urlscan.io logo urlscan.io
SecurityTrails logo

qrto.org Open in urlscan Pro
172.67.203.242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://qrto.org/
Effective URL: https://qrto.org/
Submission: On September 06 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 14 HTTP transactions. The main IP is 172.67.203.242, located in United States and belongs to CLOUDFLARENET, US. The main domain is qrto.org.
TLS certificate: Issued by WE1 on August 6th 2024. Valid for: 3 months.
This is the only time qrto.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 172.67.203.242 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.106.126 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 18.164.96.90 16509 (AMAZON-02)
1 54.171.3.146 16509 (AMAZON-02)
1 52.209.121.68 16509 (AMAZON-02)
14 8
4    172.67.203.242 (United States)

ASN13335 (CLOUDFLARENET, US)
qrto.org
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net
static.hotjar.com
2    2607:f8b0:4006:806::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net
script.hotjar.com
1    54.171.3.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-3-146.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    52.209.121.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-121-68.eu-west-1.compute.amazonaws.com
metrics.hotjar.io
Apex Domain
Subdomains		 Transfer
4 qrto.org
qrto.org
106 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
63 KB
2 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 8904
metrics.hotjar.io — Cisco Umbrella Rank: 13194
251 B
2 gstatic.com
fonts.gstatic.com
46 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
135 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
916 B
14 6
Domain Requested by
4 qrto.org qrto.org
2 script.hotjar.com static.hotjar.com
script.hotjar.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com qrto.org
cdnjs.cloudflare.com
1 metrics.hotjar.io static.hotjar.com
1 content.hotjar.io script.hotjar.com
1 static.hotjar.com qrto.org
1 fonts.googleapis.com qrto.org
14 8

This site contains links to these domains. Also see Links.

Domain
qrcodecreator.com
www.facebook.com
www.linkedin.com
Subject Issuer Validity Valid
qrto.org
WE1		 2024-08-06 -
2024-11-04		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-01-31 -
2025-03-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://qrto.org/
Frame ID: 3F135FC1E467BC4CDF37EA0B30205D05
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Qr Code Creator

Page URL History Show full URLs

  1. http://qrto.org/ HTTP 307
    https://qrto.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

14
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

351 kB
Transfer

703 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://qrto.org/ HTTP 307
    https://qrto.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qrto.org/
Redirect Chain
  • http://qrto.org/
  • https://qrto.org/
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qrto.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.23
Resource Hash
dac7ae5644fee64d011dabe42c2a8ffee733c14bda245ec5d36d41a043cdb357

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8bee9f26c8bda202-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 06 Sep 2024 12:56:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtfIajy8J1icz60NCZp1s%2BVMLWLFMOvJIuOhL5PrOICIe7Y7kC9s0UqAKcFoBel3dR0yzbuP5zey5YGqyysM1vMPipNnDCQYvFOr%2BraTmCN1H3OfTYYejAsrGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-powered-by
PHP/8.2.23

Redirect headers

Location
https://qrto.org/
Non-Authoritative-Reason
HttpsUpgrades
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/ 		94 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/all.min.css
Requested by
Host: qrto.org
URL: https://qrto.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e202e3c899507992952533f57b634722b69b34241d271963559d31aa33ef81
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://qrto.org/
Origin
https://qrto.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 12:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13716
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18714
last-modified
Tue, 16 Jul 2024 17:07:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6696a8d8-491a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BPJjk7jpH3%2FJIAx%2FuBcfMQ6toGB2wNTbvNCI6ua%2B3EtDwDRKmaPWl6yv3%2Bd%2Bdda0twkGg%2BUswYyK4kwcnKuHrplrhffr2SOF9UicfZ4dBd0IdjHVO3WQZwvnqWj1A%2FBKd1%2BfNIU"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bee9f2b38cfb40a-YYZ
expires
Wed, 27 Aug 2025 12:56:54 GMT
css2
fonts.googleapis.com/ 		4 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700;1,900&display=swap
Requested by
Host: qrto.org
URL: https://qrto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2025bfd06706858ce5cd26df558ba7dd34626a760d34dd70ad953cb28d15a0af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://qrto.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Sep 2024 12:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 06 Sep 2024 12:56:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Sep 2024 12:56:54 GMT
qrcodecreator.png
qrto.org/frontend/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qrto.org/frontend/qrcodecreator.png
Requested by
Host: qrto.org
URL: https://qrto.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
140f75893ff9e3ac98bef9b70b282eb91a1962e0b0cb7f89fb0a02efc5f74888

