qr.de Open in urlscan Pro
188.40.28.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lyncdiscoverinternal.capiotalone.com/
Effective URL:
https://qr.de/?ref=HKCMS
Submission: On April 16 via api (April 16th 2021, 9:38:33 pm UTC) from US

Summary HTTP 75 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 20 domains to perform 75 HTTP transactions. The main IP is 188.40.28.36, located in Germany and belongs to HETZNER-AS, DE. The main domain is qr.de.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on November 24th 2020. Valid for: a year.

This is the only time qr.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	64.190.62.111 64.190.62.111	47846 (SEDO-AS) (SEDO-AS)
1	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 3	176.9.51.136 176.9.51.136	24940 (HETZNER-AS) (HETZNER-AS)
12	188.40.28.36 188.40.28.36	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:215d:3200:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	143.204.245.33 143.204.245.33	16509 (AMAZON-02) (AMAZON-02)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
12	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	143.204.245.2 143.204.245.2	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	143.204.245.91 143.204.245.91	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
75	28

4 64.190.62.111 (Germany) 2 redirects

ASN47846 (SEDO-AS, DE)

lyncdiscoverinternal.capiotalone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.sedodna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.9.51.136 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: www1.qualigo.com

qualigo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 188.40.28.36 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: www256.your-server.de

qr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:3200:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.245.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-33.cph50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.245.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-2.cph50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.245.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-91.cph50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	gstatic.com fonts.gstatic.com www.gstatic.com	579 KB
12	qr.de qr.de	306 KB
11	google.com www.google.com translate.google.com	78 KB
6	googleapis.com fonts.googleapis.com translate.googleapis.com	99 KB
4	facebook.com www.facebook.com	927 B
4	capiotalone.com 2 redirects lyncdiscoverinternal.capiotalone.com	3 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	qualigo.com 1 redirects qualigo.com	1 KB
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
2	yimg.com s.yimg.com	7 KB
2	facebook.net connect.facebook.net	97 KB
2	bing.com bat.bing.com	9 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
1	google.de www.google.de	108 B
1	googleadservices.com www.googleadservices.com	14 KB
1	taboola.com cdn.taboola.com	22 KB
1	dwin1.com www.dwin1.com	5 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	sedodna.com 1 redirects xml.sedodna.com	280 B
1	sedoparking.com img.sedoparking.com	5 KB
75	20

	Domain	Requested by
12	www.gstatic.com	www.google.com translate.googleapis.com qr.de www.gstatic.com
12	qr.de	qualigo.com qr.de
10	www.google.com	qr.de www.gstatic.com www.google.com
7	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc
4	www.facebook.com	qr.de
4	lyncdiscoverinternal.capiotalone.com	2 redirects lyncdiscoverinternal.capiotalone.com
3	qualigo.com	1 redirects lyncdiscoverinternal.capiotalone.com qualigo.com
2	s.yimg.com	qr.de s.yimg.com
2	connect.facebook.net	qr.de connect.facebook.net
2	bat.bing.com	qr.de
2	ssl.google-analytics.com	1 redirects qr.de
1	www.google.de	qr.de
1	vars.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	qr.de
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.taboola.com	qr.de
1	static.hotjar.com	qr.de
1	www.dwin1.com	qr.de
1	translate.google.com	qr.de
1	www.googletagmanager.com	qr.de
1	fonts.googleapis.com	qr.de
1	xml.sedodna.com	1 redirects
1	img.sedoparking.com	lyncdiscoverinternal.capiotalone.com
75	26

This site contains no links.

Subject Issuer	Validity	Valid
qualigo.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
qr.de Encryption Everywhere DV TLS CA - G1	`2020-11-24` - `2021-11-24`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.dwin1.com Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-24` - `2021-05-12`	2 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://qr.de/?ref=HKCMS
Frame ID: CA748C57CBB5282D3C156A79FCA5288F
Requests: 50 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&co=aHR0cHM6Ly9xci5kZTo0NDM.&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=viw116jtx02v
Frame ID: 8B62ABB0E095B9B49EF0C9533DFCB992
Requests: 8 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: D30011C705C951BBE4CFA199C162F7EC
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: AEC376A9E6B2AD0404D263334A362F65
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 8ADD61FAE64EB00E021EA3B03FC7DA08
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&cb=2o26cv1cw9hv
Frame ID: 7508D5C056E727C6B55E39BA1FBE46EF
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://lyncdiscoverinternal.capiotalone.com/ Page URL
http://lyncdiscoverinternal.capiotalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y... HTTP 302
http://lyncdiscoverinternal.capiotalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y... HTTP 302
http://xml.sedodna.com/click?i=FUkWUClU1-Y_0 HTTP 302
https://qualigo.com/doks/charge_query.php?ds=32904&subds=capiotalone.com&pid=825&q=c4cbb06d0f884... HTTP 302
https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS Page URL
http://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS HTTP 307
https://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS Page URL
https://qr.de/?ref=HKCMS Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

