firebasestorage.googleapis.com Open in urlscan Pro
2a00:1450:4001:80e::200a Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://qrfy.com/p/uOvzgG0UfX
Effective URL:
https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67
Submission: On May 31 via manual (May 31st 2023, 3:20:40 pm UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 54 HTTP transactions. The main IP is 2a00:1450:4001:80e::200a, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is firebasestorage.googleapis.com. The Cisco Umbrella rank of the primary domain is 7041.
TLS certificate: Issued by GTS CA 1C3 on May 19th 2023. Valid for: 3 months.

This is the only time firebasestorage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OneDrive (Online) Generic Email (Online) Generic (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 37	2606:4700:310... 2606:4700:3108::ac42:2ad4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
6	18.66.97.45 18.66.97.45	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1abd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	203.161.56.105 203.161.56.105	22612 (NAMECHEAP...) (NAMECHEAP-NET)
3 3	99.86.4.38 99.86.4.38	16509 (AMAZON-02) (AMAZON-02)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	113.190.42.12 113.190.42.12	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
54	12

37 2606:4700:3108::ac42:2ad4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qrfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.qrfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

cdn.glitch.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.97.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-45.fra56.r.cloudfront.net

cdn.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1abd (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.downdetector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.161.56.105 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: hogmanay-fra.vpsrdns.web-hosting.com

www.clipartmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.38 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-38.fra6.r.cloudfront.net

cdn.glitch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 113.190.42.12 (Hanoi, Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn

videm.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	qrfy.com 1 redirects qrfy.com — Cisco Umbrella Rank: 478217 analytics.qrfy.com — Cisco Umbrella Rank: 897283	906 KB
6	glitch.me cdn.glitch.me — Cisco Umbrella Rank: 119181	794 KB
3	glitch.com 3 redirects cdn.glitch.com — Cisco Umbrella Rank: 130303	1 KB
3	glitch.global cdn.glitch.global — Cisco Umbrella Rank: 266930	68 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 745	108 KB
2	googleapis.com firebasestorage.googleapis.com — Cisco Umbrella Rank: 7041 ajax.googleapis.com — Cisco Umbrella Rank: 398	106 KB
1	videm.vn videm.vn	309 B
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3005	67 KB
1	clipartmax.com www.clipartmax.com — Cisco Umbrella Rank: 71518	34 KB
1	downdetector.com cdn2.downdetector.com — Cisco Umbrella Rank: 130693	18 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	7 KB
54	11

	Domain	Requested by
35	qrfy.com	1 redirects qrfy.com
6	cdn.glitch.me	firebasestorage.googleapis.com
3	cdn.glitch.com	3 redirects
3	cdn.glitch.global	firebasestorage.googleapis.com
2	code.jquery.com	firebasestorage.googleapis.com
2	analytics.qrfy.com	qrfy.com analytics.qrfy.com
1	videm.vn	code.jquery.com
1	upload.wikimedia.org	firebasestorage.googleapis.com
1	www.clipartmax.com	firebasestorage.googleapis.com
1	cdn2.downdetector.com	firebasestorage.googleapis.com
1	cdnjs.cloudflare.com	firebasestorage.googleapis.com
1	ajax.googleapis.com	firebasestorage.googleapis.com
1	firebasestorage.googleapis.com	qrfy.com
54	13

This site contains no links.

Subject Issuer	Validity	Valid
*.qrfy.com GTS CA 1P5	`2023-04-06` - `2023-07-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
cdn.glitch.global R3	`2023-04-07` - `2023-07-06`	3 months	crt.sh
glitch.com Amazon RSA 2048 M01	`2023-02-22` - `2024-02-01`	a year	crt.sh
clipartmax.com R3	`2023-04-21` - `2023-07-20`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-27` - `2023-11-17`	a year	crt.sh
videm.vn R3	`2023-05-07` - `2023-08-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67
Frame ID: C6E4633F78120921062230C40ABE7EB4
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Acrobat File

Page URL History Show full URLs

http://qrfy.com/p/uOvzgG0UfX HTTP 301
https://qrfy.com/p/uOvzgG0UfX Page URL
https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

94 %
HTTPS

58 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

2107 kB
Transfer

9751 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qrfy.com/p/uOvzgG0UfX HTTP 301
https://qrfy.com/p/uOvzgG0UfX Page URL
https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://qrfy.com/p/uOvzgG0UfX HTTP 301
https://qrfy.com/p/uOvzgG0UfX

Request Chain 48

https://cdn.glitch.com/6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png HTTP 301
https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png

Request Chain 49

https://cdn.glitch.com/6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png HTTP 301
https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png

