50.153.39 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.67 15169 (GOOGLE)
31 14
1    172.67.1.225 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
14    47.251.10.111 (Santa Clara, United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
aqsjsyjekjem8pv0jp1qda.on.drv.tw
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
drobx1234.web.app
10    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
drive.google.com
10    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    20.50.153.39 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.drv.tw
3    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
www.google.fr
Apex Domain
Subdomains		 Transfer
15 drv.tw
aqsjsyjekjem8pv0jp1qda.on.drv.tw
www.drv.tw
7 KB
11 google.com
drive.google.com — Cisco Umbrella Rank: 287
region1.analytics.google.com — Cisco Umbrella Rank: 2941
5 KB
10 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
411 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2404
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
257 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
406 B
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1139
41 KB
1 google.fr
www.google.fr — Cisco Umbrella Rank: 20606
63 B
1 web.app
drobx1234.web.app
724 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
7 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 363
31 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230
12 KB
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 19149
844 B
31 13
Domain Requested by
14 aqsjsyjekjem8pv0jp1qda.on.drv.tw 10 redirects aqsjsyjekjem8pv0jp1qda.on.drv.tw
10 lh3.googleusercontent.com aqsjsyjekjem8pv0jp1qda.on.drv.tw
10 drive.google.com 10 redirects
3 www.googletagmanager.com www.drv.tw
www.googletagmanager.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 maxcdn.bootstrapcdn.com aqsjsyjekjem8pv0jp1qda.on.drv.tw
1 www.google.fr aqsjsyjekjem8pv0jp1qda.on.drv.tw
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.drv.tw aqsjsyjekjem8pv0jp1qda.on.drv.tw
1 drobx1234.web.app aqsjsyjekjem8pv0jp1qda.on.drv.tw
1 cdnjs.cloudflare.com aqsjsyjekjem8pv0jp1qda.on.drv.tw
1 ajax.googleapis.com aqsjsyjekjem8pv0jp1qda.on.drv.tw
1 use.fontawesome.com aqsjsyjekjem8pv0jp1qda.on.drv.tw
1 tinyurl.com 1 redirects
31 16

This site contains no links.

Subject Issuer Validity Valid
drv.tw
R3		 2024-02-27 -
2024-05-27		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
web.app
GTS CA 1D4		 2024-03-21 -
2024-06-19		 3 months crt.sh
www.drv.tw
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-12-18 -
2024-06-18		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Frame ID: E766344BFE782E6DAA6EBB95409B2AFC
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dropbox

Page URL History Show full URLs

  1. https://tinyurl.com/bdnae48t HTTP 301
    https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