75
Requests

95 %
HTTPS

64 %
IPv6

20
Domains

26
Subdomains

28
IPs

4
Countries

1339 kB
Transfer

3140 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lyncdiscoverinternal.capiotalone.com/ Page URL
http://lyncdiscoverinternal.capiotalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y_0&v=NDZkODFlMjc1NDY1NGJjYzFlNzU3NTQ2OGNhZmJjMWIJMQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTUwNy40Nzc1NTY5MQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTdkOC4xNDk5ODAyMAkxNjE4NjA5MDk1CWFkXzYzXzA=&l=OAk2OGE0ZmYwZGM2NmM4Nzg4M2YyZmMzNWM4YTA1NTNmYgkwCTEzCTAJZWUxN2JjMzdkZTlkYTczZjllMWY1YjE3MWEyMGIwZWYJMzc1NjYxOTYwCWNhcGlvdGFsb25lCTAJNjMJMAkwCTE2MTg2MDkwOTUJMC4wMzY4CU4JMAkxCTAJMTIwNQkxNTYyMTM2NTYJNS4xODAuNjIuMTQ4CTA%3D HTTP 302
http://lyncdiscoverinternal.capiotalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y_0&v=NDZkODFlMjc1NDY1NGJjYzFlNzU3NTQ2OGNhZmJjMWIJMQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTUwNy40Nzc1NTY5MQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTdkOC4xNDk5ODAyMAkxNjE4NjA5MDk1CWFkXzYzXzA=&l=OAk2OGE0ZmYwZGM2NmM4Nzg4M2YyZmMzNWM4YTA1NTNmYgkwCTEzCTAJZWUxN2JjMzdkZTlkYTczZjllMWY1YjE3MWEyMGIwZWYJMzc1NjYxOTYwCWNhcGlvdGFsb25lCTAJNjMJMAkwCTE2MTg2MDkwOTUJMC4wMzY4CU4JMAkxCTAJMTIwNQkxNTYyMTM2NTYJNS4xODAuNjIuMTQ4CTA%3D HTTP 302
http://xml.sedodna.com/click?i=FUkWUClU1-Y_0 HTTP 302
https://qualigo.com/doks/charge_query.php?ds=32904&subds=capiotalone.com&pid=825&q=c4cbb06d0f88482be865a87fac883747&t=20210416113815&keyword=Capiotalone HTTP 302
https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS Page URL
http://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS HTTP 307
https://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS Page URL
https://qr.de/?ref=HKCMS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://lyncdiscoverinternal.capiotalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y_0&v=NDZkODFlMjc1NDY1NGJjYzFlNzU3NTQ2OGNhZmJjMWIJMQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTUwNy40Nzc1NTY5MQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTdkOC4xNDk5ODAyMAkxNjE4NjA5MDk1CWFkXzYzXzA=&l=OAk2OGE0ZmYwZGM2NmM4Nzg4M2YyZmMzNWM4YTA1NTNmYgkwCTEzCTAJZWUxN2JjMzdkZTlkYTczZjllMWY1YjE3MWEyMGIwZWYJMzc1NjYxOTYwCWNhcGlvdGFsb25lCTAJNjMJMAkwCTE2MTg2MDkwOTUJMC4wMzY4CU4JMAkxCTAJMTIwNQkxNTYyMTM2NTYJNS4xODAuNjIuMTQ4CTA%3D HTTP 302
http://lyncdiscoverinternal.capiotalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y_0&v=NDZkODFlMjc1NDY1NGJjYzFlNzU3NTQ2OGNhZmJjMWIJMQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTUwNy40Nzc1NTY5MQlseW5jZGlzY292ZXJpbnRlcm5hbC5jYXBpb3RhbG9uZS5jb202MDdhMDNjNzA5NTdkOC4xNDk5ODAyMAkxNjE4NjA5MDk1CWFkXzYzXzA=&l=OAk2OGE0ZmYwZGM2NmM4Nzg4M2YyZmMzNWM4YTA1NTNmYgkwCTEzCTAJZWUxN2JjMzdkZTlkYTczZjllMWY1YjE3MWEyMGIwZWYJMzc1NjYxOTYwCWNhcGlvdGFsb25lCTAJNjMJMAkwCTE2MTg2MDkwOTUJMC4wMzY4CU4JMAkxCTAJMTIwNQkxNTYyMTM2NTYJNS4xODAuNjIuMTQ4CTA%3D HTTP 302
http://xml.sedodna.com/click?i=FUkWUClU1-Y_0 HTTP 302
https://qualigo.com/doks/charge_query.php?ds=32904&subds=capiotalone.com&pid=825&q=c4cbb06d0f88482be865a87fac883747&t=20210416113815&keyword=Capiotalone HTTP 302
https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS

Request Chain 4

http://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS HTTP 307
https://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS

Request Chain 37

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1131343443&utmhn=qr.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=QR.de%20-%20Ihr%20QR-Code%20Generator%20zum%20erstellen%20von%20QR-Codes&utmhid=519631200&utmr=https%3A%2F%2Fqualigo.com%2F&utmp=%2F%3Fref%3DHKCMS&utmht=1618609096856&utmac=UA-23661299-1&utmcc=__utma%3D1.102772031.1618609097.1618609097.1618609097.1%3B%2B__utmz%3D1.1618609097.1.1.utmcsr%3Dqualigo.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=1947027679&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23661299-1&cid=102772031.1618609097&jid=1947027679&_v=5.7.2&z=1131343443

75 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
lyncdiscoverinternal.capiotalone.com/ 2 KB
2 KB 1013ms
992ms Document
text/html 64.190.62.111
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://lyncdiscoverinternal.capiotalone.com/
Protocol: HTTP/1.1
Server: 64.190.62.111 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: NginX /
Resource Hash: 0b55c5549dc7fd31b0bde2d498b05fc70a0a2f5040f0d1ae2657feffdc443c77

Request headers

Host: lyncdiscoverinternal.capiotalone.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:15 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_DfauFuUBTeq+YTWjEOvAYVryN/ch3S4K+/ilTXgZqyBvxt56pfX+R2292eO+2o+PP8aTZApwWFj20+hR+sN+GQ==
last-modified: Fri, 16 Apr 2021 21:38:15 GMT
x-cache-miss-from: parking-6dfcfcdcd9-bqj82
server: NginX
content-encoding: gzip

GET
H/1.1 200
OK js_preloader.gif
img.sedoparking.com/images/ 4 KB
5 KB 15ms
8ms Image
image/gif 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.sedoparking.com/images/js_preloader.gif
Requested by: Host: lyncdiscoverinternal.capiotalone.com
URL: http://lyncdiscoverinternal.capiotalone.com/
Protocol: HTTP/1.1
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash

Request headers

Referer: http://lyncdiscoverinternal.capiotalone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 21:38:16 GMT
X-CF3: M
CF4ttl: 31536000.000
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CF1: 11696:fD.fra2:cf:cacheN.fra2-01:H
Connection: keep-alive
Content-Length: 4254
x-cf-tsc: 1616487030
X-CF2: H
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
Server: CFS 0215
X-CFF: B
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
CF4Age: 0
Accept-Ranges: bytes
Expires: Fri, 23 Apr 2021 21:38:16 GMT