Request Chain 50

https://cdn.glitch.com/6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png HTTP 301
https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

uOvzgG0UfX Show response
qrfy.com/p/
Redirect Chain

http://qrfy.com/p/uOvzgG0UfX
https://qrfy.com/p/uOvzgG0UfX

19 KB
5 KB

67ms
45ms

Document
text/html

2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/p/uOvzgG0UfX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd2a2616e9a90d70aa52a99f8e7723c5d645909f3e99b5075f9d5cf35eb24294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d003398ad471cbf-FRA
content-encoding: br
content-type: text/html
date: Wed, 31 May 2023 15:20:33 GMT
expect-ct: max-age=86400, enforce
last-modified: Tue, 30 May 2023 22:56:46 GMT
referrer-policy: same-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 7d0033985d968ffb-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 31 May 2023 15:20:33 GMT
Expires: Wed, 31 May 2023 16:20:33 GMT
Location: https://qrfy.com/p/uOvzgG0UfX
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 plausible.js Show response
analytics.qrfy.com/js/ 1 KB
818 B 40ms
28ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.qrfy.com/js/plausible.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/p/uOvzgG0UfX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878979
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:33 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
cf-ray: 7d0033990e301cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 hero_image.webp
qrfy.com/images/ 21 KB
21 KB 22ms
21ms Image
image/webp 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qrfy.com/images/hero_image.webp

Requested by

Host: qrfy.com
URL: https://qrfy.com/p/uOvzgG0UfX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9572f8c5d788b1d80ca1e511ed78e928ad0e0686b7934dabc8d2d7a6bd52e9e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878500
content-length: 21554
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
last-modified: Sun, 21 May 2023 11:09:18 GMT
server: cloudflare
etag: "6469fbde-5432"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 7d003398fde61cbf-FRA
expires: Mon, 20 May 2024 11:10:34 GMT

GET
H2 200 lato-400.woff2
qrfy.com/fonts/ 23 KB
23 KB 29ms
27ms Font
application/octet-stream 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/fonts/lato-400.woff2

Requested by

Host: qrfy.com
URL: https://qrfy.com/p/uOvzgG0UfX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qrfy.com/p/uOvzgG0UfX
Origin: https://qrfy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878979
content-length: 23580
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
last-modified: Sun, 21 May 2023 11:09:18 GMT
server: cloudflare
etag: "6469fbde-5c1c"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 7d003398fded1cbf-FRA
expires: Mon, 20 May 2024 11:10:34 GMT

GET
H2 200 lato-700.woff2
qrfy.com/fonts/ 23 KB
23 KB 30ms
29ms Font
application/octet-stream 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/fonts/lato-700.woff2

Requested by

Host: qrfy.com
URL: https://qrfy.com/p/uOvzgG0UfX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qrfy.com/p/uOvzgG0UfX
Origin: https://qrfy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878979
content-length: 23040
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
last-modified: Sun, 21 May 2023 11:09:18 GMT
server: cloudflare
etag: "6469fbde-5a00"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 7d003398fdef1cbf-FRA
expires: Mon, 20 May 2024 11:10:34 GMT

GET
H2 200 lato-900.woff2
qrfy.com/fonts/ 22 KB
22 KB 24ms
23ms Font
application/octet-stream 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/fonts/lato-900.woff2

Requested by

Host: qrfy.com
URL: https://qrfy.com/p/uOvzgG0UfX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qrfy.com/p/uOvzgG0UfX
Origin: https://qrfy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878979
content-length: 22504
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
last-modified: Sun, 21 May 2023 11:09:18 GMT
server: cloudflare
etag: "6469fbde-57e8"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 7d003398fdf11cbf-FRA
expires: Mon, 20 May 2024 11:10:34 GMT

GET
H2 200 main.8da28bcd.js Show response
qrfy.com/static/js/ 658 KB
203 KB 41ms
40ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/main.8da28bcd.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/p/uOvzgG0UfX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

586492b29484c7c02751b475f24c5bece4e10b180d80235df813f922915135bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 57754
cf-polished: origSize=674273
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Tue, 30 May 2023 22:56:43 GMT
server: cloudflare
etag: W/"64767f2b-a49e1"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d003398fdf41cbf-FRA
expires: Wed, 29 May 2024 22:56:48 GMT

GET
H2 200 QRFY_logo.svg
qrfy.com/ 1 KB
677 B 32ms
30ms Image
image/svg+xml 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qrfy.com/QRFY_logo.svg

Requested by

Host: qrfy.com
URL: https://qrfy.com/p/uOvzgG0UfX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

240eac32b8d9236bb3f90440cfefc3734bfa07eddb07e599a8dc7ce24f738e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878979
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
last-modified: Sun, 21 May 2023 11:09:18 GMT
server: cloudflare
etag: W/"6469fbde-57d"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000, public
cf-ray: 7d003398fe071cbf-FRA
expires: Mon, 20 May 2024 11:10:34 GMT

GET
H2 200 7362.f5b7442a.chunk.js
qrfy.com/static/js/ 0
4 KB 46ms
45ms Other
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/7362.f5b7442a.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/p/uOvzgG0UfX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 716352
cf-polished: origSize=10566
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Tue, 23 May 2023 08:18:21 GMT
server: cloudflare
etag: W/"646c76cd-2946"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d003398fe091cbf-FRA
expires: Wed, 22 May 2024 08:18:24 GMT

GET
H2 200 7406.8e2448e4.chunk.js
qrfy.com/static/js/ 0
4 KB 28ms
27ms Other
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/7406.8e2448e4.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/p/uOvzgG0UfX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878978
cf-polished: origSize=13041
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-32f1"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d003398fe0b1cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 1257.1d44fe53.chunk.js
qrfy.com/static/js/ 0
47 KB 34ms
33ms Other
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/1257.1d44fe53.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/p/uOvzgG0UfX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878977
cf-polished: origSize=149085
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-2465d"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d003398fe0d1cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

