urlscan.io logo urlscan.io
SecurityTrails logo

qr-creator.com Open in urlscan Pro
3.131.202.101  Public Scan

Go To Rescan Add Verdict Report
URL: https://qr-creator.com/urls/i8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4u...
Submission: On November 09 via manual from RU — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 21 HTTP transactions. The main IP is 3.131.202.101, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is qr-creator.com.
TLS certificate: Issued by GlobalSign GCC R6 AlphaSSL CA 2023 on January 6th 2025. Valid for: a year.
This is the only time qr-creator.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    3.131.202.101 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: qr-creator.com
qr-creator.com
4    153.121.2.1 (Japan)

ASN9370 (SAKURA-B SAKURA Internet Inc., JP)
45kz7jry.user.webaccel.jp
1    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t2.gstatic.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c1d::9a (Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.at
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
4    142.251.140.174 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-bt-in-f14.1e100.net
fundingchoicesmessages.google.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3604
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 750
133 KB
4 webaccel.jp
45kz7jry.user.webaccel.jp
9 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 132
219 KB
2 gstatic.com
t2.gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
6 KB
1 google.at
www.google.at — Cisco Umbrella Rank: 25393
409 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 191
557 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
156 KB
1 qr-creator.com
qr-creator.com
2 KB
21 9
Domain Requested by
6 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 45kz7jry.user.webaccel.jp qr-creator.com
2 region1.analytics.google.com www.googletagmanager.com
2 pagead2.googlesyndication.com qr-creator.com
pagead2.googlesyndication.com
1 fonts.gstatic.com qr-creator.com
1 fonts.googleapis.com
1 www.google.at qr-creator.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com qr-creator.com
1 t2.gstatic.com qr-creator.com
1 www.google.com 1 redirects
1 qr-creator.com
21 12

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
Subject Issuer Validity Valid
qr-creator.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2025-01-06 -
2026-02-07		 a year crt.sh
*.user.webaccel.jp
GlobalSign GCC R6 AlphaSSL CA 2025		 2025-07-23 -
2026-08-24		 a year crt.sh
*.g.doubleclick.net
WE2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.google-analytics.com
WE2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.google.at
WE2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.google.com
WE2		 2025-10-13 -
2026-01-05		 3 months crt.sh
upload.video.google.com
WE2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.gstatic.com
WE2		 2025-10-13 -
2026-01-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://qr-creator.com/urls/i8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA
Frame ID: 2562D0322F181956616503B29F8A9FDA
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

QR Code

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

95 %
HTTPS

54 %
IPv6

9
Domains

12
Subdomains

12
IPs

4
Countries

574 kB
Transfer

1944 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.google.com/s2/favicons?domain=www.youtube.com HTTP 301
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.youtube.com&size=16

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request i8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA
qr-creator.com/urls/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qr-creator.com/urls/i8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.131.202.101 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
qr-creator.com
Software
Apache /
Resource Hash
2806e6381e8a51dc78bde248a8b1a136834aa66d942293fed10a4c40b596c92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1777
Content-Type
text/html; charset=UTF-8
Date
Sun, 09 Nov 2025 17:48:18 GMT
Keep-Alive
timeout=2, max=50
Server
Apache
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
omatome-pict.png
45kz7jry.user.webaccel.jp/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://45kz7jry.user.webaccel.jp/images/omatome-pict.png
Requested by
Host: qr-creator.com
URL: https://qr-creator.com/urls/i8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
153.121.2.1 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
beae0790e1b6698ac4d711df3f531a0be31a78d9215865877ded74fe67d309a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

etag
"744-5e770b9060b9f"
age
14263
x-content-type-options
nosniff
expires
Fri, 08 May 2026 13:50:38 GMT
x-cache
HIT
date
Sun, 09 Nov 2025 17:48:20 GMT
content-type
image/png
vary
Origin
last-modified
Tue, 30 Aug 2022 07:56:50 GMT
x-frame-options
SAMEORIGIN
cache-control
s-maxage=86400
via
http/1.1 sv19-tky02-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv13-tky02-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
accept-ranges
bytes
content-length
1860
x-xss-protection
1; mode=block
server
nginx
faviconV2
t2.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?domain=www.youtube.com
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.youtube.com&size=16
246 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.youtube.com&size=16
Requested by
Host: qr-creator.com
URL: https://qr-creator.com/urls/i8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA
Protocol
H2
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6a92fae4fabe37a00a94156b322f853261103721b680f150084ad7364031fbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

age
247741
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
x-content-type-options
nosniff
content-location
https://www.youtube.com/s/desktop/2aa21710/img/favicon.ico
expires
Thu, 13 Nov 2025 20:59:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 06 Nov 2025 20:59:17 GMT
last-modified
Tue, 31 Dec 2024 00:24:14 GMT
content-type
image/png
cache-control
public, max-age=604800
cross-origin-opener-policy
same-origin; report-to="media-favicon"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
accept-ranges
bytes
content-length
246
x-xss-protection
0
server
sffe

