urlscan.io logo urlscan.io
SecurityTrails logo

visitor.weyou-group.com Open in urlscan Pro
52.233.164.195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://weyou-group.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ2aXNpdG9yLndleW91LWdyb3VwLmNvbSUyRmhlYXZlbnQtcG...
Effective URL: https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
Submission: On April 22 via api from HU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 14 HTTP transactions. The main IP is 52.233.164.195, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is visitor.weyou-group.com.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on February 12th 2022. Valid for: 6 months.
This is the only time visitor.weyou-group.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.23.35.249 14618 (AMAZON-AES)
7 52.233.164.195 8075 (MICROSOFT...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:133... 15133 (EDGECAST)
2 13.69.106.88 8075 (MICROSOFT...)
14 5
1    23.23.35.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-35-249.compute-1.amazonaws.com
weyou-group.lt.acemlnc.com
7    52.233.164.195 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
visitor.weyou-group.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    13.69.106.88 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
7 weyou-group.com
visitor.weyou-group.com
95 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 855
304 B
2 gstatic.com
fonts.gstatic.com
33 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 238
71 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 1865
40 KB
1 acemlnc.com
weyou-group.lt.acemlnc.com
229 B
14 6
Domain Requested by
7 visitor.weyou-group.com visitor.weyou-group.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 fonts.gstatic.com visitor.weyou-group.com
2 cdnjs.cloudflare.com visitor.weyou-group.com
cdnjs.cloudflare.com
1 az416426.vo.msecnd.net visitor.weyou-group.com
1 weyou-group.lt.acemlnc.com 1 redirects
14 6

This site contains links to these domains. Also see Links.

Domain
connect.weyou-group.com
weyou-group.com
support.google.com
docs.microsoft.com
tarteaucitron.io
Subject Issuer Validity Valid
visitor.weyou-group.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-02-12 -
2022-08-12		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 02		 2022-02-08 -
2023-02-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
Frame ID: 07C9038C2427AD120664A2B4369AC538
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://weyou-group.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ2aXNpdG9yLndleW91LWdyb3VwLm... HTTP 302
    https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

240 kB
Transfer

604 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://weyou-group.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ2aXNpdG9yLndleW91LWdyb3VwLmNvbSUyRmhlYXZlbnQtcGFyaXMlMkYyMDIxJTJGaW5zY3JpcHRpb24lM0Zzb3VyY2UlM0RiYW9wZW4=&sig=AVDpzZU3Vytst5fWbh3EZpVGtU28XsFVTE3aY2XLpzoR&iat=1637671844&a=%7C%7C223741943%7C%7C&account=weyou-group%2Eactivehosted%2Ecom&email=coIZqLjY7VRj4YabCfUK4P6T0uZ2i8S86SAgb0BrzlQ%3D&s=4b6bf6ea3280cc6a243268e3474ed996&i=1604A1810A29A17566 HTTP 302
    https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request inscription
visitor.weyou-group.com/heavent-paris/2021/
Redirect Chain
  • https://weyou-group.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ2aXNpdG9yLndleW91LWdyb3VwLmNvbSUyRmhlYXZlbnQtcGFyaXMlMkYyMDIxJTJGaW5zY3JpcHRpb24lM0Zzb3VyY2UlM0RiYW9wZW4=&sig=AVD...
  • https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
15 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.164.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bfe2e94e87093636a9ba0af575aa54fad5603a0538039025204101b0700730a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
date
Fri, 22 Apr 2022 09:36:49 GMT
request-context
appId=cid-v1:1350ac50-8197-4959-8fab-ec8167cbfc0e
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