POST
H2 202 event Show response
analytics.qrfy.com/api/ 2 B
380 B 110ms
89ms XHR
text/plain 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.qrfy.com/api/event

Requested by

Host: analytics.qrfy.com
URL: https://analytics.qrfy.com/js/plausible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 2
x-xss-protection: 1; mode=block
x-request-id: F2RDjQb7_CnB7qoAKwoM
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-user-country: DE
cf-ray: 7d003399684b5c14-FRA

GET
H2 200 3889.f31f0eb4.chunk.js Show response
qrfy.com/static/js/ 22 KB
6 KB 32ms
24ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/3889.f31f0eb4.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

871efd0ce6903d32815c5da706cda003be23ba96b7932c7a52fd9954007eeaac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878975
cf-polished: origSize=22761
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-58e9"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a48521cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 4569.6169208a.chunk.js Show response
qrfy.com/static/js/ 17 KB
6 KB 61ms
50ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/4569.6169208a.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3a66d0c136599362bc745f67a1729549432e45480f799cf4e52c2bdba8c2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878977
cf-polished: origSize=17005
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-426d"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a585f1cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 8167.358ecbff.chunk.js Show response
qrfy.com/static/js/ 10 KB
5 KB 85ms
74ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/8167.358ecbff.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80417b1d707f496da61238da501a9bad641d33c7d4e04696213e053193215f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878977
cf-polished: origSize=10607
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-296f"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58621cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 1257.1d44fe53.chunk.js Show response
qrfy.com/static/js/ 146 KB
47 KB 67ms
56ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/1257.1d44fe53.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9bae5b6079c969045c49827f9a138054f6c0f5f5521b5acbdaef55d5033e76e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878977
cf-polished: origSize=149085
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-2465d"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58641cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 1434.cf707c53.chunk.js Show response
qrfy.com/static/js/ 91 KB
26 KB 49ms
38ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/1434.cf707c53.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08f47bfd792d40d23c40118b9db00e6a105ccf46fd221508eb42ebb3aacffad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878939
cf-polished: origSize=92901
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-16ae5"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58651cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 2244.f03caa62.chunk.js Show response
qrfy.com/static/js/ 344 KB
98 KB 68ms
58ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/2244.f03caa62.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf1fa8f2cef34766a47309fdf21be21a55ef1fd6bd9da4b823094001f6ff05e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878939
cf-polished: origSize=351939
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-55ec3"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58671cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 5836.e38c8b9e.chunk.js Show response
qrfy.com/static/js/ 9 KB
3 KB 34ms
24ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/5836.e38c8b9e.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

155b2a5157525f089fe267fe5bdb24a7cd84cc755ad9385edd6e173713391d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878938
cf-polished: origSize=9078
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-2376"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58681cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 9430.3f2ad68d.chunk.js Show response
qrfy.com/static/js/ 70 KB
20 KB 47ms
37ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/9430.3f2ad68d.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88693a39def45588e5fe6b8adcab8312cb27058496dd83e6b1ec1ae82f7e8df7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878972
cf-polished: origSize=72235
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-11a2b"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58691cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 6402.e4757da9.chunk.js Show response
qrfy.com/static/js/ 465 KB
114 KB 76ms
67ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/6402.e4757da9.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a684888423537736281bde68a9e0bc107cbe7a9aae26dfc53ec80e5e2ad3065c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878500
cf-polished: origSize=476497
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-74551"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a586b1cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 4246.729734ab.chunk.js Show response
qrfy.com/static/js/ 58 KB
18 KB 38ms
29ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/4246.729734ab.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

970fca51987cfc1961fb4d90cb241a219f6d97cf557a460df36d753463b76f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 706262
cf-polished: origSize=59307
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Tue, 23 May 2023 11:09:07 GMT
server: cloudflare
etag: W/"646c9ed3-e7ab"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a586d1cbf-FRA
expires: Wed, 22 May 2024 11:09:12 GMT

GET
H2 200 83.e1b6a904.chunk.js Show response
qrfy.com/static/js/ 15 KB
5 KB 45ms
36ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/83.e1b6a904.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f1845ba65c0e766ad14d9de183538fd9a628469324d2078db863c100294364d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 678400
cf-polished: origSize=15486
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Tue, 23 May 2023 18:51:01 GMT
server: cloudflare
etag: W/"646d0b15-3c7e"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a586f1cbf-FRA
expires: Wed, 22 May 2024 18:51:05 GMT

GET
H2 200 5678.835fe9b8.chunk.js Show response
qrfy.com/static/js/ 93 KB
46 KB 42ms
33ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/5678.835fe9b8.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

763c8a10ca9e94eedbc37576007531447326c471f75beebe41116309fdc0b860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878938
cf-polished: origSize=95324
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-1745c"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58701cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 469.ea1722e4.chunk.js Show response
qrfy.com/static/js/ 1 KB
893 B 80ms
71ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/469.ea1722e4.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a7aa57eb4e3c2ec6eb3ea6b9340325143f7d295fa548d8c0ea185528093218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 605113
cf-polished: origSize=1328
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 24 May 2023 15:15:00 GMT
server: cloudflare
etag: W/"646e29f4-530"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58711cbf-FRA
expires: Thu, 23 May 2024 15:15:10 GMT