68 %
HTTPS

63 %
IPv6

13
Domains

16
Subdomains

14
IPs

5
Countries

785 kB
Transfer

1583 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinyurl.com/bdnae48t HTTP 301
    https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/lg.png HTTP 302
  • https://drive.google.com/thumbnail?sz=w1000&id=1BoHuieBCZgwyHzBrcsH8WlL8PeJLSgxa HTTP 302
  • https://lh3.googleusercontent.com/d/1BoHuieBCZgwyHzBrcsH8WlL8PeJLSgxa=w1000
Request Chain 10
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/bx.jpg HTTP 302
  • https://drive.google.com/thumbnail?sz=w1000&id=13DhG4jPkMcw1nXZPdy3Ap_VbLXVdNBY2 HTTP 302
  • https://lh3.googleusercontent.com/d/13DhG4jPkMcw1nXZPdy3Ap_VbLXVdNBY2=w1000
Request Chain 11
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/x.png HTTP 302
  • https://drive.google.com/thumbnail?sz=w1000&id=1-DuafCUOFPeuKK4r9z6nXhetuSCrkQ8l HTTP 302
  • https://lh3.googleusercontent.com/d/1-DuafCUOFPeuKK4r9z6nXhetuSCrkQ8l=w1000
Request Chain 12
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/px.png HTTP 302
  • https://drive.google.com/thumbnail?sz=w1000&id=1wvPZo6SBa3RVCtzP4MRjYmXzPOYCEXDy HTTP 302
  • https://lh3.googleusercontent.com/d/1wvPZo6SBa3RVCtzP4MRjYmXzPOYCEXDy=w1000
Request Chain 13
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/vb.png HTTP 302
  • https://drive.google.com/thumbnail?sz=w1000&id=1nFbajYOOIwY4Jc7BQVeOsocK2pswo8mp HTTP 302
  • https://lh3.googleusercontent.com/d/1nFbajYOOIwY4Jc7BQVeOsocK2pswo8mp=w1000
Request Chain 14
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/xc.png HTTP 302
  • https://drive.google.com/thumbnail?sz=w1000&id=1V1oiiG75wtNN3xfoFwt31PtAFy9Dw2Kb HTTP 302
  • https://lh3.googleusercontent.com/d/1V1oiiG75wtNN3xfoFwt31PtAFy9Dw2Kb=w1000
Request Chain 15
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/li.png HTTP 302
  • https://drive.google.com/thumbnail?sz=w1000&id=1DrGn4olLHNdPtk7Mm4XvBV48EqmaMagK HTTP 302
  • https://lh3.googleusercontent.com/d/1DrGn4olLHNdPtk7Mm4XvBV48EqmaMagK=w1000
Request Chain 16
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/gf.gif HTTP 302
  • https://drive.google.com/thumbnail?sz=w1000&id=1KupSOoKf9jy43cD7-3oHajp_7z_M6XNv HTTP 302
  • https://lh3.googleusercontent.com/d/1KupSOoKf9jy43cD7-3oHajp_7z_M6XNv=w1000
Request Chain 17
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/hj.png HTTP 302
  • https://drive.google.com/thumbnail?sz=w1000&id=1tLXKrfVeE18hrIRo0aWqlmvG8-wIXgdd HTTP 302
  • https://lh3.googleusercontent.com/d/1tLXKrfVeE18hrIRo0aWqlmvG8-wIXgdd=w1000
Request Chain 29
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/favicon.ico HTTP 302
  • https://drive.google.com/thumbnail?sz=w1000&id=1XRKHp7Z-HND6-1CcgNGIuMkNq5W3jEaf HTTP 302
  • https://lh3.googleusercontent.com/d/1XRKHp7Z-HND6-1CcgNGIuMkNq5W3jEaf=w1000

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Tilcq.html
aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/
Redirect Chain
  • https://tinyurl.com/bdnae48t
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.251.10.111 Santa Clara, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
97e7d5abb2702576373742c2454b7f095af90ee233a3597f936064f31fdccfef

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, s-maxage=43200, max-age=43200
content-encoding
gzip
content-type
text/html
date
Wed, 24 Apr 2024 14:54:21 GMT
last-modified
Mon, 15 Apr 2024 18:46:16 GMT
server
nginx/1.14.0 (Ubuntu)
vary
Origin, Sec-Fetch-Mode, X-Requested-Wtih Accept-Encoding
x-cache
MISS