GET
H/1.1 200
OK tsc.php
lyncdiscoverinternal.capiotalone.com/search/ 0
175 B 16ms
15ms XHR
text/html 64.190.62.111
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://lyncdiscoverinternal.capiotalone.com/search/tsc.php?200=Mzc1NjYxOTYw&21=NS4xODAuNjIuMTQ4&681=MTYxODYwOTA5NTg5Mjk5MDA2MmQ4NzRkNTQzNTY0YWJlZTVjNjQ3MmZm&crc=bd560465aaca4e3f7a2a2da5f7791f6e62f99a2b&cv=1
Requested by: Host: lyncdiscoverinternal.capiotalone.com
URL: http://lyncdiscoverinternal.capiotalone.com/
Protocol: HTTP/1.1
Server: 64.190.62.111 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: NginX /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: lyncdiscoverinternal.capiotalone.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://lyncdiscoverinternal.capiotalone.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://lyncdiscoverinternal.capiotalone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
x-cache-miss-from: parking-6dfcfcdcd9-s8xzl
server: NginX
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

klick.php
qualigo.com/doks/
Redirect Chain

http://lyncdiscoverinternal.capiotalone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y_0&v=NDZkODFlMjc1NDY1NGJjYzFlNzU3NTQ2OGNhZmJjMWIJMQlseW5jZGlzY292ZXJpbnRl...
http://lyncdiscoverinternal.capiotalone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DFUkWUClU1-Y_0&v=NDZkODFlMjc1NDY1NGJjYzFlNzU3NTQ2OGNhZmJjMWIJMQlseW5jZGlzY292ZXJpbnRl...
http://xml.sedodna.com/click?i=FUkWUClU1-Y_0
https://qualigo.com/doks/charge_query.php?ds=32904&subds=capiotalone.com&pid=825&q=c4cbb06d0f88482be865a87fac883747&t=20210416113815&keyword=Capiotalone
https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS

122 B
434 B

13ms
12ms

Document
text/html

176.9.51.136
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS

Requested by

Host: lyncdiscoverinternal.capiotalone.com
URL: http://lyncdiscoverinternal.capiotalone.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

176.9.51.136 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

www1.qualigo.com

Software

Apache/2.4.10 (Debian) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Host: qualigo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://lyncdiscoverinternal.capiotalone.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://lyncdiscoverinternal.capiotalone.com/

Response headers

Date: Fri, 16 Apr 2021 21:38:16 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=15552000; preload
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 129
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 16 Apr 2021 21:38:16 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=15552000; preload
Location: https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

klick.php Show response
qualigo.com/doks/
Redirect Chain

http://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS
https://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS

70 B
387 B

12ms
11ms

Document
text/html

176.9.51.136
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS

Requested by

Host: qualigo.com
URL: https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

176.9.51.136 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

www1.qualigo.com

Software

Apache/2.4.10 (Debian) /

Resource Hash

07fefe589b5076e3c00309c5c302ba4e97bdfc4b37b3e4716d3e1d7727aae2dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Host: qualigo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://qualigo.com/doks/klick.php?w=e&k=825&u=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS

Response headers

Date: Fri, 16 Apr 2021 21:38:16 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=15552000; preload
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 83
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS
Non-Authoritative-Reason: HSTS

GET
H2 200 Primary Request / Show response
qr.de/ 19 KB
6 KB 71ms
44ms Document
text/html 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.de/?ref=HKCMS
Requested by: Host: qualigo.com
URL: https://qualigo.com/doks/klick.php?wt=1&k=825&u=https://qr.de/?ref=HKCMS
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: e6eba9d6562d7aacda24e992634b3b83e7cd71b94398a7c0032bbe9c2ee46543

Request headers

:method: GET
:authority: qr.de
:scheme: https
:path: /?ref=HKCMS
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://qualigo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://qualigo.com/

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store
x-app-runtime: 0.033 sec
set-cookie: PHPSESSID=0b5eeb7b5ab2419bd1c3a40d455160b3; path=/ qr_ref=HKCMS; path=/; expires=Sun, 16-May-2021 21:38:16 UTC; secure; HostOnly; HttpOnly qr_ref2=HKCMS; path=/; expires=Sun, 16-May-2021 21:38:16 UTC; secure; HostOnly; HttpOnly qr_test=1618609096; path=/; expires=Fri, 16-Apr-2021 23:38:16 UTC; secure; HostOnly; HttpOnly
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: none
content-length: 5547
content-type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 2 KB
562 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900|Indie+Flower

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4da022075d3626786269d309b8fd70324b4999fb8a90ed1f89bb405b11b401ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 21:38:16 GMT
server: ESF
date: Fri, 16 Apr 2021 21:38:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Apr 2021 21:38:16 GMT

GET
H2 200 bootstrap.css
qr.de/lib/bootstrap/dist/css/ 144 KB
22 KB 17ms
16ms Stylesheet
text/css 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.de/lib/bootstrap/dist/css/bootstrap.css
Requested by: Host: qr.de
URL: https://qr.de/?ref=HKCMS
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 4ede7c61ced76210d61b5737b39e48dfb7e3aa65022fd757442ab518b0b5df84

Request headers

:path: /lib/bootstrap/dist/css/bootstrap.css
pragma: no-cache
cookie: PHPSESSID=0b5eeb7b5ab2419bd1c3a40d455160b3; qr_ref=HKCMS; qr_ref2=HKCMS; qr_test=1618609096
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: qr.de
referer: https://qr.de/?ref=HKCMS
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://qr.de/?ref=HKCMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: gzip
last-modified: Thu, 06 Feb 2020 13:07:49 GMT
server: Apache
etag: "240bc-59de7f5c02f7f-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 21871

GET
H2 200 font-awesome.min.css
qr.de/lib/font-awesome/css/ 30 KB
7 KB 12ms
11ms Stylesheet
text/css 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.de/lib/font-awesome/css/font-awesome.min.css
Requested by: Host: qr.de
URL: https://qr.de/?ref=HKCMS
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

:path: /lib/font-awesome/css/font-awesome.min.css
pragma: no-cache
cookie: PHPSESSID=0b5eeb7b5ab2419bd1c3a40d455160b3; qr_ref=HKCMS; qr_ref2=HKCMS; qr_test=1618609096
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: qr.de
referer: https://qr.de/?ref=HKCMS
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://qr.de/?ref=HKCMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 09:53:36 GMT
server: Apache
etag: "7918-59b75a211a4c6-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7053

GET
H2 200 flag-icon.min.css
qr.de/lib/flag-icon-css/css/ 33 KB
3 KB 11ms
10ms Stylesheet
text/css 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.de/lib/flag-icon-css/css/flag-icon.min.css
Requested by: Host: qr.de
URL: https://qr.de/?ref=HKCMS
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 1108d9c16e258ebb7d76ca276f25feb22ea46f182455d7b8ed3cbd1507a19d48