Request headers

Referer
https://qrto.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 12:56:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
831377
alt-svc
h3=":443"; ma=86400
content-length
3683
last-modified
Tue, 27 Aug 2024 18:09:41 GMT
server
cloudflare
etag
"66ce1665-e63"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, HEAD, CONNECT, PATCH
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3uQ88%2Fql79qZBLOhmx04Mbuoer4lL22qPG7inLrSnCM%2Bl%2BQBeFgcwZ2tgKrT%2FDlJLSnlh7kJKmqJUSZa%2F1qOju8svqRMTiHSI2cVvAlCAE67%2Bo92W%2FQE6AiDA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8bee9f2bdc58a202-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Thu, 31 Dec 2037 23:55:55 GMT
qrtoai.png
qrto.org/frontend/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qrto.org/frontend/qrtoai.png
Requested by
Host: qrto.org
URL: https://qrto.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36debb25b37a3c7b8fd07c7f79247babc97ee035844abf5a7a0796d9ba7483f8

Request headers

Referer
https://qrto.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 12:56:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
831375
alt-svc
h3=":443"; ma=86400
content-length
92184
last-modified
Tue, 27 Aug 2024 18:09:41 GMT
server
cloudflare
etag
"66ce1665-16818"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, HEAD, CONNECT, PATCH
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2Bzwb6vhMQyYjTyt8lk5euVY%2F9DzhKK2jG0Ik6tG2gx%2Be6duVHltTjqLDQmK9s6BMqArDm%2FuGYSPVYQD%2BNj906Lo0BpoJkidwwYgSW2dOAhA45k4mGmVWzGZsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8bee9f2819dfa202-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Thu, 31 Dec 2037 23:55:55 GMT
hotjar-5002914.js
static.hotjar.com/c/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-5002914.js?sv=6
Requested by
Host: qrto.org
URL: https://qrto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-126.jfk50.r.cloudfront.net
Software
/
Resource Hash
92db8cdab5e746278ffbc4a77e5c2cb12a793ba730c7d75235ebdac95534b23e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://qrto.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 12:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/f1cf056aad70399a5553b7a1f78d0039
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
830glBxJqS2Tr_f8jOH910xzfwfagsdiGDPlkB3uOSlBuO6c4gTUwg==
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://qrto.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 14:39:32 GMT
x-content-type-options
nosniff
age
80242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Sep 2025 14:39:32 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://qrto.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:52:08 GMT
x-content-type-options
nosniff
age
601486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 13:52:08 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/webfonts/ 		115 KB
116 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c411f11975d26eb04cd2aa3c071181d4b18e489f1fb97060d4176a3531dfb36e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/all.min.css
Origin
https://qrto.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 12:56:54 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
46798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
118072
last-modified
Tue, 16 Jul 2024 17:07:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6696a8d8-1cd38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SNCj3MchXI5wSvX9SPrYnqCdryLIr46OFzqdCiNiEvS7hhFEi9vTlqSNbK3vJIglfnJtoVACbc7fuZQgEXg2dYNxoJReVe%2BAxFnJA0lxae89C8DUquiZE6LEEujerll%2FAkiWAapa"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bee9f2cb9d7b40a-YYZ
expires
Wed, 27 Aug 2025 12:56:54 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5002914.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://qrto.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
3278028
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
pWyg4_6-YXp_0Yzywy_9V--rA1DTZDCGIQoA--15TE-lEYZ5k55s6A==
browser-perf.8417c6bba72228fa2e29.js
script.hotjar.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
/
Resource Hash
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://qrto.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 14:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
19520687
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1782
last-modified
Wed, 24 Jan 2024 14:31:37 GMT
etag
"b83b61bc5871e9a23a0434e2c539f4f3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
4RSvjlzG53yo7lwqQsT1u40QShWkyDM_gT91vdVbB3ZN1GGztGrcOg==
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=5002914&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.3.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-3-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ac3f2c34eebb4be1c2ac670d3d37f5e3adfa07c2fd54eae0cbc226707e67d2c0

