qrco.de Open in urlscan Pro
52.209.155.67  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request bciaja Show response qrco.de/	7 KB 4 KB	926ms 843ms	Document text/html	52.209.155.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qrco.de/bciaja?trackingid=sbhCcydn&signature=newsletter Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.155.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-155-67.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash f516fc35ce586cec08004525fd7c0049debc912c73c109df58bbfbe91b8e15ec Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Wed, 23 Feb 2022 18:08:35 GMT content-type text/html; charset=UTF-8 server nginx expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache content-encoding gzip
GET H2	200	libs.min.css qrco.de/css/build/	51 KB 52 KB	41ms 41ms	Stylesheet text/css	52.209.155.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qrco.de/css/build/libs.min.css?1.260 Requested by Host: qrco.de URL: https://qrco.de/bciaja?trackingid=sbhCcydn&signature=newsletter Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.155.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-155-67.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 4923d769d1d3da957cd9f9f5030e33f6bcd881291a8ff3c2730bfe175d52fa15 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qrco.de/bciaja?trackingid=sbhCcydn&signature=newsletter User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 18:08:35 GMT last-modified Mon, 21 Feb 2022 13:18:10 GMT server nginx accept-ranges bytes etag "62139112-cbd6" content-length 52182 content-type text/css
GET H2	200	app.min.css qrco.de/css/build/	1 MB 1 MB	120ms 119ms	Stylesheet text/css	52.209.155.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qrco.de/css/build/app.min.css?1.260 Requested by Host: qrco.de URL: https://qrco.de/bciaja?trackingid=sbhCcydn&signature=newsletter Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.155.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-155-67.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 938fa4ad7ba72d9ca610bd686c1ee3b777e768599ed63f3b665e9c933e159376 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qrco.de/bciaja?trackingid=sbhCcydn&signature=newsletter User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 18:08:35 GMT last-modified Mon, 21 Feb 2022 13:18:10 GMT server nginx accept-ranges bytes etag "62139112-1080f7" content-length 1081591 content-type text/css
GET H2	200	smartphone-preview.min.css qrco.de/css/build/	27 KB 28 KB	122ms 122ms	Stylesheet text/css	52.209.155.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qrco.de/css/build/smartphone-preview.min.css Requested by Host: qrco.de URL: https://qrco.de/bciaja?trackingid=sbhCcydn&signature=newsletter Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.155.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-155-67.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b65a36ddd85def0f675ac5897c25598e43dcc39fc2a45aeaabd316f3dc943187 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qrco.de/bciaja?trackingid=sbhCcydn&signature=newsletter User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 18:08:35 GMT last-modified Mon, 21 Feb 2022 13:18:10 GMT server nginx accept-ranges bytes etag "62139112-6aed" content-length 27373 content-type text/css
GET H2	200	css fonts.googleapis.com/	1 KB 885 B	85ms 34ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,700 Requested by Host: qrco.de URL: https://qrco.de/bciaja?trackingid=sbhCcydn&signature=newsletter Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 17ffae1fe0c5ccae525d56b3660f154c5f94500fe4376188830fd412a49e270e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qrco.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 23 Feb 2022 16:23:45 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 23 Feb 2022 18:08:35 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 23 Feb 2022 18:08:35 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	222 KB 75 KB	90ms 36ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TNVMQJV Requested by Host: qrco.de URL: https://qrco.de/bciaja?trackingid=sbhCcydn&signature=newsletter Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 58a3eb8c1881f2266a078f03198489b6d0cae316627c549c6f44c277b5b3ea48 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qrco.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 18:08:35 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 76719 x-xss-protection 0 expires Wed, 23 Feb 2022 18:08:35 GMT