GET
H2 200 1715.9b76a329.chunk.js Show response
qrfy.com/static/js/ 17 KB
6 KB 39ms
30ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/1715.9b76a329.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89ff1108b72d13503ac59799e918101acef3b1dc9778abef3cba6ba81ae2d0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 604477
cf-polished: origSize=17231
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 24 May 2023 15:15:00 GMT
server: cloudflare
etag: W/"646e29f4-434f"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58731cbf-FRA
expires: Thu, 23 May 2024 15:15:10 GMT

GET
H2 200 1138.acce8ffe.chunk.js Show response
qrfy.com/static/js/ 293 KB
76 KB 59ms
51ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/1138.acce8ffe.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c53551a1e970a9067a4d8cd8198e652a648cee7999da0d43aa7da14f46910427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 101361
cf-polished: origSize=299756
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Tue, 30 May 2023 11:01:04 GMT
server: cloudflare
etag: W/"6475d770-492ec"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58741cbf-FRA
expires: Wed, 29 May 2024 11:01:08 GMT

GET
H2 200 9196.29cbfaae.chunk.js Show response
qrfy.com/static/js/ 7 KB
3 KB 56ms
48ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/9196.29cbfaae.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3b3b32a590250d4c9ae5c0900a87663885c22aafec2c91b6333fd417534125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878916
cf-polished: origSize=6732
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-1a4c"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58751cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 8484.40b5a57d.chunk.js Show response
qrfy.com/static/js/ 32 KB
9 KB 55ms
47ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/8484.40b5a57d.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd7649446f4f8540758991cd6d393586202089a502f419d43709960b17dfed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 706262
cf-polished: origSize=32396
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Tue, 23 May 2023 11:09:07 GMT
server: cloudflare
etag: W/"646c9ed3-7e8c"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58771cbf-FRA
expires: Wed, 22 May 2024 11:09:14 GMT

GET
H2 200 4146.78029027.chunk.js Show response
qrfy.com/static/js/ 22 KB
7 KB 39ms
32ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/4146.78029027.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4dbcf30e4bfcc3d768245c09d1b285c655653bdb25bf0cfad749f6a4fbbb11b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 706262
cf-polished: origSize=22601
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Tue, 23 May 2023 11:09:07 GMT
server: cloudflare
etag: W/"646c9ed3-5849"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58791cbf-FRA
expires: Wed, 22 May 2024 11:09:14 GMT

GET
H2 200 9941.33acea01.chunk.js Show response
qrfy.com/static/js/ 18 KB
6 KB 33ms
25ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/9941.33acea01.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66a78f6ef3718e06ded27680b9037be93ed4c40af84d012a924028f200e1efea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 101119
cf-polished: origSize=18887
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Tue, 30 May 2023 11:01:04 GMT
server: cloudflare
etag: W/"6475d770-49c7"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a587a1cbf-FRA
expires: Wed, 29 May 2024 11:01:08 GMT

GET
H2 200 1560.a00411c7.chunk.js Show response
qrfy.com/static/js/ 15 KB
5 KB 72ms
65ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/1560.a00411c7.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5415a3aa5d708db09b06a615322937fc2820f2a3b120795822469b6dcce5f77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 878500
cf-polished: origSize=15422
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Sun, 21 May 2023 11:10:06 GMT
server: cloudflare
etag: W/"6469fc0e-3c3e"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58861cbf-FRA
expires: Mon, 20 May 2024 11:10:33 GMT

GET
H2 200 9704.743af943.chunk.js Show response
qrfy.com/static/js/ 15 KB
5 KB 52ms
45ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/9704.743af943.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9986b5369b374a78375bcbce9135c4ed49027699274ceb1e131d62282e356f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 678400
cf-polished: origSize=15759
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Tue, 23 May 2023 18:51:01 GMT
server: cloudflare
etag: W/"646d0b15-3d8f"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a58891cbf-FRA
expires: Wed, 22 May 2024 18:51:05 GMT

GET
H2 200 5476.b46a5ede.chunk.css
qrfy.com/static/css/ 13 KB
6 KB 81ms
75ms Stylesheet
text/css 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/css/5476.b46a5ede.chunk.css

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9360eca56563d22f127585387bbabb755d5c048b77455e9a848dc7d8d8836ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 101119
cf-polished: origSize=13041
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Tue, 30 May 2023 11:01:04 GMT
server: cloudflare
etag: W/"6475d770-32f1"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
cf-ray: 7d00339a588c1cbf-FRA
expires: Wed, 29 May 2024 11:01:08 GMT

GET
H2 200 5476.066f29b2.chunk.js Show response
qrfy.com/static/js/ 124 KB
32 KB 59ms
53ms Script
application/javascript 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/static/js/5476.066f29b2.chunk.js

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/main.8da28bcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1f32a134e1128021809995ef9ba2e22378b282f328097d2306cc77c2d549833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qrfy.com/p/uOvzgG0UfX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56733
cf-polished: origSize=127195
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Tue, 30 May 2023 22:56:43 GMT
server: cloudflare
etag: W/"64767f2b-1f0db"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 7d00339a588d1cbf-FRA
expires: Wed, 29 May 2024 22:56:48 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 uOvzgG0UfX
qrfy.com/api/qr/uri/ 1 KB
843 B 58ms
57ms XHR
application/json 2606:4700:3108::ac42:2ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qrfy.com/api/qr/uri/uOvzgG0UfX