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
cf-cache-status
EXPIRED
cf-ray
8796ed871a8a3a5c-FRA
content-type
text/html; charset=UTF-8
date
Wed, 24 Apr 2024 14:54:18 GMT
location
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
referrer-policy
unsafe-url
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex
x-tinyurl-redirect
eyJpdiI6IjhxVTl3M1Q4V29GSGpBZEtxbFZaOWc9PSIsInZhbHVlIjoiMUJmMVc1ZjdHdVJjcVN6TmtJQ21nMlFsL3pXWldkY3RQY2hUT1dzek5lWGNISHlrQ2YvUTlPQjFrYWRFSllxL2tOOXNrakxmajFsUVVXQkk5QXZockE9PSIsIm1hYyI6ImI0Y2VkN2E4MGM5YzU1ZDA2M2Y5OTE0Mjk2MzIzZTIyZmY1N2U4MmYyNTQyOTNlMGUzY2JkZjBmYzE1ZWE2MjQiLCJ0YWciOiIifQ==
x-tinyurl-redirect-type
redirect
x-xss-protection
1; mode=block
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
940
age
3796552
cdn-cachedat
10/31/2023 19:21:59
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"816af0eddd3b4822c2756227c7e7b7ee"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
dade0f2843640cd67f4dd4f8047f5670
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8796ed9b9acbd560-CDG
cdn-requestpullsuccess
True
all.css
use.fontawesome.com/releases/v5.7.0/css/ 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.0/css/all.css
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Origin
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
465249
etag
W/"251d28bd755f5269a4531df8a81d5664"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylkdKA7m9DB3a3xhLSFnI8RClmxX4sGoZ2wbivLlHPi%2BzX2F7oaM1dEFePZ9JTkOeZW0ScIUhzj%2BZ67Rf3pI9DH9V7F3K6%2BZmqoD2YLHo1%2BFpF6yi%2FJx6PC5NauA2YZ5hCO%2BC3uJNn2CFHC8KMgr2c7i"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8796ed9be8299ed7-CDG
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Apr 2025 14:16:24 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
637681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6696
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-5309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zd7iV7Z3yRio6yGw9KLMIT2cBas1AOMdtBq3z7DGNNzlMNqBcRPBnEO067U8Vv5obxmwsUSyDjyd0o3I1QGVyIkkedO0Fh8XyzOs85YdNTPraFReLb9B%2BxWQI13%2Fv6EAz6sM0bV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8796ed9b98929eca-CDG
expires
Mon, 14 Apr 2025 14:54:22 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
947
age
3792459
cdn-cachedat
11/07/2023 20:04:46
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"02d223393e00c273efdcb1ade8f4f8b1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
0303e1da077cfc56f5a98881226e84ee
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
8796ed9b9acfd560-CDG
cdn-requestpullsuccess
True
main.js
drobx1234.web.app/ 		1 KB
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://drobx1234.web.app/main.js
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
002e81a1b97a39daaa4ec97ba7e6d4484cc825d972e85c884fc3421ff08e32d3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-lcy-eglc8600054-LCY
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 24 Apr 2024 14:54:22 GMT
last-modified
Mon, 15 Apr 2024 18:45:47 GMT
x-timer
S1713970462.072992,VS0,VE1
etag
"a5a662581b0c37feee2ab55eb27ca395aed2db376cc3e5c85808ba23088a3007-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
352
x-cache-hits
0
firebase-app.js
aqsjsyjekjem8pv0jp1qda.on.drv.tw/__/firebase/8.2.7/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/__/firebase/8.2.7/firebase-app.js
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.251.10.111 Santa Clara, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
cache-control
public, s-maxage=604800, max-age=604800
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
content-type
text/html
firebase-analytics.js
aqsjsyjekjem8pv0jp1qda.on.drv.tw/__/firebase/8.2.7/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/__/firebase/8.2.7/firebase-analytics.js
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.251.10.111 Santa Clara, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
cache-control
public, s-maxage=604800, max-age=604800
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
content-type
text/html
init.js
aqsjsyjekjem8pv0jp1qda.on.drv.tw/__/firebase/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/__/firebase/init.js
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.251.10.111 Santa Clara, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
cache-control
public, s-maxage=604800, max-age=604800
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
content-type
text/html
1BoHuieBCZgwyHzBrcsH8WlL8PeJLSgxa=w1000
lh3.googleusercontent.com/d/
Redirect Chain
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/lg.png
  • https://drive.google.com/thumbnail?sz=w1000&id=1BoHuieBCZgwyHzBrcsH8WlL8PeJLSgxa
  • https://lh3.googleusercontent.com/d/1BoHuieBCZgwyHzBrcsH8WlL8PeJLSgxa=w1000
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/d/1BoHuieBCZgwyHzBrcsH8WlL8PeJLSgxa=w1000
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2cf9051830ddbd20982683841e5cf52c7c183c67f6d45de067caf1ca24d04664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="lg.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7460