GET H2	200	qrbackend2.woff qrco.de/css/build/fonts/qrbackend/fonts/	79 KB 80 KB	85ms 84ms	Font application/font-woff	52.209.155.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qrco.de/css/build/fonts/qrbackend/fonts/qrbackend2.woff Requested by Host: qrco.de URL: https://qrco.de/css/build/app.min.css?1.260 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.155.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-155-67.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 8c8abad7ba813693b1e73dc59aa1327341e95146fdf045dba37bd0525aae837e Request headers Referer https://qrco.de/css/build/app.min.css?1.260 Origin https://qrco.de Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 18:08:35 GMT last-modified Mon, 21 Feb 2022 13:18:10 GMT server nginx accept-ranges bytes etag "62139112-13bd4" content-length 80852 content-type application/font-woff
GET H2	200	source-sans-pro-700.woff qrco.de/css/build/fonts/source_sans/	19 KB 20 KB	92ms 91ms	Font application/font-woff	52.209.155.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qrco.de/css/build/fonts/source_sans/source-sans-pro-700.woff Requested by Host: qrco.de URL: https://qrco.de/css/build/app.min.css?1.260 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.155.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-155-67.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash d8dd0de638293eb62dba15a6e410fb0af9a5b36c35df226237b1b609d573c63e Request headers Referer https://qrco.de/css/build/app.min.css?1.260 Origin https://qrco.de Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 18:08:35 GMT last-modified Mon, 21 Feb 2022 13:18:10 GMT server nginx accept-ranges bytes etag "62139112-4db8" content-length 19896 content-type application/font-woff
GET H2	200	source-sans-pro-300.woff qrco.de/css/build/fonts/source_sans/	20 KB 21 KB	93ms 93ms	Font application/font-woff	52.209.155.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qrco.de/css/build/fonts/source_sans/source-sans-pro-300.woff Requested by Host: qrco.de URL: https://qrco.de/css/build/app.min.css?1.260 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.155.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-155-67.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 4c24262a87fdf021d377bf7e4d6c08ce81a1862e774facca70713391a4cd3bc7 Request headers Referer https://qrco.de/css/build/app.min.css?1.260 Origin https://qrco.de Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 18:08:35 GMT last-modified Mon, 21 Feb 2022 13:18:10 GMT server nginx accept-ranges bytes etag "62139112-4eec" content-length 20204 content-type application/font-woff
GET H2	200	source-sans-pro-400.woff qrco.de/css/build/fonts/source_sans/	20 KB 21 KB	95ms 94ms	Font application/font-woff	52.209.155.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qrco.de/css/build/fonts/source_sans/source-sans-pro-400.woff Requested by Host: qrco.de URL: https://qrco.de/css/build/app.min.css?1.260 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.155.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-155-67.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 38399efe707a8ffc12359a0086e7340315b42194a10fd2e1d1288be12da9e39c Request headers Referer https://qrco.de/css/build/app.min.css?1.260 Origin https://qrco.de Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 18:08:35 GMT last-modified Mon, 21 Feb 2022 13:18:10 GMT server nginx accept-ranges bytes etag "62139112-4ed4" content-length 20180 content-type application/font-woff
GET H2	200	source-sans-pro-600.woff qrco.de/css/build/fonts/source_sans/	20 KB 21 KB	94ms 94ms	Font application/font-woff	52.209.155.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qrco.de/css/build/fonts/source_sans/source-sans-pro-600.woff Requested by Host: qrco.de URL: https://qrco.de/css/build/app.min.css?1.260 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.155.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-155-67.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash c08efa91781865d1a2e9fcb030f8ac55c2d8eadbf8822c2ea251556333f99d9c Request headers Referer https://qrco.de/css/build/app.min.css?1.260 Origin https://qrco.de Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 18:08:35 GMT last-modified Mon, 21 Feb 2022 13:18:10 GMT server nginx accept-ranges bytes etag "62139112-4e80" content-length 20096 content-type application/font-woff
