c0mpass-canada.com Open in urlscan Pro
142.93.3.56  Malicious Activity! Public Scan

Submitted URL: https://eu-west-1.protection.sophos.com/?d=predictiveresponse.net&u=aHR0cHM6Ly9hd3MucHJlZGljdGl2ZXJlc3BvbnNlLm5ldC9md2QuaHRtP3JlZGlyZWN0...
Effective URL: https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVud...
Submission: On September 04 via manual from IN — Scanned from CA

Summary

This website contacted 24 IPs in 2 countries across 18 domains to perform 112 HTTP transactions. The main IP is 142.93.3.56, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is c0mpass-canada.com.
TLS certificate: Issued by R11 on September 3rd 2024. Valid for: 3 months.
This is the only time c0mpass-canada.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 108.138.128.57 16509 (AMAZON-02)
4 184.72.233.230 14618 (AMAZON-AES)
57 3.171.139.34 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
2 34.96.102.137 396982 (GOOGLE-CL...)
5 2600:1901:0:a... 15169 (GOOGLE)
1 18.238.55.57 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:251... 16509 (AMAZON-02)
1 108.138.106.49 16509 (AMAZON-02)
2 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 18.164.96.46 16509 (AMAZON-02)
4 17 142.93.3.56 14061 (DIGITALOC...)
5 151.101.64.84 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.128.84 54113 (FASTLY)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 52.58.95.131 16509 (AMAZON-02)
1 40.126.24.148 8075 (MICROSOFT...)
1 2603:1036:302... 8075 (MICROSOFT...)
112 24
Apex Domain
Subdomains
Transfer
58 qrcreator.com
www.qrcreator.com
api.qrcreator.com
907 KB
16 c0mpass-canada.com
c0mpass-canada.com
913 KB
6 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 1235
6 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
td.doubleclick.net — Cisco Umbrella Rank: 481
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
3 KB
5 browser-intake-datadoghq.eu
browser-intake-datadoghq.eu — Cisco Umbrella Rank: 11402
752 B
4 google.com
accounts.google.com — Cisco Umbrella Rank: 46
www.google.com — Cisco Umbrella Rank: 10
analytics.google.com — Cisco Umbrella Rank: 238
86 KB
4 predictiveresponse.net
aws.predictiveresponse.net — Cisco Umbrella Rank: 722132
5 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
291 KB
2 amplitude.com
api.eu.amplitude.com — Cisco Umbrella Rank: 17703
271 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
127 B
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1417
25 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
2 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4906
94 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4988
2 KB
1 office365.com
outlook.office365.com — Cisco Umbrella Rank: 71
1 live.com
login.live.com — Cisco Umbrella Rank: 37
1 mivilles-inc.com
mivilles-inc.com Failed
604 B
1 sophos.com
eu-west-1.protection.sophos.com
473 B
112 18
Domain Requested by
57 www.qrcreator.com aws.predictiveresponse.net
www.qrcreator.com
16 c0mpass-canada.com 3 redirects www.qrcreator.com
c0mpass-canada.com
6 ct.pinterest.com www.qrcreator.com
s.pinimg.com
5 browser-intake-datadoghq.eu www.qrcreator.com
4 aws.predictiveresponse.net aws.predictiveresponse.net
3 www.googletagmanager.com www.qrcreator.com
www.googletagmanager.com
2 api.eu.amplitude.com www.qrcreator.com
2 www.google.ca
2 www.google.com 1 redirects
2 td.doubleclick.net www.googletagmanager.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 sdk.privacy-center.org www.googletagmanager.com
sdk.privacy-center.org
2 dev.visualwebsiteoptimizer.com www.qrcreator.com
1 outlook.office365.com c0mpass-canada.com
1 login.live.com c0mpass-canada.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.qrcreator.com
1 mivilles-inc.com www.qrcreator.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 accounts.google.com www.qrcreator.com
1 api.qrcreator.com www.qrcreator.com
1 eu-west-1.protection.sophos.com 1 redirects
112 24

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
predictiveresponse.net
R11
2024-08-26 -
2024-11-24
3 months crt.sh
www.qrcreator.com
Amazon RSA 2048 M03
2023-12-27 -
2025-01-25
a year crt.sh
*.google-analytics.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2024-06-29 -
2025-07-31
a year crt.sh
*.browser-intake-datadoghq.eu
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-08-03
a year crt.sh
*.qrcreator.com
Amazon RSA 2048 M02
2024-04-14 -
2025-05-14
a year crt.sh
accounts.google.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M03
2024-03-10 -
2025-04-07
a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-02 -
2025-08-07
a year crt.sh
c0mpass-canada.com
R11
2024-09-03 -
2024-12-02
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.doubleclick.net
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.google.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.google.ca
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
api.eu.amplitude.com
Amazon ECDSA 256 M02
2024-06-07 -
2025-07-06
a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA
2024-08-19 -
2025-08-19
a year crt.sh
outlook.com
DigiCert Cloud Services CA-1
2024-06-27 -
2025-06-26
a year crt.sh

This page contains 5 frames:

Primary Page: https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
Frame ID: 3A8E377A7451FA65174DAAA1EB62E48B
Requests: 108 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11078794367?random=1725420712075&cv=11&fst=1725420712075&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4930v9101812647z89102182295za201zb9102182295&gcd=13t3t3t3t5l1&dma=0&tcfd=1000g&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C%3Fundefined&ref=https%3A%2F%2Faws.predictiveresponse.net%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Frame ID: B64CA8E72734E78534CF5995C0938835
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: A6A32BC757A6FC77AE722F78786BE7A2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-N6QDZ3M3R0&gacid=1334773982.1725420713&gtm=45je4930v9101101006z89102182295za200zb9102182295&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1008677725
Frame ID: 80425887232206B913DD8FE9A0CAFFFA
Requests: 1 HTTP requests in this frame

Frame: https://outlook.office365.com/owa/prefetch.aspx
Frame ID: A472DC0C66A9EC3D3B2270AB6CC99A4E
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://eu-west-1.protection.sophos.com/?d=predictiveresponse.net&u=aHR0cHM6Ly9hd3MucHJlZGljdGl2ZXJlc3BvbnNlLm5ldC9m... HTTP 302
    https://aws.predictiveresponse.net/fwd.htm?redirect=https://www.qrcreator.com/qr/BE35715C Page URL
  2. https://www.qrcreator.com/qr/BE35715C?undefined Page URL
  3. https://mivilles-inc.com/?ebswpgxg HTTP 302
    https://c0mpass-canada.com/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2MwbXBhc3... HTTP 302
    https://c0mpass-canada.com/ HTTP 301
    https://c0mpass-canada.com/owa/ HTTP 302
    https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvY... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

112
Requests

98 %
HTTPS

50 %
IPv6

18
Domains

24
Subdomains

24
IPs

2
Countries

2384 kB
Transfer

5921 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://eu-west-1.protection.sophos.com/?d=predictiveresponse.net&u=aHR0cHM6Ly9hd3MucHJlZGljdGl2ZXJlc3BvbnNlLm5ldC9md2QuaHRtP3JlZGlyZWN0PWh0dHBzOi8vd3d3LnFyY3JlYXRvci5jb20vcXIvQkUzNTcxNUM=&i=NWE2OTcyZTY5MjNlOTQxN2FmMTc5MTI1&t=SDN3MzR4L2JBZkFQbGliazZkaDliN3h2RnhweFZuejVxWmF5V0lReGY2dz0=&h=0c51b16813824bcba1130c6391581ee4&s=AVNPUEhUT0NFTkNSWVBUSVZOwpEcG3gUuBqrLCqVUCjbAY0B5so_C5cMrrVxJGVJkbg2HfRWi1uHptJpd0l_DGIW_4vxCn3NerDnIGn3VQo-kkyImAZFIDn3lCztE8Ceqar49zLxnK_B2Ypde1GB7iA HTTP 302
    https://aws.predictiveresponse.net/fwd.htm?redirect=https://www.qrcreator.com/qr/BE35715C Page URL
  2. https://www.qrcreator.com/qr/BE35715C?undefined Page URL
  3. https://mivilles-inc.com/?ebswpgxg HTTP 302
    https://c0mpass-canada.com/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2MwbXBhc3MtY2FuYWRhLmNvbS8iLCJkb21haW4iOiJjMG1wYXNzLWNhbmFkYS5jb20iLCJrZXkiOiIxVlVrQ3d0eU5rdVIiLCJxcmMiOm51bGwsImlhdCI6MTcyNTQyMDcxMiwiZXhwIjoxNzI1NDIwODMyfQ.JWR2Rv_CrICwi1e0TNz7Uqn25Z9sRaE_hCSQ_04EQxk HTTP 302
    https://c0mpass-canada.com/ HTTP 301
    https://c0mpass-canada.com/owa/ HTTP 302
    https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://eu-west-1.protection.sophos.com/?d=predictiveresponse.net&u=aHR0cHM6Ly9hd3MucHJlZGljdGl2ZXJlc3BvbnNlLm5ldC9md2QuaHRtP3JlZGlyZWN0PWh0dHBzOi8vd3d3LnFyY3JlYXRvci5jb20vcXIvQkUzNTcxNUM=&i=NWE2OTcyZTY5MjNlOTQxN2FmMTc5MTI1&t=SDN3MzR4L2JBZkFQbGliazZkaDliN3h2RnhweFZuejVxWmF5V0lReGY2dz0=&h=0c51b16813824bcba1130c6391581ee4&s=AVNPUEhUT0NFTkNSWVBUSVZOwpEcG3gUuBqrLCqVUCjbAY0B5so_C5cMrrVxJGVJkbg2HfRWi1uHptJpd0l_DGIW_4vxCn3NerDnIGn3VQo-kkyImAZFIDn3lCztE8Ceqar49zLxnK_B2Ypde1GB7iA HTTP 302
  • https://aws.predictiveresponse.net/fwd.htm?redirect=https://www.qrcreator.com/qr/BE35715C
Request Chain 84
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=0&rnd=139353937.1725420713&url=https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C&dma=0&npa=0&tcfd=1000g&gtm=45He4930n81PKLC7CXv9102182295za200&auid=2137917305.1725420713 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=0&rnd=139353937.1725420713&url=https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C&dma=0&npa=0&tcfd=1000g&gtm=45He4930n81PKLC7CXv9102182295za200&auid=2137917305.1725420713