Redirect headers

cache-control
public, max-age=1800
location
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.youtube.com&size=16
age
586
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 18:08:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
date
Sun, 09 Nov 2025 17:38:32 GMT
content-type
text/html; charset=UTF-8
server
sffe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4438158428688800
Requested by
Host: qr-creator.com
URL: https://qr-creator.com/urls/i8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3e89540eb387430bf49ed9a264e5243a9060c6e8061409d782c8945853f6fae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://qr-creator.com
Referer
https://qr-creator.com/

Response headers

content-encoding
br
etag
5644318769001190866
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 17:48:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 09 Nov 2025 17:48:18 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
55281
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		467 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CKQK68DX4F
Requested by
Host: qr-creator.com
URL: https://qr-creator.com/urls/i8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2a96d8f62e807f3e149ce7de98feb0acd587dc31174291b65327f3890475c02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sun, 09 Nov 2025 17:48:18 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
158931
date
Sun, 09 Nov 2025 17:48:18 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
tb-widget.png
45kz7jry.user.webaccel.jp/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://45kz7jry.user.webaccel.jp/images/tb-widget.png
Requested by
Host: qr-creator.com
URL: https://qr-creator.com/urls/i8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
153.121.2.1 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
0eaed1b3f4b7539bd00bb35a01659769fdc20c0b86a94906c9021debf4de6b16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

etag
"ba7-5e770b907153f"
age
4066
x-content-type-options
nosniff
expires
Fri, 08 May 2026 16:40:34 GMT
x-cache
HIT
date
Sun, 09 Nov 2025 17:48:20 GMT
content-type
image/png
vary
Origin
last-modified
Tue, 30 Aug 2022 07:56:50 GMT
x-frame-options
SAMEORIGIN
cache-control
s-maxage=86400
via
http/1.1 sv07-tky02-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv13-tky02-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
accept-ranges
bytes
content-length
2983
x-xss-protection
1; mode=block
server
nginx
arr8t.png
45kz7jry.user.webaccel.jp/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://45kz7jry.user.webaccel.jp/images/arr8t.png
Requested by
Host: qr-creator.com
URL: https://qr-creator.com/urls/i8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
153.121.2.1 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
e8136223a25c68bab07ae3c64c43ab159f7557ea21ef997ebf8f59b000794afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

etag
"429-5e770b907d0be"
age
14263
x-content-type-options
nosniff
expires
Fri, 08 May 2026 13:50:38 GMT
x-cache
HIT
date
Sun, 09 Nov 2025 17:48:20 GMT
content-type
image/png
vary
Origin
last-modified
Tue, 30 Aug 2022 07:56:50 GMT
x-frame-options
SAMEORIGIN
cache-control
s-maxage=86400
via
http/1.1 sv13-tky02-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv13-tky02-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
accept-ranges
bytes
content-length
1065
x-xss-protection
1; mode=block
server
nginx
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/ 		501 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4438158428688800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c67b67498d4a538f47e089bb36c003d924c56cb33b8fb691f3687cd4487e8cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