Requested by

Host: qrfy.com
URL: https://qrfy.com/static/js/4569.6169208a.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://qrfy.com/p/uOvzgG0UfX
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 May 2023 15:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"4d8-gy8KoGFBHK9iB3wC5lvnHi8fdMo"
expect-ct: max-age=86400, enforce
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://qrfy.com
x-country: DE
access-control-allow-credentials: true
x-user-country: DE
cf-ray: 7d00339c6c361cbf-FRA

GET
H2 200 Primary Request DAY1FRESH.html Show response
firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/ 75 KB
76 KB 1064ms
1042ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67
Requested by: Host: qrfy.com
URL: https://qrfy.com/static/js/5476.066f29b2.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: dbbd6a037d3f560e0920f7d67249d77332fd40968da874c331a34b735d1c3381

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-disposition: inline; filename*=utf-8''DAY1FRESH.html
content-length: 76981
content-type: text/html
date: Wed, 31 May 2023 15:20:34 GMT
etag: "e19dccbda25e5fbaa4c1a308a8e2dbbc"
expires: Wed, 31 May 2023 15:20:34 GMT
last-modified: Tue, 30 May 2023 21:38:47 GMT
server: UploadServer
x-goog-generation: 1685482727602307
x-goog-hash: crc32c=M4m3LQ== md5=4Z3MvaJeX7qkwaMIqOLbvA==
x-goog-meta-firebasestoragedownloadtokens: 26b11e72-b7c1-4020-b2f1-36390e945b67
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 76981
x-guploader-uploadid: ADPycdudGJzEgiTvz-cidWcefTZFBZLjjyz1906lf6gosvemq7SUajTwh-1bF3I0rEs0ttc2-FZyf2d8LX8tLCJIFjVLhR2W1BbP

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 48ms
6ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://firebasestorage.googleapis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 31 May 2023 00:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 May 2024 00:38:30 GMT

GET
H2 200 jquery-3.1.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 50ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.min.js
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer: https://firebasestorage.googleapis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 31 May 2023 15:20:35 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-152b5"
vary: Accept-Encoding
x-hw: 1685546435.dop144.fr8.t,1685546435.cds333.fr8.hn,1685546435.cds164.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30070

GET
H2 200 jquery-3.3.1.js Show response
code.jquery.com/ 265 KB
79 KB 52ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.js
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Request headers

Referer: https://firebasestorage.googleapis.com/
Origin: https://firebasestorage.googleapis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 31 May 2023 15:20:35 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-42587"
vary: Accept-Encoding
x-hw: 1685546435.dop127.fr8.t,1685546435.cds155.fr8.hn,1685546435.cds165.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 80268

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 50ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://firebasestorage.googleapis.com/
Origin: https://firebasestorage.googleapis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 31 May 2023 15:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 73827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqPSqcRTaYvMKbCt44fNlxvdPqqScAIYZPHvAu3cM1OiLn8sTxfcqRVO2JPaNCF6S7lPLuU5vXtyABomvt4VPPdfDVt%2FB%2B4qGHcMCmWKhx28hLFwrCnrDR3R9Tb300XMCC7erfO8sIge%2Fu76tcj6HLtu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d0033a3fce9914a-FRA
expires: Mon, 20 May 2024 15:20:35 GMT

GET
H2 200 acrobat-lo.png
cdn.glitch.global/e8efcc23-84cb-44fa-afa3-f5387b920e52/ 36 KB
37 KB 65ms
16ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/e8efcc23-84cb-44fa-afa3-f5387b920e52/acrobat-lo.png

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b1996199151427b4600eaec6389a0259a582e954c45b2b6b8220a4b2c0e02134

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Wed, 31 May 2023 15:20:35 GMT
x-amz-request-id: WW7J0XYS64XEFDSP
age: 2525159
x-cache: HIT, HIT
content-length: 37356
x-amz-id-2: b6v2a5+wCCu+tnkFpFmjOSH/ZRatLCldK8V9+1T+vhhvcuoPanGPKJF3nskYS4Fiu2X0/zKRiDs=
x-served-by: cache-iad-kjyo7100164-IAD, cache-fra-eddf8230106-FRA
last-modified: Wed, 19 Jan 2022 15:21:21 GMT
server: AmazonS3
x-timer: S1685546435.293066,VS0,VE1
etag: "0d84b997c50f7f9015c532a44e945a83"
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4485, 1

GET
H2 200 thumbnails%2Facrobat-icon.png
cdn.glitch.global/60719965-d295-4673-8d2a-fca5fd5f6e44/ 31 KB
31 KB 43ms
13ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/60719965-d295-4673-8d2a-fca5fd5f6e44/thumbnails%2Facrobat-icon.png?1661157668837

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ff0f6f5354a28803cf4bcd84dfa637d100482b78b2b34df098220f3d43d20c19