Request headers

:path: /lib/flag-icon-css/css/flag-icon.min.css
pragma: no-cache
cookie: PHPSESSID=0b5eeb7b5ab2419bd1c3a40d455160b3; qr_ref=HKCMS; qr_ref2=HKCMS; qr_test=1618609096
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: qr.de
referer: https://qr.de/?ref=HKCMS
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://qr.de/?ref=HKCMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 07:18:12 GMT
server: Apache
etag: "82c9-597ea377f8d94-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2776

GET
H2 200 style.css
qr.de/css/ 53 KB
10 KB 15ms
14ms Stylesheet
text/css 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.de/css/style.css
Requested by: Host: qr.de
URL: https://qr.de/?ref=HKCMS
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 1e8aaee7b22e3b9e1bc19ffe89e18f3bf4c516a11627e4e5169402eef82886ed

Request headers

:path: /css/style.css
pragma: no-cache
cookie: PHPSESSID=0b5eeb7b5ab2419bd1c3a40d455160b3; qr_ref=HKCMS; qr_ref2=HKCMS; qr_test=1618609096
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: qr.de
referer: https://qr.de/?ref=HKCMS
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://qr.de/?ref=HKCMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: gzip
last-modified: Fri, 07 Feb 2020 07:58:30 GMT
server: Apache
etag: "d318-59df7c15e51ec-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9809

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-871988727

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ca6052288ca30908bd98198c5df74eb67b6947d7a6c0dae3982fbaf5ba3025f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34048
x-xss-protection: 0
expires: Fri, 16 Apr 2021 21:38:16 GMT

GET
H2 200 logo-qr.png
qr.de/img/ 6 KB
6 KB 11ms
10ms Image
image/png 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qr.de/img/logo-qr.png
Requested by: Host: qr.de
URL: https://qr.de/?ref=HKCMS
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: db8b80b4d32e48c9059b6aaf10e281adbad861bed0e6f0562645e0769f3f4931

Request headers

:path: /img/logo-qr.png
pragma: no-cache
cookie: PHPSESSID=0b5eeb7b5ab2419bd1c3a40d455160b3; qr_ref=HKCMS; qr_ref2=HKCMS; qr_test=1618609096
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: qr.de
referer: https://qr.de/?ref=HKCMS
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://qr.de/?ref=HKCMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
last-modified: Fri, 22 Nov 2019 07:18:02 GMT
server: Apache
etag: "181e-597ea36dcc56d"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6174

GET
H2 200 qr_code.png
qr.de/img/ 36 KB
37 KB 11ms
10ms Image
image/png 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qr.de/img/qr_code.png
Requested by: Host: qr.de
URL: https://qr.de/?ref=HKCMS
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: f39498fef1f10321cd2663e2be5628bc10d8d3b52b77fe04d3bebe4124809c42

Request headers

:path: /img/qr_code.png
pragma: no-cache
cookie: PHPSESSID=0b5eeb7b5ab2419bd1c3a40d455160b3; qr_ref=HKCMS; qr_ref2=HKCMS; qr_test=1618609096
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: qr.de
referer: https://qr.de/?ref=HKCMS
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://qr.de/?ref=HKCMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
last-modified: Fri, 29 Nov 2019 09:14:35 GMT
server: Apache
etag: "9121-59878a890fab0"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 37153

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 918 B
683 B 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=recaptchaOnloadCallback&render=explicit

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5a337d475aa1861eac1cf0e5381a4ae4fa5465e3bba0e2e1679172458acb32a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Fri, 16 Apr 2021 21:38:16 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

cac3fb8005375f1880ae2a644b54f1a2148bf813cb1b8936aea91129def96117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1872
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
qr.de/lib/jquery/dist/ 85 KB
30 KB 16ms
15ms Script
application/javascript 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.de/lib/jquery/dist/jquery.min.js
Requested by: Host: qr.de
URL: https://qr.de/?ref=HKCMS
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

:path: /lib/jquery/dist/jquery.min.js
pragma: no-cache
cookie: PHPSESSID=0b5eeb7b5ab2419bd1c3a40d455160b3; qr_ref=HKCMS; qr_ref2=HKCMS; qr_test=1618609096
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: qr.de
referer: https://qr.de/?ref=HKCMS
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://qr.de/?ref=HKCMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 07:18:19 GMT
server: Apache
etag: "152b5-597ea37e106de-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 30080

GET
H2 200 bootstrap.min.js Show response
qr.de/lib/bootstrap/dist/js/ 36 KB
10 KB 14ms
11ms Script
application/javascript 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.de/lib/bootstrap/dist/js/bootstrap.min.js
Requested by: Host: qr.de
URL: https://qr.de/?ref=HKCMS
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

:path: /lib/bootstrap/dist/js/bootstrap.min.js
pragma: no-cache
cookie: PHPSESSID=0b5eeb7b5ab2419bd1c3a40d455160b3; qr_ref=HKCMS; qr_ref2=HKCMS; qr_test=1618609096
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: qr.de
referer: https://qr.de/?ref=HKCMS
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://qr.de/?ref=HKCMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 07:18:23 GMT
server: Apache
etag: "90b5-597ea38264d5c-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9833

GET
H2 200 17517.js Show response
www.dwin1.com/ 16 KB
5 KB 173ms
94ms Script
application/javascript 2600:9000:215d:3200:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/17517.js
Requested by: Host: qr.de
URL: https://qr.de/?ref=HKCMS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215d:3200:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c7f1b4c6f62cb99b411ff40cd189728d20c35856d16424003604db87e578c7e

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cF1NF269lLQtjFxdGkl5C2n0JcIVjqjg
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 13:54:48 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C1
etag: W/"2666b53c1c4bbebeace2a625f04ed7be"
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
date: Fri, 16 Apr 2021 21:38:16 GMT
x-amz-replication-status: COMPLETED
x-cache: Hit from cloudfront
x-amz-cf-id: 0SdBGNvT243JDawUcGxadRqq_BRb13x5j2RLOhpJNcieb17noTHBPQ==
via: 1.1 437f7ee4dc994b22e33d571f5f90f36b.cloudfront.net (CloudFront)