Request headers

Referer
https://qrto.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 06 Sep 2024 12:56:55 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
favicon.ico
qrto.org/ 		100 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://qrto.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baee6f8d54f561da00b79d0530be70cdd0815d4214fe19a42252264ba45b85d4

Request headers

Referer
https://qrto.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 12:56:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
840228
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 27 Aug 2024 18:09:41 GMT
server
cloudflare
etag
W/"66ce1665-1917f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, HEAD, CONNECT, PATCH
content-type
image/x-icon
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIBw7A%2FtDTryEyTiEIxn7brcJ2EAIFZoURkVHUNYBs8X8TCqEV64nD7lcw6rJXSZAO0eE7vm2j8FQ%2BeANKGuExyjdj1GonxY0GOVY30hryimG1abMS3er48lGw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
access-control-allow-credentials
true
cf-ray
8bee9f2f5f21a202-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
metrics.hotjar.io/ 		0
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://metrics.hotjar.io/?v=6&site_id=5002914
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5002914.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.209.121.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-121-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://qrto.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 06 Sep 2024 12:56:58 GMT
access-control-max-age
86400

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| hj object| _hjSettings object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled

5 Cookies

Domain/Path Name / Value
qrto.org/ Name: XSRF-TOKEN
Value: eyJpdiI6IjdGYTFxendOVFI2N2c3akNKTGQ5a3c9PSIsInZhbHVlIjoic1UzNEszOG95NTN3aWFISkdPSjVlc1R5SWtnVmFDaGxPZnZUTUZhb29BR2lxemJUYWNCTTE2OW9HMWFoRWZkWTBHSE1md2ZpWlJLWDB6S3J4UkpyTERyNFVyV3ZTNzNPMmRHT0dCbUxlbUI4aWJaT0xHT2phNGsrZmxyNm1NWXAiLCJtYWMiOiI5OTUxOTQ1NTk1YTUxMTc1YjJjMjU2NjY0ODdhYjc1YTllYTM4OTU0ZTE2MjAxZGMwYjA4YTc2MjUyNDQ1OWI5IiwidGFnIjoiIn0%3D
qrto.org/ Name: qr_code_creator_session
Value: eyJpdiI6InFnZ0psS3JjYzFaQlAxM3JkK0RoWGc9PSIsInZhbHVlIjoieXBpWFR1c1lsc2EzZXZEWU5PSXhqWVFYRi9UR1BidVEybnVGakF3cm90d3ZGck56YU5JbkFuSkVrNUNQcnRySldhWFBienEzeTQzcVBURmMwbEc5Q2xrMnBJVmFzTUl4eWtJR1JTdFhSc1dSMGVuYjhGOWgyMkpWTlNKeThOOFgiLCJtYWMiOiI3MTNlNWFiMjgyNzQzNmM2OGNjZWQ0YzEyN2ZlOTMwNjM0ZTMwNGIzMjZhM2EzNjE3N2YyMTdmMzUwZGM0YTdjIiwidGFnIjoiIn0%3D
qrto.org/ Name: __cflb
Value: 02DiuHvsKfgtEHuNotuSvGHCup6Vgd9KSZtizMEMX9hxG
.qrto.org/ Name: _hjSessionUser_5002914
Value: eyJpZCI6ImNhN2E0MmZjLWNiMjItNTNhNi04NGJmLWJlNTllOTEzNTFkMSIsImNyZWF0ZWQiOjE3MjU2Mjc0MTQ4NDcsImV4aXN0aW5nIjp0cnVlfQ==
.qrto.org/ Name: _hjSession_5002914
Value: eyJpZCI6ImQwM2RlMzQ0LTIzODgtNGQ1Yi04ZDBhLTZiNTU0OGE4NzE2YyIsImMiOjE3MjU2Mjc0MTQ4NTEsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=