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Wed, 31 May 2023 15:20:35 GMT
x-amz-request-id: 21PXEJWBJ876V03K
age: 2534521
x-cache: HIT, HIT
content-length: 31395
x-amz-id-2: BRv945RaUOLvFI+D4jZrCZPwKvvj/T/FNij8d8KQl3SckLMqAiodCzBaAaZ26wxyY+rxLC1Ouq8=
x-served-by: cache-iad-kjyo7100169-IAD, cache-fra-eddf8230106-FRA
last-modified: Mon, 22 Aug 2022 08:41:09 GMT
server: AmazonS3
x-timer: S1685546435.293044,VS0,VE1
etag: "beb949471f269b1663c6f471f03b2212"
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 5, 1

GET
H/1.1 200
OK office3651.png
cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/ 18 KB
18 KB 59ms
15ms Image
image/png 18.66.97.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/office3651.png

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-45.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

71e729939e175f4ae9d3fcc645d6b7389ec341a47a84950e047197331fdc22f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 24 Dec 2022 08:57:34 GMT
Via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 03 Jan 2022 13:53:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 13674182
ETag: "a5cdadd60382e9ae6228121542eb1c2a"
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 18147
X-Amz-Cf-Id: QSw6kUBgUV3RYFqlmDLO7mQ3L3s19e4i7mAV_C-b2BnE5BM5h7X9-w==

GET
H/1.1 200
OK outlook.png
cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/ 34 KB
34 KB 57ms
14ms Image
image/png 18.66.97.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/outlook.png

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-45.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2f128c34e99f47c352178964fc87af68352b7395984d68313bba7a5b2647abaa

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sun, 16 Apr 2023 13:25:49 GMT
Via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 03 Jan 2022 13:54:21 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 3894887
ETag: "a3cdfeaf028cf60d90337ce4bb1b632f"
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 34316
X-Amz-Cf-Id: Fqsx1OYujWsj1dqz8V9abZpbklq0KNK2tN9YvTgenEh9TIrY6QA6gg==

GET
H/1.1 200
OK other1.png
cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/ 21 KB
22 KB 59ms
16ms Image
image/png 18.66.97.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/other1.png

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-45.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 11:26:47 GMT
Via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 03 Jan 2022 13:54:16 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 15220429
ETag: "6843a244e12fab158aa189680b5e7049"
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 21882
X-Amz-Cf-Id: Fn2MABNyvK7IFt7ohFLgbSq5Y3EkdCOwzxiwmj3-Rwo5D8-Z6m0UwA==

GET
H2 200 aol.png
cdn2.downdetector.com/static/uploads/logo/ 17 KB
18 KB 74ms
32ms Image
image/png 2606:4700::6812:1abd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.downdetector.com/static/uploads/logo/aol.png
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1abd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9935d6d50e144151e34c0b42b5222853231ee05f51533cc8f1de146e275f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:20:35 GMT
x-amz-version-id: null
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
content-length: 17665
last-modified: Tue, 22 Mar 2022 18:42:42 GMT
server: cloudflare
etag: "7c7cf7681aee5e76ca1a7dbf2ec7c318"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d0033a4cc00bb74-FRA
x-amz-cf-id: AUqRCcuq_QjQA-BK6XasZDmyYvJQ0QyseZApWz59yiataJSGWmDJCA==
expires: Thu, 30 May 2024 15:20:35 GMT

GET
H/1.1 200
OK 454-4543132_yahoo-black-yahoo-mail-icon-black.png
www.clipartmax.com/png/middle/ 70 KB
34 KB 936ms
590ms Image
image/png 203.161.56.105
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clipartmax.com/png/middle/454-4543132_yahoo-black-yahoo-mail-icon-black.png
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.161.56.105 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: hogmanay-fra.vpsrdns.web-hosting.com
Software: nginx/1.14.0 /
Resource Hash: 41c25e225507c2f7aea38f876a90c5963a12807f110e08956082acf23a03e8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Wed, 31 May 2023 15:20:35 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Dec 2019 10:56:59 GMT
Server: nginx/1.14.0
ETag: W/"5dfdfa7b-119d1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive

GET
H/1.1

200
OK

6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png
cdn.glitch.me/
Redirect Chain

https://cdn.glitch.com/6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png
https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png

63 KB
63 KB

17ms
17ms

Image
image/png

18.66.97.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67

Protocol

HTTP/1.1

Server

18.66.97.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-45.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0c1ebf2bbc55550d5f3c379f178f308a1d45e4e885a623a118d3689b1be6c704

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 11:34:18 GMT
Via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 23 Aug 2021 11:51:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 6839178
ETag: "ada6a19789e5c72533c9872541ba42a6"
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 64019
X-Amz-Cf-Id: X8Zj62JivyXKEEZW0iqwpcTLbziLfD1jXE4jHGrxrwlFiOh4nnTbtA==

Redirect headers

Date: Wed, 31 May 2023 02:34:27 GMT
Via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 45969
Vary: Origin
X-Cache: Hit from cloudfront
Location: https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: zRgkYJTdCrAIFB_auHSu0obu1m-B4MuReVkuerDqTGPrq4bA_rTyqg==

GET
H/1.1

200
OK

6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png
cdn.glitch.me/
Redirect Chain

https://cdn.glitch.com/6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png
https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png

90 KB
91 KB

22ms
21ms

Image
image/png

18.66.97.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67

Protocol

HTTP/1.1

Server

18.66.97.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-45.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