content-length
0
content-type
application/json
date
Fri, 22 Apr 2022 09:36:49 GMT
location
https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
x-amz-apigw-id
Q-ePtG1VoAMFYUg=
x-amzn-requestid
07692a2b-4f30-44e2-8994-bff996aa84c5
x-amzn-trace-id
Root=1-62627731-4ff300d82c8708b269d9b498;Sampled=0
bootstrap.min.css
visitor.weyou-group.com/css/ 		119 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://visitor.weyou-group.com/css/bootstrap.min.css
Requested by
Host: visitor.weyou-group.com
URL: https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.164.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a004c0c9b1aecd9528936819fbb3b782e61f9165243f0379d5b7d952616e76e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 09:36:49 GMT
content-encoding
gzip
etag
"1d75dba134e54ca"
last-modified
Thu, 10 Jun 2021 05:33:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
request-context
appId=cid-v1:1350ac50-8197-4959-8fab-ec8167cbfc0e
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: visitor.weyou-group.com
URL: https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visitor.weyou-group.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 09:36:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
114903
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4972
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-6b4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8w2GWwO0Lllz2QU9Ym4ZLVWb4tkE5VeYeBZXTEVBn2bNyXT3Lm3oAUpd%2FtwDXrq%2FF0k5oY149ve%2BLf%2FFyfBPuyWi4zMkHSArG%2B7dg%2B2%2FlwWD%2FWf%2FlPZvJzPzqMjxh7cYk6DTpri2BHVEJ%2FnCB9QHRlYm"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ffd609648fd9043-FRA
expires
Wed, 12 Apr 2023 09:36:49 GMT
common.min.css
visitor.weyou-group.com/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://visitor.weyou-group.com/css/common.min.css
Requested by
Host: visitor.weyou-group.com
URL: https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.164.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c47985436cd3a8ba2f42c77320832612962406309d10fb2a67fbbfb686707f52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 09:36:49 GMT
content-encoding
gzip
etag
"1d8136b04c69ff4"
last-modified
Thu, 27 Jan 2022 10:45:37 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
request-context
appId=cid-v1:1350ac50-8197-4959-8fab-ec8167cbfc0e
tarteaucitron.min.js
visitor.weyou-group.com/lib/tarteaucitronjs/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor.weyou-group.com/lib/tarteaucitronjs/tarteaucitron.min.js
Requested by
Host: visitor.weyou-group.com
URL: https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.164.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c9300f43f78332d2b317bf4308b97c2aa51bb1cabae498a530121386107aa2af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 09:36:49 GMT
content-encoding
gzip
etag
"1d75b9f05714809"
last-modified
Mon, 07 Jun 2021 13:14:18 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
request-context
appId=cid-v1:1350ac50-8197-4959-8fab-ec8167cbfc0e
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v18/ 		29 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdr.ttf
Requested by
Host: visitor.weyou-group.com
URL: https://visitor.weyou-group.com/css/common.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dff3d56568dbf75eb512aa3d220ff91bd8f33d334a381942509c6d55a4276d79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://visitor.weyou-group.com/
Origin
https://visitor.weyou-group.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 06:59:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16653
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 17 Apr 2023 06:59:34 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://visitor.weyou-group.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 09:36:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1296128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66624
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-10440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUCgQqffyLgerEUlymELGLcs4jsTWHLopTUFT6wQhs%2BxwKilooSouflpcjXYoUDCYhqr02MrVhxwHItUskLtJJt3NTfKQme0iLcINoGVcpO47CSR8vbeH%2BS1WzlNm10a%2Bq7NLDCxe94Zy1Z%2BD5tWH9nH"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ffd60968ca8920b-FRA
expires
Wed, 12 Apr 2023 09:36:49 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
fonts.gstatic.com/s/sourcesanspro/v18/ 		29 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
Requested by
Host: visitor.weyou-group.com
URL: https://visitor.weyou-group.com/css/common.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da5c7ddb0ede62fc2f64857fc37b8227ce1d51a8c0bce6823ec1b301e4047aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://visitor.weyou-group.com/
Origin
https://visitor.weyou-group.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 07:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16745
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 07:33:10 GMT
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/ 		120 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: visitor.weyou-group.com
URL: https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F5B) /
Resource Hash
feb5a95f889fd1ecdabaab0aece26b232bdb83017971c4636dce99105898f318