112 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
fwd.htm
aws.predictiveresponse.net/
Redirect Chain
  • https://eu-west-1.protection.sophos.com/?d=predictiveresponse.net&u=aHR0cHM6Ly9hd3MucHJlZGljdGl2ZXJlc3BvbnNlLm5ldC9md2QuaHRtP3JlZGlyZWN0PWh0dHBzOi8vd3d3LnFyY3JlYXRvci5jb20vcXIvQkUzNTcxNUM=&i=NWE2OT...
  • https://aws.predictiveresponse.net/fwd.htm?redirect=https://www.qrcreator.com/qr/BE35715C
382 B
572 B
Document
General
Full URL
https://aws.predictiveresponse.net/fwd.htm?redirect=https://www.qrcreator.com/qr/BE35715C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.72.233.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-233-230.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5250551d2d9f229c259cb32144ee2a7309b94b2eb3aa89e2334ff109d08f8cf5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
251
Content-Type
text/html
Date
Wed, 04 Sep 2024 03:31:50 GMT
ETag
"17e-5640117d61668-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 30 Jan 2018 16:45:41 GMT
Server
Apache
Vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/html
date
Wed, 04 Sep 2024 03:31:50 GMT
location
https://aws.predictiveresponse.net/fwd.htm?redirect=https://www.qrcreator.com/qr/BE35715C
referrer-policy
no-referrer
via
1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
x-amz-apigw-id
dj4p-GuWDoEEpaQ=
x-amz-cf-id
qoVIDp0X5U-ZGWPxzaXdJw5mLnWFtNk0--Pr2ShvmvVVU-dyigEeXA==
x-amz-cf-pop
JFK50-P4
x-amzn-requestid
958c44cb-ecb7-4394-98a3-96561060603d
x-amzn-trace-id
Root=1-66d7d4a5-74c29b2558ffafb929bc6f3e;Parent=211ad6dfacd399b6;Sampled=0;lineage=1:3d36da22:0
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow
trac.js
aws.predictiveresponse.net/
10 KB
3 KB
Script
General
Full URL
https://aws.predictiveresponse.net/trac.js
Requested by
Host: aws.predictiveresponse.net
URL: https://aws.predictiveresponse.net/fwd.htm?redirect=https://www.qrcreator.com/qr/BE35715C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.72.233.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-233-230.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c172ae011a6dba5c46c1818a6dacc8ea4f6861e50f1d85218f9c43178aafa0b9

Request headers

Referer
https://aws.predictiveresponse.net/fwd.htm?redirect=https://www.qrcreator.com/qr/BE35715C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 03:31:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Oct 2022 09:33:24 GMT
Server
Apache
ETag
"2940-5eaaad9dc8100-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2801
rtrac.php
aws.predictiveresponse.net/
0
186 B
Image
General
Full URL
https://aws.predictiveresponse.net/rtrac.php?org=null&lea=null&ite=&lvl=2&uvi=HKTWDEVaq1725420711&uvx=undefined&con=null&ctr=&curl=https://aws.predictiveresponse.net/fwd.htm?redirect=https://www.qrcreator.com/qr/BE35715C&titl=redirect&ref=&sid=null
Requested by
Host: aws.predictiveresponse.net
URL: https://aws.predictiveresponse.net/fwd.htm?redirect=https://www.qrcreator.com/qr/BE35715C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.72.233.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-233-230.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://aws.predictiveresponse.net/fwd.htm?redirect=https://www.qrcreator.com/qr/BE35715C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 03:31:50 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
0
Content-Type
text/html; charset=UTF-8
favicon.ico
aws.predictiveresponse.net/
638 B
921 B
Other
General
Full URL
https://aws.predictiveresponse.net/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.72.233.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-233-230.compute-1.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Referer
https://aws.predictiveresponse.net/fwd.htm?redirect=https://www.qrcreator.com/qr/BE35715C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 03:31:50 GMT
Last-Modified
Sat, 03 Sep 2022 02:29:02 GMT
Server
Apache
ETag
"27e-5e7bc9c1b45e7"
Content-Type
image/vnd.microsoft.icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
638
BE35715C
www.qrcreator.com/qr/
43 KB
9 KB
Document
General
Full URL
https://www.qrcreator.com/qr/BE35715C?undefined
Requested by
Host: aws.predictiveresponse.net
URL: https://aws.predictiveresponse.net/trac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
/ Next.js
Resource Hash
b364e43845ccc8c66401e5a01f4ecae2f3c2d712ddf6d95462236c9d5ec060b9

Request headers

Referer
https://aws.predictiveresponse.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 03:31:51 GMT
link
</_next/static/media/2b3f1035ed87a788.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/57df940ec5da011a.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/61b81e7bde89ba40.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/a34f9d1faa5f3315.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/b957ea75a84b6ea7.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2"
vary
Accept-Encoding
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
x-amz-cf-id
aVTrZKNuPyhe8OQJ7VkPzaZSNXIVJjfTbT-Fd_Vckiq77t1cktzo_w==
x-amz-cf-pop
JFK52-P8
x-amzn-requestid
e4d5c7f9-32a2-491a-a799-ae7c95d3db2c
x-amzn-trace-id
root=1-66d7d4a6-5f76384943a6fb0177c57532;parent=0949116f384a893f;sampled=0;lineage=1:9a0ab67c:0
x-cache
Miss from cloudfront
x-middleware-rewrite
https://www.qrcreator.com/en-US/qr/BE35715C?undefined=
x-next-i18n-router-locale
en-US
x-opennext
1
x-powered-by
Next.js
2b3f1035ed87a788.p.woff2
www.qrcreator.com/_next/static/media/
27 KB
27 KB
Font
General
Full URL
https://www.qrcreator.com/_next/static/media/2b3f1035ed87a788.p.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d57815170b555601f1684e5ab21fe161e30f792e316a4ddf40aa24d27aeb6792

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
Origin
https://www.qrcreator.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27376
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
etag
"03e877e75c5a1213e13a56b59471c946"
access-control-max-age
0
access-control-allow-methods
POST, GET, HEAD, DELETE, PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
5Z2ivTzduwBK6zYtPJi2K_5Fmns57-eFu3f3SL5QiZ7lA3mi5uFxzA==
57df940ec5da011a.p.woff2
www.qrcreator.com/_next/static/media/
32 KB
33 KB
Font
General
Full URL
https://www.qrcreator.com/_next/static/media/57df940ec5da011a.p.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fa7bd9c6fa88424c4447ed83af706b1ddf2635f42911c7387c9c157b243469c

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
Origin
https://www.qrcreator.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33052
last-modified
Mon, 02 Sep 2024 09:38:50 GMT
server
AmazonS3
etag
"dcc9ff6fecf068fd0ee334898a8fa220"
access-control-max-age
0
access-control-allow-methods
POST, GET, HEAD, DELETE, PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
SzuMqCvqlNlCx8eftRNuG7bXi5o0voUfONbCK5ZBvu0ceJL70-whSg==
61b81e7bde89ba40.p.woff2
www.qrcreator.com/_next/static/media/
30 KB
31 KB
Font
General
Full URL
https://www.qrcreator.com/_next/static/media/61b81e7bde89ba40.p.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0cdf1e4b27f7420b0ad37ad1d6bac03f7470438bc8f49de10bcf1440dc4fd37b

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
Origin
https://www.qrcreator.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31040
last-modified
Mon, 02 Sep 2024 09:38:50 GMT
server
AmazonS3
etag
"e7c8b3a1196384678e2b2044f8baa115"
access-control-max-age
0
access-control-allow-methods
POST, GET, HEAD, DELETE, PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
Na9yosyyN7oZbe9fzelzNrUloXXxLRn-j7ubDlgsgLEg7_vMfj2mTg==
a34f9d1faa5f3315.p.woff2
www.qrcreator.com/_next/static/media/
47 KB
48 KB
Font
General
Full URL
https://www.qrcreator.com/_next/static/media/a34f9d1faa5f3315.p.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
Origin
https://www.qrcreator.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
48556
last-modified
Mon, 02 Sep 2024 09:38:50 GMT
server
AmazonS3
etag
"d4fe31e6a2aebc06b8d6e558c9141119"
access-control-max-age
0
access-control-allow-methods
POST, GET, HEAD, DELETE, PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
xudXQMU-41XDGrSujwxtKa50MAyjIg9CbvM60KDZrvHf6-IGaziZ8w==
b957ea75a84b6ea7.p.woff2
www.qrcreator.com/_next/static/media/
8 KB
8 KB
Font
General
Full URL
https://www.qrcreator.com/_next/static/media/b957ea75a84b6ea7.p.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
Origin
https://www.qrcreator.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7848
last-modified
Mon, 02 Sep 2024 09:38:50 GMT
server
AmazonS3
etag
"0bd523f6049956faaf43c254a719d06a"
access-control-max-age
0
access-control-allow-methods
POST, GET, HEAD, DELETE, PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
JyPQ89eMpPL3KMLqFEmEj1GuFYy4cu4htkWERN6QZLgSyzppcp5NeA==
cf1f69a0c8aed54d.p.woff2
www.qrcreator.com/_next/static/media/
8 KB
9 KB
Font
General
Full URL
https://www.qrcreator.com/_next/static/media/cf1f69a0c8aed54d.p.woff2
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54c799453c6f2cc895ca6b433513a87b131ad842d744bd298b1b13a7d1b86705

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
Origin
https://www.qrcreator.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8628
last-modified
Mon, 02 Sep 2024 09:38:50 GMT
server
AmazonS3
etag
"591c48fae7732f35790aeda9bea56f01"
access-control-max-age
0
access-control-allow-methods
POST, GET, HEAD, DELETE, PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
qadstHMaKoWHh09WMxO77dNeo1WcYScw8hWxEnD5vNOTqoqMOLRxnw==
f8b0143221d5692b.p.woff2
www.qrcreator.com/_next/static/media/
11 KB
12 KB
Font
General
Full URL
https://www.qrcreator.com/_next/static/media/f8b0143221d5692b.p.woff2
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
557ad5b6d651a51e7c87ddb0fa5ae75563a5026ac94b0cdcb8abacb095a569f9

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
Origin
https://www.qrcreator.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11504
last-modified
Mon, 02 Sep 2024 09:38:50 GMT
server
AmazonS3
etag
"13b0fe38843a5926d83faee9c93333f2"
access-control-max-age
0
access-control-allow-methods
POST, GET, HEAD, DELETE, PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
KJakvmfAl8D07EW339X2uQHnEwHqOLe9JAeAD70LfVhRqGiqXyDDtA==
16fbb0b15cc28290.css
www.qrcreator.com/_next/static/css/
31 KB
6 KB
Stylesheet
General
Full URL
https://www.qrcreator.com/_next/static/css/16fbb0b15cc28290.css
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
703521ab1e2a14ba1f3741b0ac85dfe855c5bf8b80713a03779439c1a5cddc28

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:19:22 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
148350
x-amz-server-side-encryption
AES256
etag
W/"681ac6038b8aab39c5836aedfa68c08b"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
wJ5rkKdIHRJ2n_-GN1kUWTfgunylQ3qDRNa0SNvYN-TrnNaaIZRbOw==
64cc3f36fe3709bf.css
www.qrcreator.com/_next/static/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.qrcreator.com/_next/static/css/64cc3f36fe3709bf.css
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c641a29df8142d4cbeb3d3415ab754391901cb344da4a28f3752f28244ee9e20

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:03:46 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149286
x-amz-server-side-encryption
AES256
etag
W/"55cee3293ea136bbabf532055f8101b8"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
bLlK7oxAkEorqbnGM9sEYOPIr5YuOUHbOoJ8x8wJl30m9LHapevHJA==
539e7f68630c79dc.css
www.qrcreator.com/_next/static/css/
25 KB
6 KB
Stylesheet
General
Full URL
https://www.qrcreator.com/_next/static/css/539e7f68630c79dc.css
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f24913d1a291d3db5e38db18ed1f838edfb896d5a7a0fed394e05ccde3b772b

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"2332ddd103a62a31d3ca158223831f32"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
E3waz7opc3fEU4gRyi993OH0OMVFYLtzZc-VCSrUc2jZAuPde63J5w==
5580cd1e7493574f.css
www.qrcreator.com/_next/static/css/
27 KB
6 KB
Stylesheet
General
Full URL
https://www.qrcreator.com/_next/static/css/5580cd1e7493574f.css
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b084d50ded4ae88129ac66ac709a6af0323667a42138d91c7d1eed48419ac66e