807f4bfba1a94d05c689db0713885aa5db3b5c5d1e08fa8dafb84974a3f92bf8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 11:55:21 GMT
Via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 23 Aug 2021 11:51:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 6837915
ETag: "ebc120f9e4f1a0d91e21dafd5d6d7265"
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 92621
X-Amz-Cf-Id: 2FnEUnaje54-K7K-07HHhBl0fXEJYc1nLd33RyG9jVI4sJtwuC8rlA==

Redirect headers

Date: Wed, 31 May 2023 02:34:27 GMT
Via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 45969
Vary: Origin
X-Cache: Hit from cloudfront
Location: https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: H6oUkDFmEvuouOAgB-EDrd5w4B2H2dzdTDvR4H53bBoRyzI-TkwRXA==

GET
H/1.1

200
OK

6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png
cdn.glitch.me/
Redirect Chain

https://cdn.glitch.com/6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png
https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png

565 KB
565 KB

18ms
18ms

Image
image/png

18.66.97.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67

Protocol

HTTP/1.1

Server

18.66.97.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-45.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

86b84a5512c4a5d4af354ca4978a018f17472e301b4ba7e86a178cdacb709bf3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 18:37:08 GMT
Via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 23 Aug 2021 11:51:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 6813808
ETag: "b291bda6b904cd07b552b3ce84266143"
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 578451
X-Amz-Cf-Id: y0twu1cStwwvK5dLF5d4f7Qm4oAtEdzIUFW_P_I34RC-W03oxvS-AA==

Redirect headers

Date: Wed, 31 May 2023 02:34:27 GMT
Via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 45969
Vary: Origin
X-Cache: Hit from cloudfront
Location: https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: XlL-n2Eh5BvliTrhPbBMjnl9kKo0pYeM1zcs2u_5eRWQQjekTJ101Q==

GET
H2 200 2560px-Yahoo%21_%282019%29.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/3/3a/Yahoo%21_%282019%29.svg/ 66 KB
67 KB 102ms
19ms Image
image/png 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/3/3a/Yahoo%21_%282019%29.svg/2560px-Yahoo%21_%282019%29.svg.png

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

4e5feb95191aebc6cb65710a428c70c2411c7ac6cf5e1946b221c2f1b92ed0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 08:51:36 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 23339
x-cache-status: hit-local
x-cache: cp3059 hit, cp3065 miss
content-disposition: inline;filename*=UTF-8''Yahoo%21_%282019%29.svg.png
server-timing: cache;desc="hit-local", host;desc="cp3065"
content-length: 67162
x-client-ip: 2001:ac8:20:3b00:1012:5e91:5e07:8af3
last-modified: Tue, 08 Mar 2022 08:34:13 GMT
server: ATS/9.1.4
etag: 0a7edf5ea8f987f8f6f3f60c5446cbbf
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK redirect.php Show response
videm.vn/wp-content/plugins/gwqmtsv/admin/share.sharefile.com/ 43 B
309 B 2576ms
236ms XHR
text/html 113.190.42.12
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL: https://videm.vn/wp-content/plugins/gwqmtsv/admin/share.sharefile.com/redirect.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 113.190.42.12 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS: static.vnpt.vn
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f8e5aa9671a92ea8d0c685a34c0198f55e9393b44cd8f8ed1551580b2dce1216

Request headers

Accept: */*
Referer: https://firebasestorage.googleapis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 31 May 2023 15:20:37 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 206 video.mp4
cdn.glitch.global/8d5109a6-1873-4f95-9253-bd838b3669c7/ 5 MB
0 13ms
12ms Media
video/mp4 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.glitch.global/8d5109a6-1873-4f95-9253-bd838b3669c7/video.mp4

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://firebasestorage.googleapis.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Wed, 31 May 2023 15:20:35 GMT
x-amz-request-id: 7A2GSGM8YS4XHP2Y
age: 918687
x-cache: HIT, HIT
Content-Range: bytes 0-20737963/20737964
Content-Length: 20737964
x-amz-id-2: UZgtH5xmoAMj2ojb8pTyf6l6ZHbgQdWW4x9M7XrlEMs0moik/rQnpSwrQHq1x9VVW3LCpTdI19cCFDbZxVic8n98QkDs9RpGIQ068cnJsqc=
x-served-by: cache-iad-kjyo7100114-IAD, cache-fra-eddf8230106-FRA
last-modified: Mon, 04 Apr 2022 12:42:29 GMT
server: AmazonS3
x-timer: S1685546435.400960,VS0,VE1
etag: "710095c093f6424f5bad42c310538527"
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 51, 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online) Generic Email (Online) Generic (Online)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.downdetector.com/	1970-01-20 12:12:28	Name: __cf_bm Value: b_cSdcMA83kxrm7OF5G.tRq_W8XxBf5butEZAdl_dXc-1685546435-0-AQtZoYvEgYfiaZnR1VUbq8sRVgKG+lzIAnXjQ0emUjQLwnF7QB4KS/9qtDRgQohfFy6/mIt4+iIpmLcNeA48oso=