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visitor.weyou-group.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 22 Apr 2022 09:36:49 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
kIbzAcz/m2O65DekgfwJzw==
age
1785
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.7.4.min.js
content-length
40497
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 20:08:25 GMT
server
ECAcc (frc/8F5B)
x-ms-meta-aijssdkver
2.7.4
etag
0x8D9FC8868AFB46B
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
287c632a-c01e-0081-0728-5648af000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
expires
Fri, 22 Apr 2022 10:06:49 GMT
tarteaucitron.css
visitor.weyou-group.com/lib/tarteaucitronjs/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://visitor.weyou-group.com/lib/tarteaucitronjs/css/tarteaucitron.css?v=20201013
Requested by
Host: visitor.weyou-group.com
URL: https://visitor.weyou-group.com/lib/tarteaucitronjs/tarteaucitron.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.164.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4227af82bfdbb62062c4854b5dd69b6cc7d0cac8d3212bbd7650bb30e7e15146

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 09:36:49 GMT
content-encoding
gzip
etag
"1d75b9f0571a7a6"
last-modified
Mon, 07 Jun 2021 13:14:18 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
request-context
appId=cid-v1:1350ac50-8197-4959-8fab-ec8167cbfc0e
tarteaucitron.en.js
visitor.weyou-group.com/lib/tarteaucitronjs/lang/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor.weyou-group.com/lib/tarteaucitronjs/lang/tarteaucitron.en.js?v=20201013
Requested by
Host: visitor.weyou-group.com
URL: https://visitor.weyou-group.com/lib/tarteaucitronjs/tarteaucitron.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.164.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
990f5bd07f324ccc9f35de789055d0820ed45d43e02007814b4fd7bcf35ffedf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 09:36:49 GMT
content-encoding
gzip
etag
"1d75b9f0571fd6f"
last-modified
Mon, 07 Jun 2021 13:14:18 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
request-context
appId=cid-v1:1350ac50-8197-4959-8fab-ec8167cbfc0e
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://visitor.weyou-group.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Fri, 22 Apr 2022 09:36:49 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
800d6365c78f13b2cb758322af682188d15e26bf09773ddcae1fad4a85a486df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://visitor.weyou-group.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
A5712E1C-2BC3-48E3-B092-EC93B7AA8842
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Fri, 22 Apr 2022 09:36:50 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
tarteaucitron.services.js
visitor.weyou-group.com/lib/tarteaucitronjs/ 		112 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor.weyou-group.com/lib/tarteaucitronjs/tarteaucitron.services.js?v=20201013
Requested by
Host: visitor.weyou-group.com
URL: https://visitor.weyou-group.com/lib/tarteaucitronjs/tarteaucitron.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.164.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
027afbbbea09cd8870ff33288f8d3934db914c5a9bcc851455052e127c764d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 09:36:49 GMT
content-encoding
gzip
etag
"1d75b9f0570301c"
last-modified
Mon, 07 Jun 2021 13:14:18 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
request-context
appId=cid-v1:1350ac50-8197-4959-8fab-ec8167cbfc0e

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| scripts string| path string| tarteaucitronForceCDN string| cdn number| alreadyLaunch string| tarteaucitronForceLanguage string| tarteaucitronForceExpire object| tarteaucitronCustomText boolean| tarteaucitronExpireInDay number| timeExpire undefined| tarteaucitronProLoadServices boolean| tarteaucitronNoAdBlocker object| tarteaucitron string| method object| appInsights object| e function| t object| Microsoft string| key string| fixed

3 Cookies

Domain/Path Name / Value
visitor.weyou-group.com/ Name: ai_user
Value: LcjzD71os2mje5jkGaYqxs|2022-04-22T09:36:49.095Z
visitor.weyou-group.com/ Name: ai_session
Value: X2C3lkMxiOswBKu/XZCXse|1650620209200|1650620209200
.weyou-group.com/ Name: cookieconsent
Value: !ai=wait!gtag=wait

1 Console Messages

Source Level URL
Text
network error URL: https://visitor.weyou-group.com/heavent-paris/2021/inscription?source=baopen
Message:
Failed to load resource: the server responded with a status of 404 ()