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:03:46 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149286
x-amz-server-side-encryption
AES256
etag
W/"9ee00ba8abbeefa1f618d84cf2db11b6"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
3qviAoW5QymOuCvFRKTY3G2o_fo1kjehz2VWJ60Q6VXaC9tBhhJbqw==
c40609028d7ad93e.css
www.qrcreator.com/_next/static/css/
28 KB
6 KB
Stylesheet
General
Full URL
https://www.qrcreator.com/_next/static/css/c40609028d7ad93e.css
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b4c1980685c927d56f5bb8a6fbbffd1a8048a26d062e69ac00fe1846084e2c3

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:49 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"42f7363a14491021ac8fdedbb68a720b"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
GUDksmv4K21jGk5R-BmgL--6ZKnjEX_0JC0yJX94VNHM1goY2m9b8w==
04bd8e23a5dd59ff.css
www.qrcreator.com/_next/static/css/
25 KB
7 KB
Stylesheet
General
Full URL
https://www.qrcreator.com/_next/static/css/04bd8e23a5dd59ff.css
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03832a267dc287bae15550cf08ce02ba4975f2bc046a69954de3164d6d45c0b3

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"d475ff90b0b90b9537b44b3e20ba979d"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
bWEi72JOoBgdm5U8hwF30ncnR0-ZjICJW4IVeMX4W-ue9z4tGXNuUg==
3161d9ec379f5ff8.css
www.qrcreator.com/_next/static/css/
31 KB
7 KB
Stylesheet
General
Full URL
https://www.qrcreator.com/_next/static/css/3161d9ec379f5ff8.css
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73e697091397e496520f9b2a559c65dff00cf428ea8c60867de362a8e1b3ce76

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:19:22 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
148350
x-amz-server-side-encryption
AES256
etag
W/"169aeab96e04908804d0d1429382d1dc"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
MFJwV03b4CXHIVrJwSlPSHwvj4uFcOIfqPSy4k4ZIFb12M9RNLbq-g==
7e961a5d77e0c079.css
www.qrcreator.com/_next/static/css/
15 KB
4 KB
Stylesheet
General
Full URL
https://www.qrcreator.com/_next/static/css/7e961a5d77e0c079.css
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60369af2f9c5e5e101bb767ee56e936d04b303730452ec6400a43da5f0c1fcb5

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:19:22 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
148350
x-amz-server-side-encryption
AES256
etag
W/"17896b98747c274558dc7f4c2fa44429"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
FTSIsadtCAJcoX6ZJjeswsa7_2l08fiCWDW-XxC9TfWIXwtI2l-Rnw==
f3dccc77663f9e70.css
www.qrcreator.com/_next/static/css/
15 KB
4 KB
Stylesheet
General
Full URL
https://www.qrcreator.com/_next/static/css/f3dccc77663f9e70.css
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56f856954149eda48b9400bbe4d3a0c82f914341d8467c96f26f2d8db73386ba

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:03:46 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:49 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149286
x-amz-server-side-encryption
AES256
etag
W/"056635aff49eee66558aa23155543645"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
Oy5W8qvyrsGk5y610B_B57kIcd5x8ZxOUKDTNHJyxZoERMfP7o5i2A==
9d78edf55079f24b.css
www.qrcreator.com/_next/static/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://www.qrcreator.com/_next/static/css/9d78edf55079f24b.css
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccfd4f57173324658bf4df266adf2d6a3784cd1cb921f6ebd4aae5acc620420f

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:03:46 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149286
x-amz-server-side-encryption
AES256
etag
W/"56745bae6c02cd55dd38d086cbeb56bb"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
Qj0Rw8RsDsCa_7CFXO1zOuKJKoR1bkQVvwAgekGJaKXFsjPvtqPT1Q==
webpack-f34309d3df11830a.js
www.qrcreator.com/_next/static/chunks/
13 KB
7 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/webpack-f34309d3df11830a.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d259df0d3cbb552429f4ebb5790b0b6c1cddc6c1ed3424e72023d664dff7484a

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:59:13 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149559
x-amz-server-side-encryption
AES256
etag
W/"cf23d01701d769d5a953308a689db7b8"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
4vMXJyuD9WZrJn5wvde0UqoGSUZ4FG0A9Ueu2RWr4oVzWE_al7g8XQ==
fd9d1056-8c186a59fb5ddc92.js
www.qrcreator.com/_next/static/chunks/
169 KB
53 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/fd9d1056-8c186a59fb5ddc92.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
169a869295a361c5daf839908c92591bc1f621d0e18313e3df62b10f02ceed8a

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:50 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"b1faea7b691764c43e83fd9e8a742efd"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
SsI6-tUTdary4P5bfYWmFAmgidVQPKOi5L75ryV4DjmUSFy-KgbGvw==
7023-fbdab24bed5efbdd.js
www.qrcreator.com/_next/static/chunks/
121 KB
32 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/7023-fbdab24bed5efbdd.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98596c30750b7460bfc15af6c5b9108c9142904791c6ff541db1ace41c713cd3

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"03ba58e17e5a497f11784a9112e0a0f9"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
iKFkCLBHtg532synnFtrNj9zwmpi0b_u7_dVLJ0321UuTgmCnciZDQ==
main-app-6267e66b6ccfafd4.js
www.qrcreator.com/_next/static/chunks/
529 B
924 B
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/main-app-6267e66b6ccfafd4.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1372c77d2ee32d35a8e7198ff6cf48eca6368dce13ecd963f1c6a3083927a0eb

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:50 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
etag
"c2e6f3993f054781260d2a4942565d27"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-length
529
x-amz-cf-id
rlU7l6KSL8yTVl3s8nQYJcOP-25e7D2-WBGKLD-sZ4lAriKroDAuFQ==
a63740d3-cd2e88c4b9200673.js
www.qrcreator.com/_next/static/chunks/
4 KB
1 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/a63740d3-cd2e88c4b9200673.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e40f7d16253e36397147643146e7a29fe30b0fb76bb42b7ea8adf64c60694d8

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:50 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"01f5331ea5a759f15e4cb0b8fc8ceea7"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
pQNYBV8Y30lp-JR3qOfaqg0r1-jP_M1OKM3q4rd4EmTQ7XucOYVguw==
bc9c3264-40bc1f7fcd3132f7.js
www.qrcreator.com/_next/static/chunks/
6 KB
2 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/bc9c3264-40bc1f7fcd3132f7.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b162cc2ea92838fdc22498929db1f664f0dd4a3b6b85ce54eae96f1340e747c8

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:50 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"8171a88c37f31c63ebce9450bdb28186"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
D2FKAGKaEhbByNNz_SsRpHhdS4vsnpy12nKwBnE9iwRxsblv2K0wPg==
3627521c-bf83deacd66b9e00.js
www.qrcreator.com/_next/static/chunks/
5 KB
2 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/3627521c-bf83deacd66b9e00.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4302767b5baf1c4b09035f3b190a4d4d65297f3d4976099dad529793b04d881f

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"b329b98a30d13e5c2fe0bb185350e871"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
5cvZUYTRyd_qRMx-AD-oGd_WnHxvu3OkfN3UWqmfmGDVc6CFkVq5LQ==
48507feb-70ce338303d819c6.js
www.qrcreator.com/_next/static/chunks/
2 KB
1 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/48507feb-70ce338303d819c6.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b18c7dacbb8c2c273da7b5df569327e0c9c6a6218ec17acc6e2b53935921cb7c

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:56:52 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149700
x-amz-server-side-encryption
AES256
etag
W/"dc5b4f1ae6ff9928e43b0518e36d32c8"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
OWjDpwxCCjQEkhs-d7S6aFMIGJ57Ehg8FaVGmHzG02ELx6PrQXOCKQ==
9081a741-48e4febeeb49d126.js
www.qrcreator.com/_next/static/chunks/
949 B
1 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/9081a741-48e4febeeb49d126.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af577597a662b081338f9304600581595a211134577158a8919a2e1bc4f7debf

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
etag
"14148bd5e7e63457bfebdb3124e28c15"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-length
949
x-amz-cf-id
ODToNXaO01AzemVI9duuJ0eJ2sysFYDry6kPoU44LneuLVQv2j57vg==
8e68d877-970be1e75dad4aa5.js
www.qrcreator.com/_next/static/chunks/
591 B
986 B
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/8e68d877-970be1e75dad4aa5.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f5338fadbc7e137ef12761eab77de2ab0609174cfa8776b90e83480ef0cabd9

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
etag
"d0db57fc878c915f55d56caf4499df90"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-length
591
x-amz-cf-id
Qmr4TXjvMJa00oSklvVJJFcIb5UC1BZBvCpvav7iE-DF8091G9s5Xg==
ec3863c0-6915137c8a99ad52.js
www.qrcreator.com/_next/static/chunks/
712 B
1 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/ec3863c0-6915137c8a99ad52.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f9e832dc7179a0268828695c44a79786f54804941361e3a351f8ce630c033e4

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:03:46 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:50 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149286
etag
"c49cc9c6b0269bf446cd83a22bc07920"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-length
712
x-amz-cf-id
C2CCD-oqUk-pIpU9lo5jT2avYdDdHQoDUwxsrOs4n2b4bTieho3dyA==
8dc5345f-16877448fde00d7e.js
www.qrcreator.com/_next/static/chunks/
476 B
870 B
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/8dc5345f-16877448fde00d7e.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c3682fc4af01e05b3f031135bb64b5853eb1567f0fe0789c37586c8a7b6ff50

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:03:46 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149286
etag
"83feef624068c737e2d5da1d3909bc2c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-length
476
x-amz-cf-id
VsqAPSRGncKawxMwVncLMH6g_LMbnD86rlsvufMV9DgRyUdHezz5DA==
ff59bc63-aa362611fd503a61.js
www.qrcreator.com/_next/static/chunks/
412 KB
101 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/ff59bc63-aa362611fd503a61.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bfc898c19cebab1502460b71be9c6298f676a577babb81b47a51c4a79e36661

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:03:46 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:50 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149286
x-amz-server-side-encryption
AES256
etag
W/"663f07d96d6022d15155e2bb78a86d97"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
2TqpPL66muIgTYBCGVDS17HilcSmYG0haRhhQrov7cMWNXqa2OPZ0w==
5207-82ff68778af364b7.js
www.qrcreator.com/_next/static/chunks/
96 KB
30 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/5207-82ff68778af364b7.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e94c23bef17b0db42892158294b1f02fb1ef898a123a3c04a2492781902757b7

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"6ffc537b32f399d55c2e655ad08d237f"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
_eACSTLsddkzGhtjeQRTsILDq0sX3c23J5FrZlgV5aOWw0NPcNUf3w==
934-b5fb77c90dc8e736.js
www.qrcreator.com/_next/static/chunks/
29 KB
10 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/934-b5fb77c90dc8e736.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f109d16a66bbd1752a2faddbf7977bba517549a027e94f5a378c01f1ad8e224

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"6739e571599d888f1afeb7e19ec532a3"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
zwSQlGSpYzqb--Ufb3_XUiFpk6fs-to04bij-a2364tPr2ZMC5Xmwg==
1894-6ee2248ca3871066.js
www.qrcreator.com/_next/static/chunks/
20 KB
7 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/1894-6ee2248ca3871066.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e17a4dc139f878962b48d3ab0c7852bc10f0dc7d5d35d2c17511109ac2f4ce3f