GET
H2 200 de.svg
qr.de/lib/flag-icon-css/flags/4x3/ 220 B
252 B 25ms
12ms Image
image/svg+xml 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qr.de/lib/flag-icon-css/flags/4x3/de.svg
Requested by: Host: qr.de
URL: https://qr.de/lib/flag-icon-css/css/flag-icon.min.css
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 8d0d0a51ddf42e560ac09dd5556dff7bacce74c17f6ff9484bcf550a59482df4

Request headers

:path: /lib/flag-icon-css/flags/4x3/de.svg
pragma: no-cache
cookie: PHPSESSID=0b5eeb7b5ab2419bd1c3a40d455160b3; qr_ref=HKCMS; qr_ref2=HKCMS; qr_test=1618609096
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: qr.de
referer: https://qr.de/lib/flag-icon-css/css/flag-icon.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://qr.de/lib/flag-icon-css/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 07:18:40 GMT
server: Apache
etag: "dc-597ea39256e4c-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 163

GET
H2 200 qr_background.png
qr.de//img/ 100 KB
101 KB 23ms
12ms Image
image/png 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qr.de//img/qr_background.png
Requested by: Host: qr.de
URL: https://qr.de/css/style.css
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 618d46449b67812c0fc2872fb531603af894169ee594bddc0c272cfbb008b919

Request headers

:path: //img/qr_background.png
pragma: no-cache
cookie: PHPSESSID=0b5eeb7b5ab2419bd1c3a40d455160b3; qr_ref=HKCMS; qr_ref2=HKCMS; qr_test=1618609096
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: qr.de
referer: https://qr.de/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://qr.de/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
last-modified: Fri, 22 Nov 2019 07:18:02 GMT
server: Apache
etag: "1902c-597ea36de4c0d"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 102444

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
23 KB 14ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Indie+Flower

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://qr.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 00:07:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 163818
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Fri, 15 Apr 2022 00:07:58 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 15ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Indie+Flower

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://qr.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 156914
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
H2 200 fontawesome-webfont.woff2
qr.de/lib/font-awesome/fonts/ 75 KB
76 KB 22ms
12ms Font
font/woff2 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.de/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: qr.de
URL: https://qr.de/lib/font-awesome/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode: cors
origin: https://qr.de
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=0b5eeb7b5ab2419bd1c3a40d455160b3; qr_ref=HKCMS; qr_ref2=HKCMS; qr_test=1618609096
:path: /lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: qr.de
referer: https://qr.de/lib/font-awesome/css/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://qr.de
Referer: https://qr.de/lib/font-awesome/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
last-modified: Fri, 22 Nov 2019 07:18:14 GMT
server: Apache
etag: "12d68-597ea379a7840"
content-type: font/woff2
cache-control: max-age=604800
accept-ranges: bytes
content-length: 77160

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
3 KB 29ms
7ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:34:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 229
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 16 Apr 2021 22:34:27 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 20:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2770
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1673
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 22:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 16 Apr 2021 21:52:06 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 7000
date: Fri, 16 Apr 2021 19:41:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 16 Apr 2021 21:41:36 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 29 KB
9 KB 30ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: qr.de
URL: https://qr.de/?ref=HKCMS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:15 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 18:16:38 GMT
x-msedge-ref: Ref A: 14E4513976E84C649DE847DBD41BCC32 Ref B: FRAEDGE1412 Ref C: 2021-04-16T21:38:16Z
etag: "0c77652ec27d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8885

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
25 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23963
x-fb-rlafr: 0
pragma: public
x-fb-debug: S2m+jaN9E8cx6uXcHYnbOG0RHWCGjJLD4/M4vxserU1VEPVPfhBpeSzufwjp0knJjIwP8EechKDUMsOYPep1lg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 16 Apr 2021 21:38:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 25ms
11ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 16 Apr 2021 20:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3119
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5581
x-amz-id-2: mJ06vxNX8MDkmA2OTU8c5rIIan/mWy3B3laYQrolCu9Av+yhAnE6VTIqkfTXqFJYpkfpKavjePk=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 24 Sep 2020 23:08:16 GMT
server: ATS
etag: "49db10c8315384e8dad2e92a6841ed81-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 9K43PSTR6QA0F6YS
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 hotjar-2217061.js Show response
static.hotjar.com/c/ 4 KB
2 KB 137ms
72ms Script
application/javascript 143.204.245.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2217061.js?sv=6

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-33.cph50.r.cloudfront.net

Software

Resource Hash

156e246db71a1d9cc7a68bd18d0a72d511cd62c7a830091d25f24bf53e8bc8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: CPH50-C1
etag: W/610690e4d73e0528acdbeb07a42cefdc
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1915
via: 1.1 1ebf52f5e79648444025879af65610d2.cloudfront.net (CloudFront)
x-amz-cf-id: cR9VuF7b9AAHONa6HkJ47Ex2GokBxJx8aNAIteosWX7D1ls0KQ-9Nw==

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1376253/ 65 KB
22 KB 26ms
9ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1376253/tfa.js
Requested by: Host: qr.de
URL: https://qr.de/?ref=HKCMS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d500aa04534e887f968a1a5c936c821af37f248a284bbfcfec1e9bcb89cb607

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wh9t1ZCXHwCJ013sG4KdovhzG_A8Gqyc
content-encoding: gzip
etag: "4ca5643427ed30714a9d374011dd43e6"
age: 41
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 22354
x-amz-id-2: I7Rzpt2BfwQE8qcCi4Je620BIx9+5xNjdnYUyGDyy7Zr7Aj3+89tRWD1EOiWiuDPTwUqkLGIpSA=
x-served-by: cache-hhn11545-HHN
last-modified: Mon, 12 Apr 2021 11:01:03 GMT
server: AmazonS3
x-timer: S1618609097.649879,VS0,VE1
date: Fri, 16 Apr 2021 21:38:16 GMT
vary: Accept-Encoding
x-amz-request-id: BCKA88JWAQFRJ3TX
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 78
x-cache-hits: 1

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ 334 KB
130 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaOnloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://qr.de
Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 19:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6195
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133125
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 21:07:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 19:55:01 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 18ms
17ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-871988727

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13879
x-xss-protection: 0
server: cafe
etag: 4168474919333271250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 21:38:16 GMT

GET
H3-29 200 element_main.js Show response
translate.googleapis.com/element/TE_20210224_00/e/js/element/ 250 KB
89 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 16:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18247
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91310
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 18:08:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 16:34:09 GMT