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 24 Apr 2024 14:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/DriveThumbnailHttp/cspreport, script-src 'report-sample' 'nonce-CXxvPfMgdNxibIaFUElHqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveThumbnailHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveThumbnailHttp/cspreport/allowlist
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://lh3.googleusercontent.com/d/1BoHuieBCZgwyHzBrcsH8WlL8PeJLSgxa=w1000
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
13DhG4jPkMcw1nXZPdy3Ap_VbLXVdNBY2=w1000
lh3.googleusercontent.com/d/
Redirect Chain
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/bx.jpg
  • https://drive.google.com/thumbnail?sz=w1000&id=13DhG4jPkMcw1nXZPdy3Ap_VbLXVdNBY2
  • https://lh3.googleusercontent.com/d/13DhG4jPkMcw1nXZPdy3Ap_VbLXVdNBY2=w1000
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/d/13DhG4jPkMcw1nXZPdy3Ap_VbLXVdNBY2=w1000
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8c41ec365f715d8d655a3b811d37dd446eb1ac9b74db397c5db4026f34270b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="bx.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3262
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 24 Apr 2024 14:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-K4tvss50p4vhsTFyiPwr6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveThumbnailHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveThumbnailHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveThumbnailHttp/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://lh3.googleusercontent.com/d/13DhG4jPkMcw1nXZPdy3Ap_VbLXVdNBY2=w1000
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
1-DuafCUOFPeuKK4r9z6nXhetuSCrkQ8l=w1000
lh3.googleusercontent.com/d/
Redirect Chain
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/x.png
  • https://drive.google.com/thumbnail?sz=w1000&id=1-DuafCUOFPeuKK4r9z6nXhetuSCrkQ8l
  • https://lh3.googleusercontent.com/d/1-DuafCUOFPeuKK4r9z6nXhetuSCrkQ8l=w1000
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/d/1-DuafCUOFPeuKK4r9z6nXhetuSCrkQ8l=w1000
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7253f301aa0fd63fad4935c51eba121f766a630a9f47b25d24cd7b281e3ca943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="x.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14950
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 24 Apr 2024 14:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-R8pEzNTQmdJ6SDk_VVdyEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveThumbnailHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveThumbnailHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveThumbnailHttp/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://lh3.googleusercontent.com/d/1-DuafCUOFPeuKK4r9z6nXhetuSCrkQ8l=w1000
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
1wvPZo6SBa3RVCtzP4MRjYmXzPOYCEXDy=w1000
lh3.googleusercontent.com/d/
Redirect Chain
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/px.png
  • https://drive.google.com/thumbnail?sz=w1000&id=1wvPZo6SBa3RVCtzP4MRjYmXzPOYCEXDy
  • https://lh3.googleusercontent.com/d/1wvPZo6SBa3RVCtzP4MRjYmXzPOYCEXDy=w1000
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/d/1wvPZo6SBa3RVCtzP4MRjYmXzPOYCEXDy=w1000
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5eedb987a0d26a60527854460e67bb0762de152f45b5be580de5aa21e524d309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="px.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8183
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 24 Apr 2024 14:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-i5YkxkRCKOVHME0PbDe-Zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveThumbnailHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveThumbnailHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveThumbnailHttp/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://lh3.googleusercontent.com/d/1wvPZo6SBa3RVCtzP4MRjYmXzPOYCEXDy=w1000
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
1nFbajYOOIwY4Jc7BQVeOsocK2pswo8mp=w1000
lh3.googleusercontent.com/d/
Redirect Chain
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/vb.png
  • https://drive.google.com/thumbnail?sz=w1000&id=1nFbajYOOIwY4Jc7BQVeOsocK2pswo8mp
  • https://lh3.googleusercontent.com/d/1nFbajYOOIwY4Jc7BQVeOsocK2pswo8mp=w1000
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/d/1nFbajYOOIwY4Jc7BQVeOsocK2pswo8mp=w1000
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6299c8adcc031c1337bebb45dce9b5d3893f0fcf2348420a4836126bee1688cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="vb.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1191
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 24 Apr 2024 14:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/DriveThumbnailHttp/cspreport, script-src 'report-sample' 'nonce-6ED5-cXAi1PrmJEtiR1JQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveThumbnailHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveThumbnailHttp/cspreport/allowlist
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://lh3.googleusercontent.com/d/1nFbajYOOIwY4Jc7BQVeOsocK2pswo8mp=w1000