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"05fdabb36607d6f05889f9acfd935128"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
TABdo7dtFG2wHpMD0dcw69_XNPPPjKCVikpqHYOvb2R5KlgOZ4BB5A==
1897-eaf791e2c45c6fb4.js
www.qrcreator.com/_next/static/chunks/
56 KB
19 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/1897-eaf791e2c45c6fb4.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1734eaeff062a2ac0e262065e4bf9561bda9f9be71f711084253d6a179b42965

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"27c749bf17d66d86e45b5744f886ae36"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
XK6jHjZxCrjCu_y-Sx8ovnI5PF8KPUuLjbrxFYx7JoGqwNXpGm6Frg==
4038-614a6ff255e88601.js
www.qrcreator.com/_next/static/chunks/
90 KB
28 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/4038-614a6ff255e88601.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31969c5cffe153b5ca017ed309a5a1465dbd26dc6c9b14777497bb4fc68b948e

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"ec7f328cf05b1e93e586e2870883769b"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
HDgWtqncVBtCSba6yGzvqcey2NLj2ALqEmvQq5-GEzRJ2KJu9S40RQ==
4950-efac8c7e4afad441.js
www.qrcreator.com/_next/static/chunks/
146 KB
48 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/4950-efac8c7e4afad441.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c891f2484e84362eba2809981019e013adf17090b19c89e4c554a3a40a3c38c

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"416af934fd7fb64034f6d6c5e2dee6b6"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
KKJWKAIsmI3UH8ZIGjw5KMuLpIJXxE-SHW_5deYFinzptgzDkAcoSA==
1752-60827dec12cee5e1.js
www.qrcreator.com/_next/static/chunks/
75 KB
23 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/1752-60827dec12cee5e1.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b697a29902d214f76ed1379a7e8400f74c5ccd2ce65ac0dcf40282b1abd4725

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"28ea9705edbeb8a51971a996e7d7ee9a"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
R5j8LK2Ew-QVXyOTTW1IiyFnMmlJ1LCeVFxaCGKN5xkoI5WuUn6G_g==
1388-dbdb07321849213b.js
www.qrcreator.com/_next/static/chunks/
69 KB
19 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/1388-dbdb07321849213b.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c48797b348dc9e0ccce432182f4c2df9e63287b92b9082ab988b935f7610f01

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:03:46 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149286
x-amz-server-side-encryption
AES256
etag
W/"e4a283274b079da8dce22612ef5de8d2"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
kLj6h41-FGk59lwq2HvGofBWCRcFUpY35gY0QjxH0TvSRt9kQxnx6A==
9818-8cf8d76da2ac3827.js
www.qrcreator.com/_next/static/chunks/
22 KB
8 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/9818-8cf8d76da2ac3827.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2573dd2248bd4492ed4d1607c7a88a46889e71c0619560fe5f2a7ffef4b98b7

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:06:27 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149125
x-amz-server-side-encryption
AES256
etag
W/"841b6683cfd3ff87b02583ab5d7a4b5c"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
xuJgDrdHkVyrnumlxeAgK3Uwc5Yzzj1fTMZe40R_1mAz4k76_LRuCQ==
6837-3653cde1519ef18d.js
www.qrcreator.com/_next/static/chunks/
263 KB
93 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/6837-3653cde1519ef18d.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0890472f2ee8a1a4a062d9d4b0bd2424876272daa2d1c4b847b8d48f9a17e1b

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:56:53 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149699
x-amz-server-side-encryption
AES256
etag
W/"676dc3752ece5e8c9c6c0110c2ef48b7"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
88rXzzoY7p6x0ZQsxBsnCOIjyFJFfaomTnVxjGdzAtMTeBERMXWOdw==
2148-24911528d06ffcee.js
www.qrcreator.com/_next/static/chunks/
67 KB
17 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/2148-24911528d06ffcee.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87ac490416d78627d11bd117a3cb82a48af90c27ae6823e5931aa30a2cd3c6bf

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:28:52 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
147779
x-amz-server-side-encryption
AES256
etag
W/"fb567100b1881ea0b8931fb1ed81be08"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
eudc4otGcO3v3CUg1KKB_XTNYpOTwq_pQhK_P2F9-LG4lSit5YTezQ==
3561-b974a8c8d7d54758.js
www.qrcreator.com/_next/static/chunks/
86 KB
9 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/3561-b974a8c8d7d54758.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fa72fced13a6162b417206824a13b6f8cf1a2511849b2826e85464c9ca8722d

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:28:52 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
147779
x-amz-server-side-encryption
AES256
etag
W/"5f128c4581b153e70ea1cf8e5e6e2436"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
QXjj-KqI0gfA585qSYhnDWY_LW4YM5H1hNNLOYILkU24dtw-MwpELQ==
page-20fec30ce4b597f6.js
www.qrcreator.com/_next/static/chunks/app/%5Blang%5D/qr/%5BqrId%5D/
399 B
792 B
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/app/%5Blang%5D/qr/%5BqrId%5D/page-20fec30ce4b597f6.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c7f20323710964940d5a559b845c63f649d850ebc9160b74d1f41e18da4230c

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 11:16:58 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
144894
etag
"e27e4da88cac7958402c161c7b05c02f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-length
399
x-amz-cf-id
3FxA3ROxLRymA3azrae5sbRe8V9RI3fyRZqBodQ89dQRL2-ycb007g==
12038df7-53d16492b4990996.js
www.qrcreator.com/_next/static/chunks/
1 KB
1 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/12038df7-53d16492b4990996.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84fe93fcda78bba6cdc9aa368a97aeb4bfcb27bdcded6d8cb782f9c6a53516c2

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"1d747a4f6b731958305013efed8abf17"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
ANUEgcPlYuxZiUCcMcvnSJAZ9Xw54vCnUImJfTRoHPNH4XV-kHk1ag==
93854f56-50471028af5b8da1.js
www.qrcreator.com/_next/static/chunks/
442 B
836 B
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/93854f56-50471028af5b8da1.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f00930889ead6fdc6b8c960eb7036438d03d9bbd1c0383da352323dac60bada

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
etag
"ddc897fd3d7ffd54e8bbeb30bb7bc8a7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-length
442
x-amz-cf-id
Q_MXaOj5Zmdnty0tcf2t5g5Bi6FIZ27e3WkDaX5jQbKeuSfWchhCxg==
6129-eddc2a2d48fb58b5.js
www.qrcreator.com/_next/static/chunks/
27 KB
9 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/6129-eddc2a2d48fb58b5.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0546920af7da4b34039bba880d74b22869e1452ccafcf17d73171678cb025305

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"5e3b6a652fb7e1b8c16347489f32dfd5"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
jvZ9SIVVsk9StH6W__1ux_fKjTcmI4rZAP0MyduHfwOmnOro2DJm7A==
3048-e1e87a81779608f0.js
www.qrcreator.com/_next/static/chunks/
48 KB
16 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/3048-e1e87a81779608f0.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
718e840434bceb45887dbdf9dd1bb7a95e2db819b2cf3d6659e82d7c78da2e4c

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:59:19 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149553
x-amz-server-side-encryption
AES256
etag
W/"93a8dbffadde9349a7039b8f600f7d51"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
IMgNHDA8vHOLdY7twrq6AyzutXtjTVD76WMFHSYRTiPRJBMw_ucDBQ==
not-found-d2675f560b5353bb.js
www.qrcreator.com/_next/static/chunks/app/
22 KB
7 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/app/not-found-d2675f560b5353bb.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19dfa1b5efe3b3eab9a18c678726eb13b069f1fb93e1a8e020dae614fad840a7

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:56:54 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149698
x-amz-server-side-encryption
AES256
etag
W/"093c34e3456e6574a3d66e648c1e6672"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
B43ahV8jtcTFHoNwEUS3caVkf4EPXy0G0XHs9dhvmSAx4td60T2sAw==
6248-c79c00ae4df93b12.js
www.qrcreator.com/_next/static/chunks/
25 KB
8 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/6248-c79c00ae4df93b12.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e3ced71562996372a28a103d7be474a03fe9336504902684f75736288eacd44

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:06:27 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149125
x-amz-server-side-encryption
AES256
etag
W/"7f2b1dfc8db0a931c11ebbe5c666157e"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
OcekDpOipzKtx-yYVArwk8xiy1CJZfoEqCMG_A_hkI692R41ypDXSQ==
layout-fa2975b8be354279.js
www.qrcreator.com/_next/static/chunks/app/%5Blang%5D/(public)/
446 B
843 B
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/app/%5Blang%5D/(public)/layout-fa2975b8be354279.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7eefa61ffba2957708b6c9d3f4c8aa4291f0393143cb3493dc197151cbe1bd66

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:59:19 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
149553
etag
"e3f1d3e76fcf77403085d8bee548705b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-length
446
x-amz-cf-id
pqFhVvTBR6YYdOv_YNDJCCq83ym7gIYAN4YG4MEJs_szxNkJkqSTBA==
3678-be6933ff08e2b8a0.js
www.qrcreator.com/_next/static/chunks/
7 KB
3 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/3678-be6933ff08e2b8a0.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc0ca50558785b8e91cbebe06639805440f50dbb106f263c93ba4b5f67976de5

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"f13a0af77a2de324d19fc2253267d312"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
CuA4jMIxoqWzsCI7WDg3_RloJDOGqZa004jppr5V689kTFZmiYNP4w==
538-408ec02038c42507.js
www.qrcreator.com/_next/static/chunks/
166 KB
56 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbe9e8116cf9705d8b226e22c6b556f74d0076754b5f820f150f8f3f4209cdf3

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:03 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
150769
x-amz-server-side-encryption
AES256
etag
W/"2714c9b6957a63e4a15b6cccc92aa543"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
rxr-oyjQ_22rIC_7lqxf8p-9aVaV9TSU9oEN5S80ZgL4LvMWbbfRkQ==
layout-b8c5191438080fb8.js
www.qrcreator.com/_next/static/chunks/app/%5Blang%5D/
31 KB
10 KB
Script
General
Full URL
https://www.qrcreator.com/_next/static/chunks/app/%5Blang%5D/layout-b8c5191438080fb8.js
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0186111dd3ab7a13139df84e06df4e01bf5299dc1d8f9f4e8ced13c5b49b113

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 10:28:52 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
147779
x-amz-server-side-encryption
AES256
etag
W/"d149b50f44edb59db643c5cef8698c3a"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
Y8H6P6cR2BV9PD2R06GHJKqeN1Jd1BQqB4B56lY93T8Kzs04DKD0mQ==
gtm.js
www.googletagmanager.com/
287 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PKLC7CX
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58fce6e79361b6d2dac4b512feced057da7cb194e7e4934462b63814d30ef317
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 03:31:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98757
x-xss-protection
0
last-modified
Wed, 04 Sep 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 04 Sep 2024 03:31:51 GMT
j.php
dev.visualwebsiteoptimizer.com/
3 KB
2 KB
XHR
General
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=116448&u=https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C%3Fundefined&vn=2.1&x=true
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1 /
Resource Hash
bee600615c319ed567b477fd1afb02ededf0139cf651253749934dca548d349d