GET
H3-29 200 311459669964517 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/311459669964517?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a7b7d513c016c791cce62914ccdb7c788b27f6becec076d34d2d22aaca0bc5c3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74077
x-fb-rlafr: 0
pragma: public
x-fb-debug: 2xRpy6ZPxTMTJeJSgBs4X9avDJ/xIb7Z7xuky9ZpeN2E9ayVIA6EhMqbBRBS2eTCd4oiNd1s/sOGpoyNSGIdlQ==
x-frame-options: DENY
date: Fri, 16 Apr 2021 21:38:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10143015.json Show response
s.yimg.com/wi/config/ 2 B
494 B 397ms
383ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10143015.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: CQ02JJFGKRQPVAA8
x-amz-id-2: sExIFdVcUdpoJb3G0KQlUpv951wRMPX9V6KxaaN6TeS/ikUkYWj+JqPtZtx06mwBlro2Yz9apck=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 204 0
bat.bing.com/action/ 0
116 B 31ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=15321837&Ver=2&mid=7f75e904-de26-4678-805e-f7b3a4aa895a&sid=0df7ba909efc11eb8912ed3cfe0dc092&vid=0df812309efc11eb8ae51173a1160b18&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=QR.de%20-%20Ihr%20QR-Code%20Generator%20zum%20erstellen%20von%20QR-Codes&p=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS&r=https%3A%2F%2Fqualigo.com%2F&lt=393&evt=pageLoad&msclkid=N&sv=1&rn=956326
Requested by: Host: qr.de
URL: https://qr.de/?ref=HKCMS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 16 Apr 2021 21:38:16 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 44894D5B91BD436BAA7B14BD850F3436 Ref B: FRAEDGE1412 Ref C: 2021-04-16T21:38:16Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1131343443&utmhn=qr.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=QR.de%20-%20Ih...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23661299-1&cid=102772031.1618609097&jid=1947027679&_v=5.7.2&z=1131343443

35 B
113 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23661299-1&cid=102772031.1618609097&jid=1947027679&_v=5.7.2&z=1131343443

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Apr 2021 21:38:16 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 21:38:16 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23661299-1&cid=102772031.1618609097&jid=1947027679&_v=5.7.2&z=1131343443
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 8B62 19 KB
10 KB 25ms
25ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&co=aHR0cHM6Ly9xci5kZTo0NDM.&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=viw116jtx02v

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6a2e468f61746d4321fddd8d876cb7e36343bf6ffc23efc1f62bcf5ec7bf7306

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-psGllJ+W6Vy0FFVeGdxLGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&co=aHR0cHM6Ly9xci5kZTo0NDM.&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=viw116jtx02v
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://qr.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://qr.de/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Apr 2021 21:38:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-psGllJ+W6Vy0FFVeGdxLGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10675
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 modules.5e37784fe3302c2578d8.js Show response
script.hotjar.com/ 218 KB
58 KB 91ms
30ms Script
application/javascript 143.204.245.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5e37784fe3302c2578d8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2217061.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-2.cph50.r.cloudfront.net

Software

Resource Hash

be84aa1c6e1187081162294d13f707690d8b4f77dbafd1298afe5e9118a59c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 17:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274028
x-cache: Hit from cloudfront
content-length: 58942
access-control-allow-origin: *
last-modified: Tue, 13 Apr 2021 17:30:39 GMT
etag: "f06a24b93b2f2e5b46ec94292a2d8286"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3a630ce21c7f0cd3702d89e40e7e5376.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: hwhRc6UTOimL8MnMNZFJFTUH-mRXtBtWuE6vdRTV3DCj6OjMJPQF6Q==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/871988727/ 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/871988727/?random=1618609096921&cv=9&fst=1618609096921&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS&ref=https%3A%2F%2Fqualigo.com%2F&tiba=QR.de%20-%20Ihr%20QR-Code%20Generator%20zum%20erstellen%20von%20QR-Codes&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59c4dff2ed96781e5db57261960f4d9056d70466a7f6c62308ff439c2e4db8a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 21:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1081
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 22ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=311459669964517&ev=PageView&dl=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS&rl=https%3A%2F%2Fqualigo.com%2F&if=false&ts=1618609096946&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1618609096944.151763410&it=1618609096800&coo=false&exp=l0&rqm=GET

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 16 Apr 2021 21:38:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 23ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=311459669964517&ev=tracking&dl=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS&rl=https%3A%2F%2Fqualigo.com%2F&if=false&ts=1618609096949&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1618609096944.151763410&it=1618609096800&coo=false&exp=l0&rqm=GET

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 16 Apr 2021 21:38:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 22ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=311459669964517&ev=Search&dl=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS&rl=https%3A%2F%2Fqualigo.com%2F&if=false&ts=1618609096950&sw=1600&sh=1200&v=2.9.39&r=stable&ec=2&o=30&fbp=fb.1.1618609096944.151763410&it=1618609096800&coo=false&exp=l0&rqm=GET

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 16 Apr 2021 21:38:16 GMT

GET
H3-29 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 19:36:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 7287
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Sat, 16 Apr 2022 19:36:50 GMT

GET
H3-29 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame D300 18 KB
3 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:34:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 16 Apr 2021 22:34:27 GMT

GET
H3-29 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
847 B 7ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 20:25:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 90783
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Fri, 15 Apr 2022 20:25:14 GMT

GET
H3-29 200 cleardot.gif
www.google.com/images/ 43 B
63 B 15ms
15ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 21:38:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame 8B62 50 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&co=aHR0cHM6Ly9xci5kZTo0NDM.&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=viw116jtx02v

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57bbc3327c673959cf5421bc0e40332d868768cfc303038d65802351e453ac34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 16:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Apr 2021 21:07:37 GMT
server: sffe
age: 19941
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25497
x-xss-protection: 0
expires: Sat, 16 Apr 2022 16:05:56 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame 8B62 334 KB
130 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 19:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6196
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133125
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 21:07:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 19:55:01 GMT

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame AEC3 1 KB
1 KB 93ms
28ms Document
text/html 143.204.245.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2217061.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-91.cph50.r.cloudfront.net
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://qr.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://qr.de/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: IYSYZndsCMVK5M1hQr09ctgpt5hWe_I5IUDeJFfLawqB9uMCf0rBQA==
age: 1488465