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	19 KB 7 KB	74ms 30ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TNVMQJV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://qrco.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 23 Feb 2022 18:08:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 zadN1tnUFXNBOXe6vsJdDg== age 8514 vary Accept-Encoding content-length 6456 x-ms-lease-status unlocked last-modified Tue, 22 Feb 2022 07:35:54 GMT server cloudflare etag 0x8D9F5D5F5C3F550 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 645f2fb5-701e-0112-41c0-27aaaf000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6e226680a861901c-FRA
GET H2	200	77ee6f9e-9c37-487b-9fb6-cdfb977a2841-test.json Show response cdn.cookielaw.org/consent/77ee6f9e-9c37-487b-9fb6-cdfb977a2841-test/	3 KB 2 KB	97ms 59ms	XHR application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/77ee6f9e-9c37-487b-9fb6-cdfb977a2841-test/77ee6f9e-9c37-487b-9fb6-cdfb977a2841-test.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b08baf54e520a546e8d11f6f26ace7bf5a42768e91e99e5546496f691b23410c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://qrco.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 23 Feb 2022 18:08:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC content-md5 nE6r5ah9Hpo0MlIgjOc8Iw== content-length 1305 x-ms-lease-status unlocked last-modified Wed, 18 Nov 2020 09:01:59 GMT server cloudflare etag 0x8D88BA09B69D853 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id c44007a4-601e-0149-53e0-28add3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control no-cache x-ms-version 2009-09-19 cf-ray 6e2266811c676937-FRA
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	153 B 432 B	84ms 42ms	XHR application/json	2606:4700:10::6814:b944 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://qrco.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 18:08:36 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6e226681b8519136-FRA access-control-allow-headers Content-Type
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.8.0/	332 KB 71 KB	27ms 27ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80a4168da3bfeb8a7a3d725ad6aabafc536c28503e6c053b3b8067fd1b5cd0cb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://qrco.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 23 Feb 2022 18:08:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 ZxViCiQmz7HefYYdJwAS4g== age 8497 vary Accept-Encoding content-length 72918 x-ms-lease-status unlocked last-modified Tue, 17 Nov 2020 08:19:35 GMT server cloudflare etag 0x8D88AD1852575D6 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 97aab889-a01e-015f-40c0-116c4d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6e2266820b4d901c-FRA
GET H2	200	en.json Show response cdn.cookielaw.org/consent/77ee6f9e-9c37-487b-9fb6-cdfb977a2841-test/7b4d6c45-a596-4ad4-9b5c-e78b9b3a43fb/	38 KB 11 KB	80ms 80ms	Fetch application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/77ee6f9e-9c37-487b-9fb6-cdfb977a2841-test/7b4d6c45-a596-4ad4-9b5c-e78b9b3a43fb/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d6864754f79428a989cf32706ae13cd368d1acb0467797f13917e69ea79de9b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://qrco.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 23 Feb 2022 18:08:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC content-md5 9oq/yqnw/KylyLxz7RgN/Q== content-length 10758 x-ms-lease-status unlocked last-modified Wed, 18 Nov 2020 09:02:05 GMT server cloudflare etag 0x8D88BA09F4C829F expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id c44007e8-601e-0149-0de0-28add3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control no-cache x-ms-version 2009-09-19 cf-ray 6e2266826eec6937-FRA