content-encoding
br
etag
12022265679802278726
age
17782
x-content-type-options
nosniff
expires
Sun, 23 Nov 2025 12:51:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 09 Nov 2025 12:51:56 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
169325
x-xss-protection
0
server
cafe
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CKQK68DX4F&gtm=45je5b50v891088897za200zd891088897&_p=1762710498621&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&cid=172597980.1762710499&ul=de-at&sr=1600x1200&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~105322304~115480709~115583767~115938466~115938469~116217636~116217638&sid=1762710498&sct=1&seg=0&dl=https%3A%2F%2Fqr-creator.com%2Furls%2Fi8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA&dt=QR%20Code&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=768
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CKQK68DX4F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:164:0
report-to
{"group":"ascnsrsggc:164:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:164:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://qr-creator.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:164:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 09 Nov 2025 17:48:18 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
557 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-CKQK68DX4F&cid=172597980.1762710499&gtm=45je5b50v891088897za200zd891088897&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~105322304~115480709~115583767~115938466~115938469~116217636~116217638
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CKQK68DX4F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9a , Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:132:0
report-to
{"group":"ascnsrsggc:132:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:132:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://qr-creator.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:132:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 09 Nov 2025 17:48:19 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.at/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.at/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-CKQK68DX4F&cid=172597980.1762710499&gtm=45je5b50v891088897za200zd891088897&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~105322304~115480709~115583767~115938466~115938469~116217636~116217638&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~105322304~115480709~115583767~115938466~115938469~116217636~116217638&z=3189150
Requested by
Host: qr-creator.com
URL: https://qr-creator.com/urls/i8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 09 Nov 2025 17:48:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ca-pub-4438158428688800
fundingchoicesmessages.google.com/i/ 		210 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4438158428688800?href=https%3A%2F%2Fqr-creator.com%2Furls%2Fi8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e4bb521fd5f156e83ba3d9d9f941bb03c25a5a4e3eaa91c72f3a3ac85285985
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-toFphaBs5_wjhrYsfF9LtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 09 Nov 2025 17:48:19 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0ZBiaL15jnUyEHctOs86A4gNFS6x2gPxh_rLrD-AuEjiCmsDEH-qusEqUH2DNYn9JmsBEJsevMXqDMRmfrdZ7YC42t2LrRmIbf192FyBeN9_X7ZjQCzEzfF4-eETbAIz5lw1VtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDI1NDQw0zMwji8wAACP2Dxf"
content-security-policy
script-src 'report-sample' 'nonce-toFphaBs5_wjhrYsfF9LtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxWnmpKuMLa5PeUgW9S37-6DEJ31BtNHp2fpK0F-OtjBatDCWoTb098MGXbYnr6Q5lVkSbWxRNYubyETO1QpZb7dG0YxYrTuYKJj-_5EOm-8yJwj8RiA7pfxAnOZbazs2oj7-w9ijA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWnmpKuMLa5PeUgW9S37-6DEJ31BtNHp2fpK0F-OtjBatDCWoTb098MGXbYnr6Q5lVkSbWxRNYubyETO1QpZb7dG0YxYrTuYKJj-_5EOm-8yJwj8RiA7pfxAnOZbazs2oj7-w9ijA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.RCSwOiHnruw.es5.O/d=1/rs=AJlcJMwrGGTUAiOiBeYgqBrutwlvCi1vQA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.140.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-bt-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ml3n4vx-OBHKNF-mn1Qy5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://qr-creator.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 09 Nov 2025 17:48:19 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwViIR6Ox8sPn2ATuHHgYBOjkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDI1NDQw0zMwiy8wAACoOCut"
content-security-policy
script-src 'report-sample' 'nonce-Ml3n4vx-OBHKNF-mn1Qy5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://qr-creator.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWnmpKuMLa5PeUgW9S37-6DEJ31BtNHp2fpK0F-OtjBatDCWoTb098MGXbYnr6Q5lVkSbWxRNYubyETO1QpZb7dG0YxYrTuYKJj-_5EOm-8yJwj8RiA7pfxAnOZbazs2oj7-w9ijA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWnmpKuMLa5PeUgW9S37-6DEJ31BtNHp2fpK0F-OtjBatDCWoTb098MGXbYnr6Q5lVkSbWxRNYubyETO1QpZb7dG0YxYrTuYKJj-_5EOm-8yJwj8RiA7pfxAnOZbazs2oj7-w9ijA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.RCSwOiHnruw.es5.O/d=1/rs=AJlcJMwrGGTUAiOiBeYgqBrutwlvCi1vQA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.140.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-bt-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_c3YjKKZcqSoHqdmXJuRwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://qr-creator.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 09 Nov 2025 17:48:19 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0JBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwViIR6Ox8sPn2ATeDH5bSOjkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDI1NDQw0zMwiy8wAACu-ivB"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_c3YjKKZcqSoHqdmXJuRwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://qr-creator.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXY9zzIBkBaQSgMU6HymWcKIgp5FXstTTNn_v6My5b0Kf_4Ot6y-80EZ__kXdeglJiMGMu8GN0a879RtrjkrSKrQvXAiS81jTAmH3Jb3R3OhVc--ZbMlXk92qEyn8ZQLUxMnqucaQ==
fundingchoicesmessages.google.com/f/ 		424 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXY9zzIBkBaQSgMU6HymWcKIgp5FXstTTNn_v6My5b0Kf_4Ot6y-80EZ__kXdeglJiMGMu8GN0a879RtrjkrSKrQvXAiS81jTAmH3Jb3R3OhVc--ZbMlXk92qEyn8ZQLUxMnqucaQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzYyNzEwNDk5LDI0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9xci1jcmVhdG9yLmNvbS91cmxzL2k4c29LU2tvdHRMWEx5OHYxNnZNTHkwcFRVclZTODdQMVhjb3o4aE1UVW5NeWN6TGpzT2xwanl4SkRuRHZzeldKeWszTGFVOE9USEZMNUtnMnVTYzVGSUxJNHVvc3FySU9DZ0FBQSIsbnVsbCxbWzgsIlJDU3dPaUhucnV3Il0sWzksImRlIl0sWzE5LCIxIl0sWzI0LCIiXSxbMjksImZhbHNlIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.RCSwOiHnruw.es5.O/d=1/rs=AJlcJMwrGGTUAiOiBeYgqBrutwlvCi1vQA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5dc295b1647cf314e3e3cf2f8bafdb29d859c12f7ce1355ac2349d5c8df74098
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uRbtBzXIJBNY5BF2f1g2jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 09 Nov 2025 17:48:19 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBiOHnrNtNFIG69eY51MhB3LTrPOgOIDRUusdoD8Yf6y6w_gLhI4gprAxB_qrrBKlB9gzWJ_SZrARCbHrzF6gzEZn63We2AuNrdi60ZiG39fdhcgXjff1-2Y0AsxMPxePnhE2wCFzb-msaopJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGpoaGCmZ2AcX2AAAAUPQj8"
content-security-policy
script-src 'report-sample' 'nonce-uRbtBzXIJBNY5BF2f1g2jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		123 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.RCSwOiHnruw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwrGGTUAiOiBeYgqBrutwlvCi1vQA/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e2a6235e490a0a5a5bc2e33796d39df903552e9aeaf14b6c353bdfedfab6cba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 17:48:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 09 Nov 2025 17:48:19 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 09 Nov 2025 17:48:19 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: qr-creator.com
URL: https://qr-creator.com/urls/i8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://qr-creator.com
Referer
https://qr-creator.com/