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 03:31:50 GMT
content-encoding
gzip
via
1.1 google
server
gnv1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.qrcreator.com
cache-control
public, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v.gif
dev.visualwebsiteoptimizer.com/
35 B
146 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=116448&d=qrcreator.com&u=D16AC33AF8D9F510AF0046177FFE6F86B&h=ab9be955ad866524b5460c126f39e605&t=false
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/qr/BE35715C?undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv02c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 03:31:51 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv02c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
rum
browser-intake-datadoghq.eu/api/v2/
53 B
138 B
Fetch
General
Full URL
https://browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.21.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Aqr-frontend&dd-api-key=pub99e89a603b41f6446d92fa643136d6ef&dd-evp-origin-version=5.21.0&dd-evp-origin=browser&dd-request-id=c5cf68f2-5bc6-46c5-9fdb-d607443c7c73&batch_time=1725420711786
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:a9f9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Sep 2024 03:31:51 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
via
1.1 google
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
dd-request-id
c5cf68f2-5bc6-46c5-9fdb-d607443c7c73
rum
browser-intake-datadoghq.eu/api/v2/
53 B
340 B
Fetch
General
Full URL
https://browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.21.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Aqr-frontend&dd-api-key=pub99e89a603b41f6446d92fa643136d6ef&dd-evp-origin-version=5.21.0&dd-evp-origin=browser&dd-request-id=f4aaf47f-5288-426c-b14b-3ce89ed3d920&batch_time=1725420711791
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:a9f9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
3b0594cf5de2a1291bce64f37913bf14bda23e6ea8da1e795355e9f2d9fdb6a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Sep 2024 03:31:51 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
via
1.1 google
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
dd-request-id
f4aaf47f-5288-426c-b14b-3ce89ed3d920
rum
browser-intake-datadoghq.eu/api/v2/
53 B
137 B
Fetch
General
Full URL
https://browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.21.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Aqr-frontend&dd-api-key=pub99e89a603b41f6446d92fa643136d6ef&dd-evp-origin-version=5.21.0&dd-evp-origin=browser&dd-request-id=a994b343-50bb-4dee-b509-f12c742ea1ee&batch_time=1725420711793
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:a9f9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Sep 2024 03:31:51 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
via
1.1 google
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
dd-request-id
a994b343-50bb-4dee-b509-f12c742ea1ee
icon.png
www.qrcreator.com/
195 B
615 B
Other
General
Full URL
https://www.qrcreator.com/icon.png?95fc728445470869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
/
Resource Hash
af8ff58918bc1e620194122c3b9af8b82b0f6a75bac6ad0d5be8e1b9063cea6d

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 09:39:02 GMT
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P8
age
150769
x-amzn-requestid
05550574-7aef-4a7f-b7e3-84cf1378497b
x-amzn-trace-id
root=1-66d587b6-4234714b0cceb1d02753d468;parent=37383b957238c15e;sampled=0;lineage=1:9a0ab67c:0
x-cache
Hit from cloudfront
content-type
image/png
x-nextjs-cache
HIT
x-opennext
1
cache-control
public, immutable, no-transform, max-age=31536000
content-length
195
x-amz-cf-id
m360FxhzFcPiVNJ0ACze-hA4maW5yvTLC6bzw7pwCaH5MkuZuyjmWA==
scan
api.qrcreator.com/qrcode/BE35715C/
797 B
1 KB
XHR
General
Full URL
https://api.qrcreator.com/qrcode/BE35715C/scan
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-57.jfk52.r.cloudfront.net
Software
/ Express
Resource Hash
85dd9d6c161fd316d57b200a7f2160aace3e7dcb94badbd8aa1e7d6b33e69ba3

Request headers

Accept
*/*
Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 03:31:52 GMT
via
1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
797
x-amz-cf-pop
JFK52-P4
x-amzn-requestid
8658009e-e4c3-44de-b184-34ff9feaad6b
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
dj4qUHgYIAMEUuA=
content-length
797
x-request-id
45380ea8-6499-49b8-8e1c-80b81d8c5800
etag
W/"31d-RQeDCL++7bm90/MKdQzX6PvuHt0"
x-amzn-trace-id
Root=1-66d7d4a8-211895fa6baf9b226772093e
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.qrcreator.com
access-control-allow-credentials
true
x-amz-cf-id
LT27z0NIu31nIHIRMiv4t9clZji6kzvucZGKXVV62nwY5nUf3At6IA==
client
accounts.google.com/gsi/
227 KB
86 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WcsijJypZ9OyiV84cqZOvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 03:31:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-WcsijJypZ9OyiV84cqZOvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 04 Sep 2024 03:31:52 GMT
loader.js
sdk.privacy-center.org/4748724e-2644-42a5-9fe0-1db96a2a344b/
4 KB
2 KB
Script
General
Full URL
https://sdk.privacy-center.org/4748724e-2644-42a5-9fe0-1db96a2a344b/loader.js?target_type=notice&target=zDEqc4ie
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKLC7CX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:7c00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-didomi-configs-version
112
content-encoding
br
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:false
date
Wed, 04 Sep 2024 03:31:52 GMT
via
1.1 1abf103face183cd8172f37e6ac30038.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-amzn-requestid
ca6529c9-b5fc-480a-a014-24a30d209e9f
x-amzn-trace-id
root=1-66d76e30-7292a3f13bde7842155b3534;parent=65e2a915f969778f;sampled=0;lineage=eaae1266:0
vary
Accept-Encoding
etag
W/"c17afd3e071c18eaac6c26d8962d22f5"
content-type
application/javascript; charset=utf-8
x-cache
RefreshHit from cloudfront
cache-control
max-age=7200, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
XSo2Z6-uNixA3_Os-f3YUAlAljQmJ_X3MPn2NvrYvT27YmFuiQ_eZA==
destination
www.googletagmanager.com/gtag/
245 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11078794367&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKLC7CX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f5470ab8a798d3902504468b215018d8d4b0bc540636a44f8ce3b41617553839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 03:31:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89112
x-xss-protection
0
last-modified
Wed, 04 Sep 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 04 Sep 2024 03:31:51 GMT
hotjar-3468862.js
static.hotjar.com/c/
11 KB
5 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3468862.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKLC7CX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
c01601ea37573b30f7b8e187500db43b1ed699de20e4adf9289f1dc5a3e1aa2b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 04 Sep 2024 03:31:52 GMT
via
1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/75fc417b6b078829c73b149a32f6c31b
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
yLw1qtGwfio2cRdaTC39AwikBKt18FsRNxTzPaGZZv0jYqHVzmTkxg==
core.js
s.pinimg.com/ct/
5 KB
2 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKLC7CX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:258c::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"b37f6fea55e9029c9c9d413c47f69cb7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1878
main.97c41ef3.js
s.pinimg.com/ct/lib/
82 KB
23 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.97c41ef3.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:258c::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"e1539e83e14f862d3b381b23e74d63fa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
23701
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/
223 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3468862.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-46.jfk50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
3071326
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ZGDgn5_mxMvNTxHHbXxX2AWCK3zRB5TQP9KKRStKKcRxycABpWVR0Q==
rum
browser-intake-datadoghq.eu/api/v2/
53 B
137 B
Fetch
General
Full URL
https://browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.21.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Aqr-frontend&dd-api-key=pub99e89a603b41f6446d92fa643136d6ef&dd-evp-origin-version=5.21.0&dd-evp-origin=browser&dd-request-id=7694bcfe-07a8-40a8-b19b-1c4430d796a2&batch_time=1725420712307
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:a9f9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Sep 2024 03:31:51 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
via
1.1 google
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
dd-request-id
7694bcfe-07a8-40a8-b19b-1c4430d796a2
/
mivilles-inc.com/
0
0

rum
browser-intake-datadoghq.eu/api/v2/
0
0
Ping
General
Full URL
https://browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.21.0%2Capi%3Abeacon%2Cenv%3Aproduction%2Cservice%3Aqr-frontend&dd-api-key=pub99e89a603b41f6446d92fa643136d6ef&dd-evp-origin-version=5.21.0&dd-evp-origin=browser&dd-request-id=2899547a-9e54-41c8-875c-ebe754e744fe&batch_time=1725420712313
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:a9f9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

browser-mobile.svg
www.qrcreator.com/images/phone-previews/
9 KB
4 KB
XHR
General
Full URL
https://www.qrcreator.com/images/phone-previews/browser-mobile.svg
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 10:10:47 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
62466
x-amz-server-side-encryption
AES256
etag
W/"790c50769c55531dd0f73e8901b43302"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml;charset=UTF-8
cache-control
public,max-age=0,s-maxage=86400,stale-while-revalidate=86400
x-amz-cf-id
7dcC-BUVvEbQedZxnnItK3_nkxeqj03jMe3pMGhdHYVg4i9IBP4wLQ==
phone-empty.svg
www.qrcreator.com/images/phone-previews/
289 KB
43 KB
XHR
General
Full URL
https://www.qrcreator.com/images/phone-previews/phone-empty.svg
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-34.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.qrcreator.com/qr/BE35715C?undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 10:10:47 GMT
content-encoding
br
via
1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
last-modified
Mon, 02 Sep 2024 09:38:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8
age
62466
x-amz-server-side-encryption
AES256
etag
W/"5ac6ff547798c95a62667c5a26ee7e24"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml;charset=UTF-8
cache-control
public,max-age=0,s-maxage=86400,stale-while-revalidate=86400
x-amz-cf-id
lRUwTftEVUZFl7bjZ9uoi3GbJbXtlPKyQXOWgfblfy3ERViGDj9kOA==
Primary Request /
c0mpass-canada.com/
Redirect Chain
  • https://mivilles-inc.com/?ebswpgxg
  • https://c0mpass-canada.com/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2MwbXBhc3MtY2FuYWRhLmNvbS8iLCJkb21haW4iOiJjMG1wYXNzLWNhbmFkYS5jb20iLCJrZXkiOiIxVlVrQ3d0eU5rdVIiLCJxcmMi...
  • https://c0mpass-canada.com/
  • https://c0mpass-canada.com/owa/
  • https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh...
38 KB
17 KB
Document
General
Full URL
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/2148-24911528d06ffcee.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.3.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
32af08227d9633b7bdc6607437b8bc5172da1921f4b0477ab47777dace549d71
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.qrcreator.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Wed, 04 Sep 2024 03:31:55 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
content-length
39310
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-ests-server
2.1.18841.2 - NCUS ProdSlices
x-ms-request-id
316dc79b-fa6b-4ef5-b936-de5a2c7d1901
x-ms-srs
1.P