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
1V1oiiG75wtNN3xfoFwt31PtAFy9Dw2Kb=w1000
lh3.googleusercontent.com/d/
Redirect Chain
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/xc.png
  • https://drive.google.com/thumbnail?sz=w1000&id=1V1oiiG75wtNN3xfoFwt31PtAFy9Dw2Kb
  • https://lh3.googleusercontent.com/d/1V1oiiG75wtNN3xfoFwt31PtAFy9Dw2Kb=w1000
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/d/1V1oiiG75wtNN3xfoFwt31PtAFy9Dw2Kb=w1000
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
67c0549bd281491d964bc3638bf469ab3ce6a10ae0fd28d77b8e123943450bd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="xc.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1971
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 24 Apr 2024 14:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/DriveThumbnailHttp/cspreport, script-src 'report-sample' 'nonce-5myztLyY2zikBmAyB3fIQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveThumbnailHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveThumbnailHttp/cspreport/allowlist
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://lh3.googleusercontent.com/d/1V1oiiG75wtNN3xfoFwt31PtAFy9Dw2Kb=w1000
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
1DrGn4olLHNdPtk7Mm4XvBV48EqmaMagK=w1000
lh3.googleusercontent.com/d/
Redirect Chain
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/li.png
  • https://drive.google.com/thumbnail?sz=w1000&id=1DrGn4olLHNdPtk7Mm4XvBV48EqmaMagK
  • https://lh3.googleusercontent.com/d/1DrGn4olLHNdPtk7Mm4XvBV48EqmaMagK=w1000
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/d/1DrGn4olLHNdPtk7Mm4XvBV48EqmaMagK=w1000
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9bba34ed5d6df9bb5cb2fbd11c2330c47904447fb65e6bccc96f0211d79d2c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="li.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3921
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 24 Apr 2024 14:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/DriveThumbnailHttp/cspreport, script-src 'report-sample' 'nonce-1dlBoj3c-6ruCo5MKLXHDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveThumbnailHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveThumbnailHttp/cspreport/allowlist
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://lh3.googleusercontent.com/d/1DrGn4olLHNdPtk7Mm4XvBV48EqmaMagK=w1000
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
1KupSOoKf9jy43cD7-3oHajp_7z_M6XNv=w1000
lh3.googleusercontent.com/d/
Redirect Chain
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/gf.gif
  • https://drive.google.com/thumbnail?sz=w1000&id=1KupSOoKf9jy43cD7-3oHajp_7z_M6XNv
  • https://lh3.googleusercontent.com/d/1KupSOoKf9jy43cD7-3oHajp_7z_M6XNv=w1000
350 KB
350 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/d/1KupSOoKf9jy43cD7-3oHajp_7z_M6XNv=w1000
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
73257fb51b4e9c849a46820ae181173030b1a15d1c5a597f5840e353b438b33a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="gf.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357935
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 24 Apr 2024 14:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-XzCToMhVpo_s7gyQuhDRRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveThumbnailHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveThumbnailHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveThumbnailHttp/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://lh3.googleusercontent.com/d/1KupSOoKf9jy43cD7-3oHajp_7z_M6XNv=w1000
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
1tLXKrfVeE18hrIRo0aWqlmvG8-wIXgdd=w1000
lh3.googleusercontent.com/d/
Redirect Chain
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/hj.png
  • https://drive.google.com/thumbnail?sz=w1000&id=1tLXKrfVeE18hrIRo0aWqlmvG8-wIXgdd
  • https://lh3.googleusercontent.com/d/1tLXKrfVeE18hrIRo0aWqlmvG8-wIXgdd=w1000
19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/d/1tLXKrfVeE18hrIRo0aWqlmvG8-wIXgdd=w1000
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b6a4e4eb69c0c7601ff58f4546567810128008e2cb99dc08c22bba4093b4a722
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="hj.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18990
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 24 Apr 2024 14:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-3EDA0iZ8KnnYzFW63KWfVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveThumbnailHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveThumbnailHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveThumbnailHttp/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://lh3.googleusercontent.com/d/1tLXKrfVeE18hrIRo0aWqlmvG8-wIXgdd=w1000
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
wd.js
www.drv.tw/inc/ 		690 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.drv.tw/inc/wd.js?s=aqsjsyjekjem8pv0jp1qda
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.153.39 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f33b00ff60ba75c03cfd1a1a5d0be37fb7bba6718ef54bf9898a53e1c72f87f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Tue, 20 Feb 2024 14:16:48 GMT