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.3.1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://firebasestorage.googleapis.com/v0/b/freshp-325fe.appspot.com/o/DAY1FRESH.html?alt=media&token=26b11e72-b7c1-4020-b2f1-36390e945b67(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.qrfy.com
cdn.glitch.com
cdn.glitch.global
cdn.glitch.me
cdn2.downdetector.com
cdnjs.cloudflare.com
code.jquery.com
firebasestorage.googleapis.com
qrfy.com
upload.wikimedia.org
videm.vn
www.clipartmax.com
113.190.42.12
151.101.130.132
18.66.97.45
2001:4de0:ac18::1:a:1b
203.161.56.105
2606:4700:3108::ac42:2ad4
2606:4700::6811:180e
2606:4700::6812:1abd
2620:0:862:ed1a::2:b
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200a
99.86.4.38
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
08f47bfd792d40d23c40118b9db00e6a105ccf46fd221508eb42ebb3aacffad9
0c1ebf2bbc55550d5f3c379f178f308a1d45e4e885a623a118d3689b1be6c704
0d3b3b32a590250d4c9ae5c0900a87663885c22aafec2c91b6333fd417534125
155b2a5157525f089fe267fe5bdb24a7cd84cc755ad9385edd6e173713391d15
240eac32b8d9236bb3f90440cfefc3734bfa07eddb07e599a8dc7ce24f738e5f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f128c34e99f47c352178964fc87af68352b7395984d68313bba7a5b2647abaa
3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f
41c25e225507c2f7aea38f876a90c5963a12807f110e08956082acf23a03e8ab
4e5feb95191aebc6cb65710a428c70c2411c7ac6cf5e1946b221c2f1b92ed0c8
4f1845ba65c0e766ad14d9de183538fd9a628469324d2078db863c100294364d
5415a3aa5d708db09b06a615322937fc2820f2a3b120795822469b6dcce5f77d
586492b29484c7c02751b475f24c5bece4e10b180d80235df813f922915135bc
66a78f6ef3718e06ded27680b9037be93ed4c40af84d012a924028f200e1efea
6a3a66d0c136599362bc745f67a1729549432e45480f799cf4e52c2bdba8c2ff
6a9935d6d50e144151e34c0b42b5222853231ee05f51533cc8f1de146e275f8d
71e729939e175f4ae9d3fcc645d6b7389ec341a47a84950e047197331fdc22f1
763c8a10ca9e94eedbc37576007531447326c471f75beebe41116309fdc0b860
80417b1d707f496da61238da501a9bad641d33c7d4e04696213e053193215f7c
807f4bfba1a94d05c689db0713885aa5db3b5c5d1e08fa8dafb84974a3f92bf8
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86b84a5512c4a5d4af354ca4978a018f17472e301b4ba7e86a178cdacb709bf3
871efd0ce6903d32815c5da706cda003be23ba96b7932c7a52fd9954007eeaac
88693a39def45588e5fe6b8adcab8312cb27058496dd83e6b1ec1ae82f7e8df7
89ff1108b72d13503ac59799e918101acef3b1dc9778abef3cba6ba81ae2d0df
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9572f8c5d788b1d80ca1e511ed78e928ad0e0686b7934dabc8d2d7a6bd52e9e5
970fca51987cfc1961fb4d90cb241a219f6d97cf557a460df36d753463b76f9b
9986b5369b374a78375bcbce9135c4ed49027699274ceb1e131d62282e356f0f
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a684888423537736281bde68a9e0bc107cbe7a9aae26dfc53ec80e5e2ad3065c
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
b1996199151427b4600eaec6389a0259a582e954c45b2b6b8220a4b2c0e02134
b3a7aa57eb4e3c2ec6eb3ea6b9340325143f7d295fa548d8c0ea185528093218
b4dbcf30e4bfcc3d768245c09d1b285c655653bdb25bf0cfad749f6a4fbbb11b
bf1fa8f2cef34766a47309fdf21be21a55ef1fd6bd9da4b823094001f6ff05e1
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c53551a1e970a9067a4d8cd8198e652a648cee7999da0d43aa7da14f46910427
cd2a2616e9a90d70aa52a99f8e7723c5d645909f3e99b5075f9d5cf35eb24294
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
d9360eca56563d22f127585387bbabb755d5c048b77455e9a848dc7d8d8836ed
dbbd6a037d3f560e0920f7d67249d77332fd40968da874c331a34b735d1c3381
ddd7649446f4f8540758991cd6d393586202089a502f419d43709960b17dfed8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f32a134e1128021809995ef9ba2e22378b282f328097d2306cc77c2d549833
f8e5aa9671a92ea8d0c685a34c0198f55e9393b44cd8f8ed1551580b2dce1216
f9bae5b6079c969045c49827f9a138054f6c0f5f5521b5acbdaef55d5033e76e
ff0f6f5354a28803cf4bcd84dfa637d100482b78b2b34df098220f3d43d20c19

firebasestorage.googleapis.com Open in urlscan Pro 2a00:1450:4001:80e::200a Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

94 %HTTPS

58 %IPv6

11 Domains

13 Subdomains

12 IPs

4 Countries

2107 kBTransfer

9751 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

firebasestorage.googleapis.com Open in urlscan Pro
2a00:1450:4001:80e::200a Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

94 %
HTTPS

58 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

2107 kB
Transfer

9751 kB
Size

1
Cookies

54 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!