Redirect headers

Alt-Svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
Connection
close
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Wed, 04 Sep 2024 03:31:54 GMT
Location
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
NEL
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-BEServer
DM6PR03MB4330
X-BackEnd-Begin
2024-09-04T03:31:54.729
X-BackEnd-End
2024-09-04T03:31:54.744
X-BackEndHttpStatus
302, 302
X-BeSku
WCS5
X-CalculatedBETarget
DM6PR03MB4330.namprd03.prod.outlook.com
X-CalculatedFETarget
DM6PR11CU001.internal.outlook.com
X-DiagInfo
DM6PR03MB4330
X-FEEFZInfo
LYH
X-FEProxyInfo
BN9PR03CA0464.NAMPRD03.PROD.OUTLOOK.COM
X-FEServer
DM6PR11CA0030, BN9PR03CA0464
X-FirstHopCafeEFZ
LYH
X-OWA-DiagnosticsInfo
7;0;0;
X-Proxy-BackendServerStatus
302
X-Proxy-RoutingCorrectness
1
X-RUM-NotUpdateQueriedDbCopy
1
X-RUM-NotUpdateQueriedPath
1
X-RUM-Validated
1
X-UA-Compatible
IE=EmulateIE7
content-length
1285
request-id
9e25ff04-898e-a315-7753-ddc745011b55
sdk.fa0d031c942d7b7166d2f8fa6394608ee2c26e74.js
sdk.privacy-center.org/sdk/fa0d031c942d7b7166d2f8fa6394608ee2c26e74/modern/
356 KB
92 KB
Script
General
Full URL
https://sdk.privacy-center.org/sdk/fa0d031c942d7b7166d2f8fa6394608ee2c26e74/modern/sdk.fa0d031c942d7b7166d2f8fa6394608ee2c26e74.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/4748724e-2644-42a5-9fe0-1db96a2a344b/loader.js?target_type=notice&target=zDEqc4ie
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:7c00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:31:22 GMT
content-encoding
br
via
1.1 1abf103face183cd8172f37e6ac30038.cloudfront.net (CloudFront)
last-modified
Tue, 03 Sep 2024 16:31:15 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
39631
etag
W/"8f2f58ec0c43cf893dd053d6bd5f4a59-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
PX4MKMkUFCMlwpDvGOOKM5Xx4YLgaY5dAKwqr-p_TpfVPBjIsGyLGg==
/
ct.pinterest.com/user/
327 B
327 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2612464099030&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1725420712414&dep=2%2CPAGE_LOAD
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 03:31:52 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
8809826998493989
content-length
187
pin-unauth
dWlkPVlUWXdNamRsTXpFdFpXSTNaQzAwTWpBMUxUZzBZVGd0T0dOa056UmtaV1JpT0RnMA
pragma
no-cache
referrer-policy
origin
x-pinterest-rid-128bit
c5c79e60898ab5b47a42cafa89e14bda
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.qrcreator.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
93d6a1d867f8b0734f174cc8ed92086bf0be681a
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/
327 B
677 B
XHR
General
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%228ac26761-4279-4371-add7-dc3dadc5b10e%22%7D&tid=2612464099030&cb=1725420712417&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 03:31:52 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
1464000099982666
content-length
187
pin-unauth
dWlkPU5tRTROV1kwWkRBdE5qVXpOeTAwTkdRMkxXRTJaamd0T0RGaU5qVTJOakU1T0RGaw
pragma
no-cache
referrer-policy
origin
x-pinterest-rid-128bit
84aba1d10bbdf4f7cb2bbb57e2083226
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.qrcreator.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
93d6a1d867f8b0734f174cc8ed92086bf0be681a
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
210 B
Fetch
General
Full URL
https://ct.pinterest.com/v3/?tid=2612464099030&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C%3Fundefined%22%2C%22ref%22%3A%22https%3A%2F%2Faws.predictiveresponse.net%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1725420712419
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 03:31:52 GMT
referrer-policy
origin
x-cdn
fastly
x-pinterest-rid-128bit
46f81eededf721f6b52bc7288592a6e5
content-type
image/gif
access-control-allow-origin
https://www.qrcreator.com
pinterest-version
93d6a1d867f8b0734f174cc8ed92086bf0be681a
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
1305474692171711
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11078794367/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11078794367/?random=1725420712075&cv=11&fst=1725420712075&bg=ffffff&guid=ON&async=1&gtm=45be4930v9101812647z89102182295za201zb9102182295&gcd=13t3t3t3t5l1&dma=0&tcfd=1000g&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C%3Fundefined&ref=https%3A%2F%2Faws.predictiveresponse.net%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11078794367&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 03:31:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11078794367
td.doubleclick.net/td/rul/ Frame B64C
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/11078794367?random=1725420712075&cv=11&fst=1725420712075&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4930v9101812647z89102182295za201zb9102182295&gcd=13t3t3t3t5l1&dma=0&tcfd=1000g&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C%3Fundefined&ref=https%3A%2F%2Faws.predictiveresponse.net%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11078794367&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.qrcreator.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 03:31:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=0&rnd=139353937.1725420713&url=https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C&dma=0&npa=0&tcfd=1000g&gtm=45He4930n81PKLC7CXv...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=0&rnd=139353937.1725420713&url=https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C&dma=0&npa=0&tcfd=1000g&gtm=45He49...
42 B
66 B
Ping
General
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=0&rnd=139353937.1725420713&url=https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C&dma=0&npa=0&tcfd=1000g&gtm=45He4930n81PKLC7CXv9102182295za200&auid=2137917305.1725420713
Protocol
H3
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 03:31:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Sep 2024 03:31:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=0&rnd=139353937.1725420713&url=https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C&dma=0&npa=0&tcfd=1000g&gtm=45He4930n81PKLC7CXv9102182295za200&auid=2137917305.1725420713
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
326 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N6QDZ3M3R0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKLC7CX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 03:31:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
109603
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Sep 2024 03:31:52 GMT
token_create.js
ct.pinterest.com/static/ct/
4 KB
4 KB
Script
General
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 03:31:52 GMT
x-cdn
fastly
age
1254
etag
"16d5d552603d86726ae439fc61299d42"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
alt-svc
h3=":443";ma=600
content-length
4103
ct.html
ct.pinterest.com/ Frame A6A3
0
0
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.qrcreator.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 03:31:52 GMT
pinterest-version
93d6a1d867f8b0734f174cc8ed92086bf0be681a
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
1
x-pinterest-rid
1321852194730437
x-pinterest-rid-128bit
296c709f9e3b47d0b7719fad24c82865
/
ct.pinterest.com/v3/
35 B
361 B
Fetch
General
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%228ac26761-4279-4371-add7-dc3dadc5b10e%22%7D&tid=2612464099030&cb=1725420712672&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C%3Fundefined%22%2C%22ref%22%3A%22https%3A%2F%2Faws.predictiveresponse.net%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 03:31:52 GMT
referrer-policy
origin
x-cdn
fastly
x-pinterest-rid-128bit
050676d3e9b7191f940627956ef02e1f
content-type
image/gif
access-control-allow-origin
https://www.qrcreator.com
pinterest-version
93d6a1d867f8b0734f174cc8ed92086bf0be681a
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=600
x-pinterest-rid
1066625629023844
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/
0
247 B
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N6QDZ3M3R0&gtm=45je4930v9101101006z89102182295za200zb9102182295&_p=1725420711839&_gaz=1&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tcfd=1000g&tag_exp=0&gdid=dMTc4Zm&cid=1334773982.1725420713&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1725420712&sct=1&seg=0&dl=https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C%3Fundefined&dr=https%3A%2F%2Faws.predictiveresponse.net%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2305
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 03:31:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.qrcreator.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
256 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N6QDZ3M3R0&cid=1334773982.1725420713&gtm=45je4930v9101101006z89102182295za200zb9102182295&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N6QDZ3M3R0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 03:31:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.qrcreator.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame 8042
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-N6QDZ3M3R0&gacid=1334773982.1725420713&gtm=45je4930v9101101006z89102182295za200zb9102182295&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1008677725
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N6QDZ3M3R0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.qrcreator.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 03:31:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/
42 B
63 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N6QDZ3M3R0&cid=1334773982.1725420713&gtm=45je4930v9101101006z89102182295za200zb9102182295&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1567751274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 03:31:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
httpapi
api.eu.amplitude.com/2/
94 B
271 B
Fetch
General
Full URL
https://api.eu.amplitude.com/2/httpapi
Requested by
Host: www.qrcreator.com
URL: https://www.qrcreator.com/_next/static/chunks/538-408ec02038c42507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.95.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-95-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 04 Sep 2024 03:31:53 GMT
strict-transport-security
max-age=15768000
content-length
94
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api.eu.amplitude.com/2/ Frame
0
0
Preflight
General
Full URL
https://api.eu.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.95.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-95-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.qrcreator.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Wed, 04 Sep 2024 03:31:53 GMT
strict-transport-security
max-age=15768000
/
www.google.com/pagead/1p-user-list/11078794367/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/11078794367/?random=1725420712075&cv=11&fst=1725418800000&bg=ffffff&guid=ON&async=1&gtm=45be4930v9101812647z89102182295za201zb9102182295&gcd=13t3t3t3t5l1&dma=0&tcfd=1000g&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C%3Fundefined&ref=https%3A%2F%2Faws.predictiveresponse.net%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfcP89MDUojaDkWUhqffEr0gq-NYHGpA&random=73468797&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 03:31:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/11078794367/
42 B
64 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/11078794367/?random=1725420712075&cv=11&fst=1725418800000&bg=ffffff&guid=ON&async=1&gtm=45be4930v9101812647z89102182295za201zb9102182295&gcd=13t3t3t3t5l1&dma=0&tcfd=1000g&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.qrcreator.com%2Fqr%2FBE35715C%3Fundefined&ref=https%3A%2F%2Faws.predictiveresponse.net%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfcP89MDUojaDkWUhqffEr0gq-NYHGpA&random=73468797&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.qrcreator.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 03:31:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
c0mpass-canada.com/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/
111 KB
21 KB
Stylesheet
General
Full URL
https://c0mpass-canada.com/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
Requested by
Host: c0mpass-canada.com
URL: https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.3.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d

Request headers

Referer
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 04 Sep 2024 03:31:56 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
x-fd-int-roxy-purgeid
0
Connection
close
Content-Length
20414
x-ms-lease-status
unlocked
Last-Modified
Wed, 03 Jul 2024 21:48:08 GMT
ETag
0x8DC9BA9D4131BFD
x-azure-ref
20240904T033156Z-16579567576p25xcxh3nycmsaw0000000a1g000000005x7q
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
b7c04800-a01e-004e-4631-f9d273000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
ConvergedLogin_PCore_MPdO7dOdkI4kz5U_F5jz_A2.js
c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/js/
673 KB
673 KB
Script
General
Full URL
https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_MPdO7dOdkI4kz5U_F5jz_A2.js
Requested by
Host: c0mpass-canada.com
URL: https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.3.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6665ca6a09f770c6679556eb86cf4234c8bdb0271049620e03199b34b4a16099

Request headers

Referer
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 04 Sep 2024 03:31:56 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
689017
Content-Type
application/x-javascript
ux.converged.login.strings-en.min_rgcif7wynvabuyx5tqtpsw2.js
c0mpass-canada.com/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/
55 KB
17 KB
Script
General
Full URL
https://c0mpass-canada.com/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_rgcif7wynvabuyx5tqtpsw2.js
Requested by
Host: c0mpass-canada.com
URL: https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.3.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a8982f7c2258599dc81a94e77b77fa447932cee915fb4050e1b5f412fcf300a4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

Referer
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 04 Sep 2024 03:31:56 GMT
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
X-Cache
TCP_HIT
x-fd-int-roxy-purgeid
0
Connection
close
content-length
56820
x-ms-lease-status
unlocked
Last-Modified
Mon, 19 Aug 2024 20:19:00 GMT
ETag
0x8DCC08C299CED2A
x-azure-ref
20240904T033156Z-16579567576vpzq62mgx0my8kw0000000afg00000000acvg
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
ad4c1d20-c01e-0053-69ee-f897dd000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
truncated
/
341 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
Me.htm
login.live.com/
0
0
Other
General
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: c0mpass-canada.com
URL: https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.24.148 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c0mpass-canada.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

oneDs_641b1cf809bdc17b42ab.js
c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/js/
186 KB
61 KB
Script
General
Full URL
https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js
Requested by
Host: c0mpass-canada.com
URL: https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_MPdO7dOdkI4kz5U_F5jz_A2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.3.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
d4ea1a07b23257f411af4f8c20aa528d23c4dadbd4c81d5db454f5d82351adc4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