x-content-type-options
nosniff
etag
"76615853"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		188 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Requested by
Host: www.drv.tw
URL: https://www.drv.tw/inc/wd.js?s=aqsjsyjekjem8pv0jp1qda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ef16cbc338df9877d4e816bb661ce0947353ef3c554a086ebc09a87f6fc20ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70052
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Apr 2024 14:54:22 GMT
js
www.googletagmanager.com/gtag/ 		238 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8dc01b10c16974dce9de91019eb93c013261c15c389005172ec0da52b59de1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88714
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Apr 2024 14:54:22 GMT
js
www.googletagmanager.com/gtag/ 		308 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce163be6ccfef859f494b97347ce08368a475ab4eecc9785a0c7a44a518c7ece
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:54:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103620
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Apr 2024 14:54:22 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 13:41:00 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4403
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 24 Apr 2024 15:41:00 GMT
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NBGQJBJMEG&gtm=45je44m0za200&_p=1713970462630&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=569304676.1713970463&ul=fr-fr&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1713970463&sct=1&seg=0&dl=https%3A%2F%2Faqsjsyjekjem8pv0jp1qda.on.drv.tw%2Fros%2FTilcq.html%3FX0thr%3Dsales%40beringer-aero.com&dt=Dropbox&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4409
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 14:54:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
267 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-LHL0SH0Z7S&gtm=45je44m0v898224655za200&_p=1713970462630&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=569304676.1713970463&ul=fr-fr&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1713970463&sct=1&seg=0&dl=https%3A%2F%2Faqsjsyjekjem8pv0jp1qda.on.drv.tw%2Fros%2FTilcq.html%3FX0thr%3Dsales%40beringer-aero.com&dt=Dropbox&en=page_view&_fv=1&_ss=1&tfd=4470
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 14:54:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LHL0SH0Z7S&cid=569304676.1713970463&gtm=45je44m0v898224655za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 14:54:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LHL0SH0Z7S&cid=569304676.1713970463&gtm=45je44m0v898224655za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=489173457
Requested by
Host: aqsjsyjekjem8pv0jp1qda.on.drv.tw
URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 14:54:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=914002881&t=pageview&_s=1&dl=https%3A%2F%2Faqsjsyjekjem8pv0jp1qda.on.drv.tw%2Fros%2FTilcq.html%3FX0thr%3Dsales%40beringer-aero.com&ul=fr-fr&de=UTF-8&dt=Dropbox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=618579635&gjid=435112982&cid=569304676.1713970463&tid=UA-85417367-1&_gid=1105898791.1713970463&_r=1&gtm=457e44m0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1921935897
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 14:54:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-85417367-1&cid=569304676.1713970463&jid=618579635&gjid=435112982&_gid=1105898791.1713970463&npa=1&_u=YADAAUAAAAAAACAAI~&z=803968293
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 24 Apr 2024 14:54:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1XRKHp7Z-HND6-1CcgNGIuMkNq5W3jEaf=w1000
lh3.googleusercontent.com/d/
Redirect Chain
  • https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/favicon.ico
  • https://drive.google.com/thumbnail?sz=w1000&id=1XRKHp7Z-HND6-1CcgNGIuMkNq5W3jEaf
  • https://lh3.googleusercontent.com/d/1XRKHp7Z-HND6-1CcgNGIuMkNq5W3jEaf=w1000
1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lh3.googleusercontent.com/d/1XRKHp7Z-HND6-1CcgNGIuMkNq5W3jEaf=w1000
Protocol
H2
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d277f1861cf82c4a66c261ff9c8d289c31bcff784d043bdb5482f011bfdff3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 14:54:23 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="favicon.ico.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1401
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 24 Apr 2024 14:54:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/DriveThumbnailHttp/cspreport, script-src 'report-sample' 'nonce-WFLOyk7gqfeA-xRwve90CQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveThumbnailHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveThumbnailHttp/cspreport/allowlist
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://lh3.googleusercontent.com/d/1XRKHp7Z-HND6-1CcgNGIuMkNq5W3jEaf=w1000
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Dropbox (Consumer)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