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/6.8.0/assets/	12 KB 4 KB	26ms 24ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.8.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://qrco.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 23 Feb 2022 18:08:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 MC/cbbO9nlbWDh1quobBbA== age 11037672 vary Accept-Encoding content-length 3328 x-ms-lease-status unlocked last-modified Tue, 17 Nov 2020 08:19:26 GMT server cloudflare etag 0x8D88AD17F71FD76 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 6bc1e13e-001e-0159-466c-c49b35000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6e226682f82a6937-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/6.8.0/assets/v2/	45 KB 11 KB	30ms 29ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.8.0/assets/v2/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16aaa2d66773346a47b6875ac281d80c789d9ebab32d544d7061c6c4ffb125a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://qrco.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 23 Feb 2022 18:08:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 A0rql0GFirycxPwYQnzfPw== age 10463 vary Accept-Encoding content-length 11195 x-ms-lease-status unlocked last-modified Tue, 17 Nov 2020 08:19:28 GMT server cloudflare etag 0x8D88AD180A2774D expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 280c6f04-001e-0170-51b9-11ed77000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6e226682f82c6937-FRA

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| dataLayer object| LABELS string| webroot string| GLOBAL_CSRF_TOKEN function| postscribe object| google_tag_manager_external object| google_tag_manager function| removeOneTrustBanner object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper object| otStubData object| Optanon object| OneTrust

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			qrco.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 98a61e1d2ba565983975b326b2b330bd
			qrco.de/	1969-12-31 23:59:59	Name: YII_CSRF_TOKEN Value: ecf5e4e381d18954ebc2cadf4fdeb5f233fff214s%3A40%3A%22eab6425613352ce8c57692ac442545a5f197741a%22%3B
			qrco.de/	1970-01-20 01:07:21	Name: last_visit_31795340 Value: d893ea9c2b2d07eb3d2afdd7b80d46ba1a09904fi%3A1645639715%3B
			qrco.de/	1970-01-20 01:17:24	Name: AWSALBTG Value: 0GRpZQy8PYl3Zg/4E2C1Hq1G5VurnzPIlKuS6jnmK6kHN/KybIXfTvI+/IMKXgpb83C1Aw+Rx/QEe+UFQYJKuFzgQvMNyV8rOX5xMabDyZJv8liji1jtOI8UKcy9B5P+w5/I0P0qe3NBMJiFZanBZ21803ggwtYqk0PdJj3zmJQ17EGNncM=
			qrco.de/	1970-01-20 01:17:24	Name: AWSALBTGCORS Value: 0GRpZQy8PYl3Zg/4E2C1Hq1G5VurnzPIlKuS6jnmK6kHN/KybIXfTvI+/IMKXgpb83C1Aw+Rx/QEe+UFQYJKuFzgQvMNyV8rOX5xMabDyZJv8liji1jtOI8UKcy9B5P+w5/I0P0qe3NBMJiFZanBZ21803ggwtYqk0PdJj3zmJQ17EGNncM=
			qrco.de/	1970-01-20 01:17:24	Name: AWSALB Value: MBXMLDvbJMhD0GMR++9Vj/KVVHBIj5sP5A3RuV3rpBHYMR8XAjDfRzqM6rR+PK7sJg+yIEtQENPdYORg7rK8n2/PQJkSOpOdOeGrt+KMLY0k/gFuVpluPsWzaHC/
			qrco.de/	1970-01-20 01:17:24	Name: AWSALBCORS Value: MBXMLDvbJMhD0GMR++9Vj/KVVHBIj5sP5A3RuV3rpBHYMR8XAjDfRzqM6rR+PK7sJg+yIEtQENPdYORg7rK8n2/PQJkSOpOdOeGrt+KMLY0k/gFuVpluPsWzaHC/
			qrco.de/	1970-01-20 09:52:55	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Feb+23+2022+18%3A08%3A36+GMT%2B0000+(GMT)&version=6.8.0&hosts=&consentId=f96fb047-aba6-49b8-9c45-3abb8d09063e&interactionCount=0&landingPath=https%3A%2F%2Fqrco.de%2Fbciaja%3Ftrackingid%3DsbhCcydn%26signature%3Dnewsletter&groups=C0004%3A0%2CC0001%3A1%2CC0002%3A0%2CC0003%3A0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
fonts.googleapis.com
geolocation.onetrust.com
qrco.de
www.googletagmanager.com
2606:4700:10::6814:b944
2606:4700::6810:9540
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200a
52.209.155.67
06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
16aaa2d66773346a47b6875ac281d80c789d9ebab32d544d7061c6c4ffb125a2
17ffae1fe0c5ccae525d56b3660f154c5f94500fe4376188830fd412a49e270e
2d6864754f79428a989cf32706ae13cd368d1acb0467797f13917e69ea79de9b
38399efe707a8ffc12359a0086e7340315b42194a10fd2e1d1288be12da9e39c
4923d769d1d3da957cd9f9f5030e33f6bcd881291a8ff3c2730bfe175d52fa15
4c24262a87fdf021d377bf7e4d6c08ce81a1862e774facca70713391a4cd3bc7
58a3eb8c1881f2266a078f03198489b6d0cae316627c549c6f44c277b5b3ea48
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
80a4168da3bfeb8a7a3d725ad6aabafc536c28503e6c053b3b8067fd1b5cd0cb
8c8abad7ba813693b1e73dc59aa1327341e95146fdf045dba37bd0525aae837e
938fa4ad7ba72d9ca610bd686c1ee3b777e768599ed63f3b665e9c933e159376
b08baf54e520a546e8d11f6f26ace7bf5a42768e91e99e5546496f691b23410c
b65a36ddd85def0f675ac5897c25598e43dcc39fc2a45aeaabd316f3dc943187
c08efa91781865d1a2e9fcb030f8ac55c2d8eadbf8822c2ea251556333f99d9c
d8dd0de638293eb62dba15a6e410fb0af9a5b36c35df226237b1b609d573c63e
f516fc35ce586cec08004525fd7c0049debc912c73c109df58bbfbe91b8e15ec