Referer
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 04 Sep 2024 03:31:56 GMT
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
X-Cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
Connection
close
content-length
190151
x-ms-lease-status
unlocked
Last-Modified
Thu, 27 Oct 2022 14:24:13 GMT
ETag
0x8DAB826EBE74413
x-azure-ref
20240904T033156Z-165795675767hwjqv3v00bvq340000000a9000000000kgsz
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
a5b61949-301e-0060-4485-fbbfc9000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/
107 KB
33 KB
Script
General
Full URL
https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
Requested by
Host: c0mpass-canada.com
URL: https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_MPdO7dOdkI4kz5U_F5jz_A2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.3.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
5f5fbee72883732799d75f6c08679ed8a6e769ae4f3afdcd3721103a481afa80
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

Referer
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 04 Sep 2024 03:31:57 GMT
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
X-Cache
TCP_HIT
x-fd-int-roxy-purgeid
0
Connection
close
content-length
109863
x-ms-lease-status
unlocked
Last-Modified
Thu, 26 Jan 2023 00:32:54 GMT
ETag
0x8DAFF34DD9DC630
x-azure-ref
20240904T033157Z-16579567576txfkctmnqv2e9c40000000a20000000006tue
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
929c5c05-b01e-0023-39dd-fa5995000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
prefetch.aspx
outlook.office365.com/owa/ Frame A472
0
0
Document
General
Full URL
https://outlook.office365.com/owa/prefetch.aspx
Requested by
Host: c0mpass-canada.com
URL: https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_MPdO7dOdkI4kz5U_F5jz_A2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1036:302:4836::2 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://c0mpass-canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
cache-control
private, no-store
content-length
2745
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 03:31:57 GMT
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=MNZ&RemoteIP=2001:4958:1420::&Environment=MT"}],"include_subdomains":true}
request-id
46249770-18f8-0631-9946-960e162a1c34
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-begin
2024-09-04T03:31:57.293
x-backend-end
2024-09-04T03:31:57.293
x-backendhttpstatus
200 200
x-beserver
MW4PR13MB5507
x-besku
WCS7
x-calculatedbetarget
MW4PR13MB5507.namprd13.PROD.OUTLOOK.COM
x-calculatedfetarget
MW4P220CU001.internal.outlook.com
x-content-type-options
nosniff
x-diaginfo
MW4PR13MB5507
x-feefzinfo
MNZ
x-feproxyinfo
BL1PR13CA0184.NAMPRD13.PROD.OUTLOOK.COM
x-feserver
MW4P220CA0027 BL1PR13CA0184
x-firsthopcafeefz
MNZ
x-owa-diagnosticsinfo
6;0;0;
x-owa-version
15.20.7918.24
x-proxy-backendserverstatus
200
x-proxy-routingcorrectness
1
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1
x-ua-compatible
IE=EmulateIE7
49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/images/appbackgrounds/
987 B
2 KB
Image
General
Full URL
https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.3.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

Request headers

Referer
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 04 Sep 2024 03:31:58 GMT
X-Cache
TCP_HIT
x-fd-int-roxy-purgeid
0
Connection
close
Content-Length
987
x-ms-lease-status
unlocked
Last-Modified
Fri, 27 Mar 2020 19:41:47 GMT
ETag
0x8D7D286E322A911
x-azure-ref
20240904T033158Z-165795675762h26c6ze2t4q7600000000a9000000000p0bn
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
e4a50135-901e-0034-62b6-f9f09e000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
49_7916a894ebde7d29c2cc29b267f1299f.jpg
c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/images/appbackgrounds/
17 KB
18 KB
Image
General
Full URL
https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/images/appbackgrounds/49_7916a894ebde7d29c2cc29b267f1299f.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.3.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

Request headers

Referer
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 04 Sep 2024 03:31:58 GMT
X-Cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
Connection
close
Content-Length
17453
x-ms-lease-status
unlocked
Last-Modified
Fri, 27 Mar 2020 19:41:47 GMT
ETag
0x8D7D286E30A1202
x-azure-ref
20240904T033158Z-16579567576qxwrndb60my3nes0000000a6000000000m5et
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
2521397e-501e-006e-222d-f9e1c6000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
53_8b36337037cff88c3df203bb73d58e41.png
c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/images/applogos/
5 KB
6 KB
Image
General
Full URL
https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.3.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

Request headers

Referer
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 04 Sep 2024 03:31:58 GMT
X-Cache
TCP_HIT
x-fd-int-roxy-purgeid
0
Connection
close
Content-Length
5139
x-ms-lease-status
unlocked
Last-Modified
Wed, 12 Feb 2020 03:12:12 GMT
ETag
0x8D7AF695A8C44DC
x-azure-ref
20240904T033158Z-165795675767hwjqv3v00bvq340000000ae0000000005wnm
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
295e76cf-501e-0038-336d-f9583b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/images/
4 KB
2 KB
Image
General
Full URL
https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.3.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 04 Sep 2024 03:31:58 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
x-fd-int-roxy-purgeid
0
Connection
close
Content-Length
1435
x-ms-lease-status
unlocked
Last-Modified
Fri, 17 Jan 2020 19:28:38 GMT
ETag
0x8D79B8373CB2849
x-azure-ref
20240904T033158Z-16579567576mj4tc2xukwvxfxc0000000a3g0000000077ga
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
a66e9454-e01e-002d-723c-f94f88000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
convergedlogin_pstringcustomizationhelper_76bb127b5869a5c6b8b3.js
c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/
111 KB
36 KB
Script
General
Full URL
https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_76bb127b5869a5c6b8b3.js
Requested by
Host: c0mpass-canada.com
URL: https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_MPdO7dOdkI4kz5U_F5jz_A2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.3.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
2516ef9d75f7088bea081c0b2cf357d4e0055ca3a508972247346e5ee5828400
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

Referer
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 04 Sep 2024 03:31:58 GMT
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
X-Cache
TCP_HIT
x-fd-int-roxy-purgeid
0
Connection
close
content-length
113440
x-ms-lease-status
unlocked
Last-Modified
Thu, 26 Jan 2023 00:32:56 GMT
ETag
0x8DAFF34DE8E0647
x-azure-ref
20240904T033158Z-16579567576w5bqfyu10zdac7g0000000a50000000004yur
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
ffdd28ed-001e-0009-2bca-fa8685000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
favicon_a_eupayfgghqiai7k9sol6lg2.ico
c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/images/
17 KB
17 KB
Other
General
Full URL
https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.3.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

Referer
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 04 Sep 2024 03:31:58 GMT
X-Cache
TCP_HIT
x-fd-int-roxy-purgeid
0
Connection
close
Content-Length
17174
x-ms-lease-status
unlocked
Last-Modified
Sun, 18 Oct 2020 03:02:03 GMT
ETag
0x8D8731230C851A6
x-azure-ref
20240904T033158Z-165795675762gt5gbs4b9bazh80000000a1000000000gxgg
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
x-ms-request-id
9d280baa-d01e-006b-79e5-f87b0f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/images/
2 KB
1 KB
Image
General
Full URL
https://c0mpass-canada.com/aadcdn.msauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.3.56 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Referer
https://c0mpass-canada.com/?y9y61ruk0=aHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2NvbW1vbi9vYXV0aDIvYXV0aG9yaXplP2NsaWVudF9pZD0wMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAmcmVkaXJlY3RfdXJpPWh0dHBzJTNhJTJmJTJmb3V0bG9vay5vZmZpY2UuY29tJTJmb3dhJTJmJnJlc291cmNlPTAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMCZyZXNwb25zZV9tb2RlPWZvcm1fcG9zdCZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc2NvcGU9b3BlbmlkJm1zYWZlZD0xJm1zYXJlZGlyPTEmY2xpZW50LXJlcXVlc3QtaWQ9OWUyNWZmMDQtODk4ZS1hMzE1LTc3NTMtZGRjNzQ1MDExYjU1JnByb3RlY3RlZHRva2VuPXRydWUmY2xhaW1zPSU3YiUyMmlkX3Rva2VuJTIyJTNhJTdiJTIyeG1zX2NjJTIyJTNhJTdiJTIydmFsdWVzJTIyJTNhJTViJTIyQ1AxJTIyJTVkJTdkJTdkJTdkJm5vbmNlPTYzODYxMDE3NTE0NzI5MzU2OS44ODA3YmMxYy02NGIxLTQ2NTgtOTQ0Ni00ZTFhYmY3NWE3MjQmc3RhdGU9RGNzN0VvQWdEQURSSU9OeElnVHk0empBYUd2cDlVM3h0dHNFQURrY0lkVUltSFpYcW1SQ2JHMTAwWEc1VjF1Yk5pb3ZRbFp4SE15S2ZOTmNqOG0weGluZXM3emZMRDg=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 04 Sep 2024 03:31:58 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
x-fd-int-roxy-purgeid
0
Connection
close
Content-Length
621
x-ms-lease-status
unlocked
Last-Modified
Tue, 10 Nov 2020 03:41:24 GMT
ETag
0x8D8852A7FA6B761
x-azure-ref
20240904T033158Z-16579567576h9nndaeer0cv35w0000000a8g0000000049rp
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
116e46c5-701e-0056-5cd4-fb4506000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mivilles-inc.com
URL
https://mivilles-inc.com/?ebswpgxg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| c object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_80e93b9a4cb13643afca boolean| __convergedlogin_pstringcustomizationhelper_76bb127b5869a5c6b8b3