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/871988727/ 42 B
64 B 27ms
21ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/871988727/?random=1618609096921&cv=9&fst=1618606800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS&ref=https%3A%2F%2Fqualigo.com%2F&tiba=QR.de%20-%20Ihr%20QR-Code%20Generator%20zum%20erstellen%20von%20QR-Codes&async=1&fmt=3&is_vtc=1&random=980665866&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 21:38:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/871988727/ 42 B
108 B 24ms
20ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/871988727/?random=1618609096921&cv=9&fst=1618606800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS&ref=https%3A%2F%2Fqualigo.com%2F&tiba=QR.de%20-%20Ihr%20QR-Code%20Generator%20zum%20erstellen%20von%20QR-Codes&async=1&fmt=3&is_vtc=1&random=980665866&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: qr.de
URL: https://qr.de/?ref=HKCMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 21:38:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 l Show response
translate.googleapis.com/translate_a/ Frame 8ADD 3 KB
962 B 19ms
17ms Script
application/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HRERIHm+RQLZPD2492NH0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 21:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="TranslateApiHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"TranslateApiHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/TranslateApiHttp/external"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-HRERIHm+RQLZPD2492NH0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 nJgQBbi9e67luuPQsbYqHEmsm830gYut4k8gaNTq0Fg.js Show response
www.google.com/js/bg/ Frame 8B62 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/nJgQBbi9e67luuPQsbYqHEmsm830gYut4k8gaNTq0Fg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c981005b8bd7baee5bae3d0b1b62a1c49ac9bcdf4818bade24f2068d4ead058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&co=aHR0cHM6Ly9xci5kZTo0NDM.&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=viw116jtx02v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 21:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:00:00 GMT
server: sffe
age: 172203
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5740
x-xss-protection: 0
expires: Thu, 14 Apr 2022 21:48:14 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8B62 2 KB
2 KB 11ms
10ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 16:01:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 279390
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 20 Apr 2021 16:01:47 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8B62 15 KB
15 KB 23ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 473679
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8B62 15 KB
15 KB 18ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 22:43:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 82512
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Fri, 15 Apr 2022 22:43:05 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 8B62 102 B
131 B 15ms
14ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7d4fc4eb08918e0900462776d50c210770c83c9305934f7f85caf9035338eb7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&co=aHR0cHM6Ly9xci5kZTo0NDM.&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=viw116jtx02v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Fri, 16 Apr 2021 21:38:17 GMT

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 7508 7 KB
1 KB 17ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&cb=2o26cv1cw9hv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

20b7941586acb154de366e6345503d1fceb6dc97177901cd3f8058a29281bc3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lTtVYbLbNhd2ZeAcRWC6+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&cb=2o26cv1cw9hv
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://qr.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://qr.de/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Apr 2021 21:38:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-lTtVYbLbNhd2ZeAcRWC6+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1114
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame 7508 50 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&cb=2o26cv1cw9hv

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57bbc3327c673959cf5421bc0e40332d868768cfc303038d65802351e453ac34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 16:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Apr 2021 21:07:37 GMT
server: sffe
age: 19941
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25497
x-xss-protection: 0
expires: Sat, 16 Apr 2022 16:05:56 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame 7508 334 KB
130 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&cb=2o26cv1cw9hv

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 19:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6196
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133125
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 21:07:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 19:55:01 GMT

POST
H3-29 200 reload Show response
www.google.com/recaptcha/api2/ Frame 7508 15 KB
11 KB 47ms
47ms XHR
application/json 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b4cc1e418ef6ac780c900e24a42dbb3bf9c66e9e43eec8d3ec25caed4840c254

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&cb=2o26cv1cw9hv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 16 Apr 2021 21:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11535
x-xss-protection: 1; mode=block
expires: Fri, 16 Apr 2021 21:38:17 GMT

GET
H3-29 200 canonical_car.png
www.gstatic.com/recaptcha/api2/ Frame 7508 11 KB
11 KB 7ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/canonical_car.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 04:46:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 147103
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11174
x-xss-protection: 0
expires: Thu, 22 Apr 2021 04:46:34 GMT

GET
H3-29 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7508 600 B
621 B 9ms
7ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 156915
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
expires: Thu, 22 Apr 2021 02:03:02 GMT

GET
H3-29 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7508 530 B
551 B 8ms
7ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 473679
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
expires: Sun, 18 Apr 2021 10:03:38 GMT

GET
H3-29 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7508 665 B
686 B 9ms
7ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:29:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 36548
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Fri, 23 Apr 2021 11:29:09 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7508 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&cb=2o26cv1cw9hv

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 473679
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7508 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&cb=2o26cv1cw9hv

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
age: 156915
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7508 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&cb=2o26cv1cw9hv

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 22:43:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 82512
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Fri, 15 Apr 2022 22:43:05 GMT

GET
H3-29 200 nJgQBbi9e67luuPQsbYqHEmsm830gYut4k8gaNTq0Fg.js Show response
www.google.com/js/bg/ Frame 7508 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/nJgQBbi9e67luuPQsbYqHEmsm830gYut4k8gaNTq0Fg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c981005b8bd7baee5bae3d0b1b62a1c49ac9bcdf4818bade24f2068d4ead058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&cb=2o26cv1cw9hv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 21:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:00:00 GMT
server: sffe
age: 172203
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5740
x-xss-protection: 0
expires: Thu, 14 Apr 2022 21:48:14 GMT

GET
H3-29 200 payload
www.google.com/recaptcha/api2/ Frame 7508 41 KB
41 KB 18ms
15ms Image
image/jpeg 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AGdBq24oXgSxKMUMn_knkABVX_y8SGwc1V2Y3pfo3k82ap5KwW8EqrX5PZqcIE4Xynd1WVBvV7L-tl35BqYF-1BvnOnBcIZBaPS0NJk5zgEfD3rXALYWu3lD7b8v_Rw-UJMa7BPUQ9YUUqQ4XCWTcgA2fnX15Ho3yYcgN73S7duc5ZYFBFbQ0r463PweM7oGavlt2vNRka6Wv0aqm_QTC9q_KXQMpaBB5w&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6ae49d499470381923f4d45169c55b97dc815fc6b54c226d929bc52d17493d78