Response headers

age
252229
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 06 Nov 2026 19:44:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 06 Nov 2025 19:44:30 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxWnmpKuMLa5PeUgW9S37-6DEJ31BtNHp2fpK0F-OtjBatDCWoTb098MGXbYnr6Q5lVkSbWxRNYubyETO1QpZb7dG0YxYrTuYKJj-_5EOm-8yJwj8RiA7pfxAnOZbazs2oj7-w9ijA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWnmpKuMLa5PeUgW9S37-6DEJ31BtNHp2fpK0F-OtjBatDCWoTb098MGXbYnr6Q5lVkSbWxRNYubyETO1QpZb7dG0YxYrTuYKJj-_5EOm-8yJwj8RiA7pfxAnOZbazs2oj7-w9ijA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.RCSwOiHnruw.es5.O/d=1/rs=AJlcJMwrGGTUAiOiBeYgqBrutwlvCi1vQA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.140.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-bt-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x9FtAU2sX9eXuZ64QKO5XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://qr-creator.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 09 Nov 2025 17:48:19 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0ZBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwViIR6Ox8sPn2AT6Hh58yqjkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDI1NDQw0zMwiy8wAAC7wivz"
content-security-policy
script-src 'report-sample' 'nonce-x9FtAU2sX9eXuZ64QKO5XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://qr-creator.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWnmpKuMLa5PeUgW9S37-6DEJ31BtNHp2fpK0F-OtjBatDCWoTb098MGXbYnr6Q5lVkSbWxRNYubyETO1QpZb7dG0YxYrTuYKJj-_5EOm-8yJwj8RiA7pfxAnOZbazs2oj7-w9ijA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWnmpKuMLa5PeUgW9S37-6DEJ31BtNHp2fpK0F-OtjBatDCWoTb098MGXbYnr6Q5lVkSbWxRNYubyETO1QpZb7dG0YxYrTuYKJj-_5EOm-8yJwj8RiA7pfxAnOZbazs2oj7-w9ijA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.RCSwOiHnruw.es5.O/d=1/rs=AJlcJMwrGGTUAiOiBeYgqBrutwlvCi1vQA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.140.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-bt-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6y_WYLqc0MIxV0NiFyyLcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://qr-creator.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 09 Nov 2025 17:48:19 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0pBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwViIR6Ox8sPn2ATuLF1zlVGJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRqaGhgpmdgFl9gAAC1lSvY"
content-security-policy
script-src 'report-sample' 'nonce-6y_WYLqc0MIxV0NiFyyLcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://qr-creator.com
content-length
0
x-xss-protection
0
server
ESF
favicon-32x32.png
45kz7jry.user.webaccel.jp/favicons/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://45kz7jry.user.webaccel.jp/favicons/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
153.121.2.1 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
069e4a519e06196f450e502e600f38f75e53b3d5e59a5cf365972bda3c2c7d92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