8 Cookies

Domain/Path Name / Value
.tinyurl.com/ Name: __cf_bm
Value: StZgjNlIFBj5TacgA.MaKqHwgKKFsp6tTA4qZ8UBjWo-1713970458-1.0.1.1-ymhswObCVG_3volNKkOEZLVeJ81iAlc1EEPxvDUfIQVeEEfRF36yDZapjVJMMAvkx3NiL8RlONsKnrVed2DPwQ
aqsjsyjekjem8pv0jp1qda.on.drv.tw/ Name: uid
Value: rBI/+mYpHR2Nzitaabk4Ag==
.google.com/ Name: NID
Value: 513=V1n-hL14755gjh3UQTqWVLrTP8l37dq3cTz8hz-64DGCfa_LkDbUzzeAP-6M4WbRNXHIu9TSZmSNl-73Cul9hOh0GBzA5ua8Y95kChc_aV5j7WiLvLvHWdBYmlkBIOAD4rH4vqUDZGb3NxRUXcxc1PWQnVZT8Pu5pO5slx80sZo
.drv.tw/ Name: _ga_LHL0SH0Z7S
Value: GS1.1.1713970463.1.0.1713970463.60.0.0
.drv.tw/ Name: _ga
Value: GA1.2.569304676.1713970463
.drv.tw/ Name: _gid
Value: GA1.2.1105898791.1713970463
.drv.tw/ Name: _gat_gtag_UA_85417367_1
Value: 1
.drv.tw/ Name: _ga_NBGQJBJMEG
Value: GS1.1.1713970463.1.0.1713970463.0.0.0

15 Console Messages

Source Level URL
Text
network error URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/__/firebase/8.2.7/firebase-app.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/__/firebase/8.2.7/firebase-analytics.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/__/firebase/init.js
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aqsjsyjekjem8pv0jp1qda.on.drv.tw/ros/Tilcq.html?X0thr=sales@beringer-aero.com
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
aqsjsyjekjem8pv0jp1qda.on.drv.tw
cdnjs.cloudflare.com
drive.google.com
drobx1234.web.app
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
tinyurl.com
use.fontawesome.com
www.drv.tw
www.google-analytics.com
www.google.fr
www.googletagmanager.com
104.17.24.14
104.18.11.207
142.250.185.67
172.67.1.225
20.50.153.39
2001:4860:4802:32::36
2001:4860:4802:34::36
2606:4700:3036::6815:1b98
2620:0:890::100
2a00:1450:4001:801::200a
2a00:1450:4001:801::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2001
2a00:1450:400c:c02::9b
47.251.10.111
002e81a1b97a39daaa4ec97ba7e6d4484cc825d972e85c884fc3421ff08e32d3
2cf9051830ddbd20982683841e5cf52c7c183c67f6d45de067caf1ca24d04664
4f33b00ff60ba75c03cfd1a1a5d0be37fb7bba6718ef54bf9898a53e1c72f87f
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5eedb987a0d26a60527854460e67bb0762de152f45b5be580de5aa21e524d309
6299c8adcc031c1337bebb45dce9b5d3893f0fcf2348420a4836126bee1688cc
67c0549bd281491d964bc3638bf469ab3ce6a10ae0fd28d77b8e123943450bd8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ef16cbc338df9877d4e816bb661ce0947353ef3c554a086ebc09a87f6fc20ac
7253f301aa0fd63fad4935c51eba121f766a630a9f47b25d24cd7b281e3ca943
73257fb51b4e9c849a46820ae181173030b1a15d1c5a597f5840e353b438b33a
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
8c41ec365f715d8d655a3b811d37dd446eb1ac9b74db397c5db4026f34270b41
97e7d5abb2702576373742c2454b7f095af90ee233a3597f936064f31fdccfef
9bba34ed5d6df9bb5cb2fbd11c2330c47904447fb65e6bccc96f0211d79d2c37
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae
b6a4e4eb69c0c7601ff58f4546567810128008e2cb99dc08c22bba4093b4a722
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c8dc01b10c16974dce9de91019eb93c013261c15c389005172ec0da52b59de1d
ce163be6ccfef859f494b97347ce08368a475ab4eecc9785a0c7a44a518c7ece
d277f1861cf82c4a66c261ff9c8d289c31bcff784d043bdb5482f011bfdff3ee
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d