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&k=6LeJs6kUAAAAAKxkdQlDLu8swnP2eNMe5jtx05gm&cb=2o26cv1cw9hv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:17 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41737
x-xss-protection: 1; mode=block
expires: Fri, 16 Apr 2021 21:38:17 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 11ms
11ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=311459669964517&ev=Microdata&dl=https%3A%2F%2Fqr.de%2F%3Fref%3DHKCMS&rl=https%3A%2F%2Fqualigo.com%2F&if=false&ts=1618609098681&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22QR.de%20-%20Ihr%20QR-Code%20Generator%20zum%20erstellen%20von%20QR-Codes%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=3&o=30&fbp=fb.1.1618609096944.151763410&it=1618609096800&coo=false&es=automatic&tm=3&exp=l0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://qr.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 21:38:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 16 Apr 2021 21:38:18 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qr.de/	1969-12-31 23:59:59	Name: __utmc Value: 1
.qr.de/	1970-01-20 02:22:25	Name: _hjid Value: f70cd873-b02d-4472-ba41-8ab21bedc6cd
qr.de/	1970-01-20 11:08:01	Name: __utma Value: 1.102772031.1618609097.1618609097.1618609097.1
qr.de/	1970-01-19 18:20:01	Name: qr_ref Value: HKCMS
.qr.de/	1970-01-19 18:00:13	Name: _uetvid Value: 0df812309efc11eb8ae51173a1160b18
qr.de/	1970-01-19 17:36:49	Name: __utmt Value: 1
qr.de/	1970-01-19 17:36:56	Name: qr_test Value: 1618609096
qr.de/	1970-01-19 18:20:01	Name: qr_ref2 Value: HKCMS
qr.de/	1970-01-19 17:36:50	Name: __utmb Value: 1.1.10.1618609097
.qr.de/	1970-01-19 17:36:50	Name: _hjFirstSeen Value: 1
.qr.de/	1970-01-19 19:46:25	Name: _fbp Value: fb.1.1618609096944.151763410
qr.de/	1970-01-19 21:59:37	Name: __utmz Value: 1.1618609097.1.1.utmcsr=qualigo.com\|utmccn=(referral)\|utmcmd=referral\|utmcct=/
.qr.de/	1970-01-19 17:38:15	Name: _uetsid Value: 0df7ba909efc11eb8912ed3cfe0dc092
qr.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0b5eeb7b5ab2419bd1c3a40d455160b3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.sedoparking.com
lyncdiscoverinternal.capiotalone.com
qr.de
qualigo.com
s.yimg.com
script.hotjar.com
ssl.google-analytics.com
static.hotjar.com
stats.g.doubleclick.net
translate.google.com
translate.googleapis.com
vars.hotjar.com
www.dwin1.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
xml.sedodna.com
142.250.185.162
143.204.245.2
143.204.245.33
143.204.245.91
173.239.53.32
176.9.51.136
188.40.28.36
199.232.137.44
205.234.175.175
2600:9000:215d:3200:f:8ce2:fb80:93a1
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c0c::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
64.190.62.111
030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a
03c95581c28064117f1345d168d9745fbf86c2f693fa2ac977b93adf8786477e
07fefe589b5076e3c00309c5c302ba4e97bdfc4b37b3e4716d3e1d7727aae2dc
0b55c5549dc7fd31b0bde2d498b05fc70a0a2f5040f0d1ae2657feffdc443c77
0ca6052288ca30908bd98198c5df74eb67b6947d7a6c0dae3982fbaf5ba3025f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1108d9c16e258ebb7d76ca276f25feb22ea46f182455d7b8ed3cbd1507a19d48
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
156e246db71a1d9cc7a68bd18d0a72d511cd62c7a830091d25f24bf53e8bc8be
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1c7f1b4c6f62cb99b411ff40cd189728d20c35856d16424003604db87e578c7e
1e8aaee7b22e3b9e1bc19ffe89e18f3bf4c516a11627e4e5169402eef82886ed
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616
20b7941586acb154de366e6345503d1fceb6dc97177901cd3f8058a29281bc3f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
4da022075d3626786269d309b8fd70324b4999fb8a90ed1f89bb405b11b401ce
4ede7c61ced76210d61b5737b39e48dfb7e3aa65022fd757442ab518b0b5df84
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57bbc3327c673959cf5421bc0e40332d868768cfc303038d65802351e453ac34
59c4dff2ed96781e5db57261960f4d9056d70466a7f6c62308ff439c2e4db8a5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
618d46449b67812c0fc2872fb531603af894169ee594bddc0c272cfbb008b919
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
6a2e468f61746d4321fddd8d876cb7e36343bf6ffc23efc1f62bcf5ec7bf7306
6ae49d499470381923f4d45169c55b97dc815fc6b54c226d929bc52d17493d78
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8d0d0a51ddf42e560ac09dd5556dff7bacce74c17f6ff9484bcf550a59482df4
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
9c981005b8bd7baee5bae3d0b1b62a1c49ac9bcdf4818bade24f2068d4ead058
9d500aa04534e887f968a1a5c936c821af37f248a284bbfcfec1e9bcb89cb607
a7b7d513c016c791cce62914ccdb7c788b27f6becec076d34d2d22aaca0bc5c3
b4cc1e418ef6ac780c900e24a42dbb3bf9c66e9e43eec8d3ec25caed4840c254
bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27
be84aa1c6e1187081162294d13f707690d8b4f77dbafd1298afe5e9118a59c8d
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c7d4fc4eb08918e0900462776d50c210770c83c9305934f7f85caf9035338eb7
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
cac3fb8005375f1880ae2a644b54f1a2148bf813cb1b8936aea91129def96117
d5a337d475aa1861eac1cf0e5381a4ae4fa5465e3bba0e2e1679172458acb32a
db8b80b4d32e48c9059b6aaf10e281adbad861bed0e6f0562645e0769f3f4931
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6eba9d6562d7aacda24e992634b3b83e7cd71b94398a7c0032bbe9c2ee46543
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39498fef1f10321cd2663e2be5628bc10d8d3b52b77fe04d3bebe4124809c42

qr.de Open in urlscan Pro 188.40.28.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

95 %HTTPS

64 %IPv6

20 Domains

26 Subdomains

28 IPs

4 Countries

1339 kBTransfer

3140 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qr.de Open in urlscan Pro
188.40.28.36 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

95 %
HTTPS

64 %
IPv6

20
Domains

26
Subdomains

28
IPs

4
Countries

1339 kB
Transfer

3140 kB
Size

14
Cookies

75 HTTP transactions
-1 data transactions