etag
"65c-5e770b91a3f6f"
age
24041
x-content-type-options
nosniff
expires
Fri, 08 May 2026 11:07:39 GMT
x-cache
HIT
date
Sun, 09 Nov 2025 17:48:20 GMT
content-type
image/png
vary
Origin
last-modified
Tue, 30 Aug 2022 07:56:51 GMT
x-frame-options
SAMEORIGIN
cache-control
s-maxage=86400
via
http/1.1 sv16-tky02-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv13-tky02-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
accept-ranges
bytes
content-length
1628
x-xss-protection
1; mode=block
server
nginx
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CKQK68DX4F&gtm=45je5b50v891088897za200zd891088897&_p=1762710498621&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&cid=172597980.1762710499&ul=de-at&sr=1600x1200&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAAAAQ&_s=2&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~105322304~115480709~115583767~115938466~115938469~116217636~116217638&sid=1762710498&sct=1&seg=0&dl=https%3A%2F%2Fqr-creator.com%2Furls%2Fi8soKSkottLXLy8v16vMLy0pTUrVS87P1Xcoz8hMTUnMyczLjsOlpjyxJDnDvszWJyk3LaU8OTHFL5Kg2uSc5FILI4uosqrIOCgAAA&dt=QR%20Code&en=scroll&epn.percent_scrolled=90&_et=4&tfd=5773
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CKQK68DX4F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://qr-creator.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:164:0
report-to
{"group":"ascnsrsggc:164:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:164:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://qr-creator.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:164:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 09 Nov 2025 17:48:23 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

54 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| HideURLBar object| adsbygoogle function| gtag object| dataLayer object| google_js_reporting_queue number| google_srt boolean| BGtEY object| google_logging_queue object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_ad_modifications object| google_sa_queue function| google_process_slots object| google_ama_state number| google_unique_id object| fqjyf number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| googletag function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run boolean| googFloatingToolbarManagerAsyncPositionUpdate object| default_ContributorServingResponseClientJs object| _F_toggles_default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| YWEzMDFkZGUxMDIzNTE0M2xvYWRlcl9qcw== string| YWEzMDFkZGUxMDIzNTE0M2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady

3 Cookies

Domain/Path Name / Value
.qr-creator.com/ Name: _ga
Value: GA1.1.172597980.1762710499
.qr-creator.com/ Name: _ga_CKQK68DX4F
Value: GS2.1.s1762710498$o1$g0$t1762710498$j60$l0$h0
.qr-creator.com/ Name: FCCDCF
Value: %5Bnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C%5B%5B32%2C%22%5B%5C%225731c20f-54fd-4740-964d-dc9338dc71fc%5C%22%2C%5B1762710499%2C208000000%5D%5D%22%5D%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

45kz7jry.user.webaccel.jp
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
qr-creator.com
region1.analytics.google.com
stats.g.doubleclick.net
t2.gstatic.com
www.google.at
www.google.com
www.googletagmanager.com
142.250.184.226
142.250.185.131
142.250.185.164
142.251.140.174
153.121.2.1
2001:4860:4802:32::36
2a00:1450:4001:811::2004
2a00:1450:4001:827::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200e
2a00:1450:400c:c1d::9a
3.131.202.101
069e4a519e06196f450e502e600f38f75e53b3d5e59a5cf365972bda3c2c7d92
0eaed1b3f4b7539bd00bb35a01659769fdc20c0b86a94906c9021debf4de6b16
2806e6381e8a51dc78bde248a8b1a136834aa66d942293fed10a4c40b596c92b
2e2a6235e490a0a5a5bc2e33796d39df903552e9aeaf14b6c353bdfedfab6cba
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e89540eb387430bf49ed9a264e5243a9060c6e8061409d782c8945853f6fae2
4e4bb521fd5f156e83ba3d9d9f941bb03c25a5a4e3eaa91c72f3a3ac85285985
5dc295b1647cf314e3e3cf2f8bafdb29d859c12f7ce1355ac2349d5c8df74098
b6a92fae4fabe37a00a94156b322f853261103721b680f150084ad7364031fbe
beae0790e1b6698ac4d711df3f531a0be31a78d9215865877ded74fe67d309a1
c67b67498d4a538f47e089bb36c003d924c56cb33b8fb691f3687cd4487e8cb6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8136223a25c68bab07ae3c64c43ab159f7557ea21ef997ebf8f59b000794afe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a96d8f62e807f3e149ce7de98feb0acd587dc31174291b65327f3890475c02