34 Cookies

Domain/Path Name / Value
aws.predictiveresponse.net/ Name: _pa_user
Value: HKTWDEVaq1725420711
.qrcreator.com/ Name: _vwo_uuid_v2
Value: D16AC33AF8D9F510AF0046177FFE6F86B|ab9be955ad866524b5460c126f39e605
.qrcreator.com/ Name: context
Value: %7B%7D
.qrcreator.com/ Name: AMP_MKTG_4dacd1444f
Value: JTdCJTIycmVmZXJyZXIlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmF3cy5wcmVkaWN0aXZlcmVzcG9uc2UubmV0JTJGJTIyJTJDJTIycmVmZXJyaW5nX2RvbWFpbiUyMiUzQSUyMmF3cy5wcmVkaWN0aXZlcmVzcG9uc2UubmV0JTIyJTdE
.qrcreator.com/ Name: AMP_4dacd1444f
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIwNWU1MTJjNy1mODUxLTQxNTktOTZlZS03NGQ2ZDE5MTVhMjUlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzI1NDIwNzExODY4JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcyNTQyMDcxMTkxOCUyQyUyMmxhc3RFdmVudElkJTIyJTNBMSUyQyUyMnBhZ2VDb3VudGVyJTIyJTNBMCU3RA==
.qrcreator.com/ Name: _gcl_au
Value: 1.1.2137917305.1725420713
.pinterest.com/ Name: ar_debug
Value: 1
.qrcreator.com/ Name: _pin_unauth
Value: dWlkPVlUWXdNamRsTXpFdFpXSTNaQzAwTWpBMUxUZzBZVGd0T0dOa056UmtaV1JpT0RnMA
.qrcreator.com/ Name: _hjSessionUser_3468862
Value: eyJpZCI6IjdhNTA2NjNhLTY3MGMtNTM2Ny04NzA2LWFmZWI0ZjhjM2E4NiIsImNyZWF0ZWQiOjE3MjU0MjA3MTI3NDIsImV4aXN0aW5nIjpmYWxzZX0=
.qrcreator.com/ Name: _hjSession_3468862
Value: eyJpZCI6ImZjZTQ2ODY2LTI4ZGUtNGRlMi04MTQ0LTJmYjgxZmUxYjU4ZSIsImMiOjE3MjU0MjA3MTI3NDMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSYzQ0hTYnBWMVhlR2lDSmNDM0VjUmtTb2Uvbk1zRVRwMFY3SDBIdlpyaytxUEdSUzlFSkdmdmpzODRBcXZwWHpYTkp3cW1GNkRFQVhTUFZnTEJ5b1dUd2RqOC9JRE03aW40Q0l6YzYrZkdhUT0mRXJOb3V6dHVmSTVzaXZqS3pGL0RyYnlBUGl3PQ=="
.qrcreator.com/ Name: _ga
Value: GA1.1.1334773982.1725420713
mivilles-inc.com/ Name: qPdM
Value: 1VUkCwtyNkuR
mivilles-inc.com/ Name: qPdM.sig
Value: ILDoWyXJ27a0ZWg7lyiJ8BUMYDI
.doubleclick.net/ Name: IDE
Value: AHWqTUn66IYAHHB0L1bBSlhlZ9VlgAAxVjUumrcuhu5HxDiNfDaLNcRXnHqEPK8R
c0mpass-canada.com/ Name: qPdM
Value: 1VUkCwtyNkuR
c0mpass-canada.com/ Name: qPdM.sig
Value: ILDoWyXJ27a0ZWg7lyiJ8BUMYDI
c0mpass-canada.com/ Name: ClientId
Value: A8C01CC4B1E44713AF1D4A94FCAED17B
c0mpass-canada.com/ Name: OIDC
Value: 1
c0mpass-canada.com/ Name: OpenIdConnect.nonce.v3.gapbOT3oGSv9RQVj4Iiw038cAoa-tI5knG00GCraFbc
Value: 638610175147293569.8807bc1c-64b1-4658-9446-4e1abf75a724
c0mpass-canada.com/ Name: X-OWA-RedirectHistory
Value: ArLym14B1x2dH5LM3Ag
www.qrcreator.com/ Name: _dd_s
Value: rum=2&id=37180636-2542-4331-a1b8-ae39e6ed74a0&created=1725420711510&expire=1725421611510
c0mpass-canada.com/ Name: buid
Value: 0.AWIAMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYTDG0078ExFF2qZiirLBRY6z6gkOIZpiZvr1lACGn-EJemNtpBuoMt-5N6SC4RsJ8x7vznEFP1v1kG8DmvIcnagCFXSOlqP1LthvHxFQheAsgAA
.c0mpass-canada.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYJWIxLBgCoA8_rPpitcu4HRNZc18zYskEZ1aRu_8abmOBfxKHWkU1NLbwqfbhwLaLb11r-7elPZH5hDC1toyOIfmnj2PCtxqOda0DStQNGVtKQnN_wlaNNYQbjyvtBzH3mgkTZ_vrfczrHpiHxRAT9IZWRmkTJB2BrR8A8YwmOr8gAA
.c0mpass-canada.com/ Name: esctx-cKVrH1DPh0
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYV4-W3qP8Y_FfL178NFXu4mjfOISFPkI5fZV5lsZYK8zUTctY3IJJ0EA9RWYLJ5VOsYkXoXP1wb0unIFZ4eUfGa8WJFLLEsCMJcZUi2VHGpsa7sH5Yeb4d51NlWRjoT63rLz5vywHtm7-bIG3Vy6MoiAA
c0mpass-canada.com/ Name: fpc
Value: Apc6Nv5q2gpLhpJf-2caqFqerOTJAQAAAKvLad4OAAAA
c0mpass-canada.com/ Name: x-ms-gateway-slice
Value: estsfd
c0mpass-canada.com/ Name: stsservicecookie
Value: estsfd
.qrcreator.com/ Name: _ga_N6QDZ3M3R0
Value: GS1.1.1725420712.1.0.1725420715.57.0.0
.login.live.com/ Name: uaid
Value: 9de63217ac1e4bfa976d8c1aad935d19
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1725420716&co=1
.c0mpass-canada.com/ Name: brcap
Value: 0
outlook.office365.com/ Name: ClientId
Value: B0C22369D8074E0D956CB0DC77D9E1F8
outlook.office365.com/ Name: OIDC
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.google.com
api.eu.amplitude.com
api.qrcreator.com
aws.predictiveresponse.net
browser-intake-datadoghq.eu
c0mpass-canada.com
ct.pinterest.com
dev.visualwebsiteoptimizer.com
eu-west-1.protection.sophos.com
googleads.g.doubleclick.net
login.live.com
mivilles-inc.com
outlook.office365.com
s.pinimg.com
script.hotjar.com
sdk.privacy-center.org
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
www.google.ca
www.google.com
www.googletagmanager.com
www.qrcreator.com
mivilles-inc.com
108.138.106.49
108.138.128.57
142.93.3.56
151.101.128.84
151.101.64.84
18.164.96.46
18.238.55.57
184.72.233.230
2001:4860:4802:34::181
2600:141b:1c00:258c::1931
2600:1901:0:a9f9::
2600:9000:2510:7c00:5:b7cc:d3c0:93a1
2603:1036:302:4836::2
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c1b::54
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2003
2607:f8b0:4006:820::2004
2607:f8b0:4006:820::2008
3.171.139.34
34.96.102.137
40.126.24.148
52.58.95.131
03832a267dc287bae15550cf08ce02ba4975f2bc046a69954de3164d6d45c0b3
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0546920af7da4b34039bba880d74b22869e1452ccafcf17d73171678cb025305
0c891f2484e84362eba2809981019e013adf17090b19c89e4c554a3a40a3c38c
0cdf1e4b27f7420b0ad37ad1d6bac03f7470438bc8f49de10bcf1440dc4fd37b
0e3ced71562996372a28a103d7be474a03fe9336504902684f75736288eacd44
1372c77d2ee32d35a8e7198ff6cf48eca6368dce13ecd963f1c6a3083927a0eb
169a869295a361c5daf839908c92591bc1f621d0e18313e3df62b10f02ceed8a
1734eaeff062a2ac0e262065e4bf9561bda9f9be71f711084253d6a179b42965
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76
19dfa1b5efe3b3eab9a18c678726eb13b069f1fb93e1a8e020dae614fad840a7
1c3682fc4af01e05b3f031135bb64b5853eb1567f0fe0789c37586c8a7b6ff50
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d
2516ef9d75f7088bea081c0b2cf357d4e0055ca3a508972247346e5ee5828400
2b697a29902d214f76ed1379a7e8400f74c5ccd2ce65ac0dcf40282b1abd4725
2f00930889ead6fdc6b8c960eb7036438d03d9bbd1c0383da352323dac60bada
2fa72fced13a6162b417206824a13b6f8cf1a2511849b2826e85464c9ca8722d
31969c5cffe153b5ca017ed309a5a1465dbd26dc6c9b14777497bb4fc68b948e
32af08227d9633b7bdc6607437b8bc5172da1921f4b0477ab47777dace549d71
3b0594cf5de2a1291bce64f37913bf14bda23e6ea8da1e795355e9f2d9fdb6a6
3c7f20323710964940d5a559b845c63f649d850ebc9160b74d1f41e18da4230c
4302767b5baf1c4b09035f3b190a4d4d65297f3d4976099dad529793b04d881f
5250551d2d9f229c259cb32144ee2a7309b94b2eb3aa89e2334ff109d08f8cf5
54c799453c6f2cc895ca6b433513a87b131ad842d744bd298b1b13a7d1b86705
557ad5b6d651a51e7c87ddb0fa5ae75563a5026ac94b0cdcb8abacb095a569f9
56f856954149eda48b9400bbe4d3a0c82f914341d8467c96f26f2d8db73386ba
58fce6e79361b6d2dac4b512feced057da7cb194e7e4934462b63814d30ef317
5c48797b348dc9e0ccce432182f4c2df9e63287b92b9082ab988b935f7610f01
5f5fbee72883732799d75f6c08679ed8a6e769ae4f3afdcd3721103a481afa80
60369af2f9c5e5e101bb767ee56e936d04b303730452ec6400a43da5f0c1fcb5
6665ca6a09f770c6679556eb86cf4234c8bdb0271049620e03199b34b4a16099
6bfc898c19cebab1502460b71be9c6298f676a577babb81b47a51c4a79e36661
6fa7bd9c6fa88424c4447ed83af706b1ddf2635f42911c7387c9c157b243469c
703521ab1e2a14ba1f3741b0ac85dfe855c5bf8b80713a03779439c1a5cddc28
718e840434bceb45887dbdf9dd1bb7a95e2db819b2cf3d6659e82d7c78da2e4c
73e697091397e496520f9b2a559c65dff00cf428ea8c60867de362a8e1b3ce76
7b4c1980685c927d56f5bb8a6fbbffd1a8048a26d062e69ac00fe1846084e2c3
7eefa61ffba2957708b6c9d3f4c8aa4291f0393143cb3493dc197151cbe1bd66
7f109d16a66bbd1752a2faddbf7977bba517549a027e94f5a378c01f1ad8e224
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84fe93fcda78bba6cdc9aa368a97aeb4bfcb27bdcded6d8cb782f9c6a53516c2
85dd9d6c161fd316d57b200a7f2160aace3e7dcb94badbd8aa1e7d6b33e69ba3
87ac490416d78627d11bd117a3cb82a48af90c27ae6823e5931aa30a2cd3c6bf
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
8f24913d1a291d3db5e38db18ed1f838edfb896d5a7a0fed394e05ccde3b772b
8f9e832dc7179a0268828695c44a79786f54804941361e3a351f8ce630c033e4
90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1
98596c30750b7460bfc15af6c5b9108c9142904791c6ff541db1ace41c713cd3
9e40f7d16253e36397147643146e7a29fe30b0fb76bb42b7ea8adf64c60694d8
9f5338fadbc7e137ef12761eab77de2ab0609174cfa8776b90e83480ef0cabd9
a0890472f2ee8a1a4a062d9d4b0bd2424876272daa2d1c4b847b8d48f9a17e1b
a8982f7c2258599dc81a94e77b77fa447932cee915fb4050e1b5f412fcf300a4
af577597a662b081338f9304600581595a211134577158a8919a2e1bc4f7debf
af8ff58918bc1e620194122c3b9af8b82b0f6a75bac6ad0d5be8e1b9063cea6d
b0186111dd3ab7a13139df84e06df4e01bf5299dc1d8f9f4e8ced13c5b49b113
b084d50ded4ae88129ac66ac709a6af0323667a42138d91c7d1eed48419ac66e
b162cc2ea92838fdc22498929db1f664f0dd4a3b6b85ce54eae96f1340e747c8
b18c7dacbb8c2c273da7b5df569327e0c9c6a6218ec17acc6e2b53935921cb7c
b364e43845ccc8c66401e5a01f4ecae2f3c2d712ddf6d95462236c9d5ec060b9
bbe9e8116cf9705d8b226e22c6b556f74d0076754b5f820f150f8f3f4209cdf3
bee600615c319ed567b477fd1afb02ededf0139cf651253749934dca548d349d
c01601ea37573b30f7b8e187500db43b1ed699de20e4adf9289f1dc5a3e1aa2b
c172ae011a6dba5c46c1818a6dacc8ea4f6861e50f1d85218f9c43178aafa0b9
c641a29df8142d4cbeb3d3415ab754391901cb344da4a28f3752f28244ee9e20
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
ccfd4f57173324658bf4df266adf2d6a3784cd1cb921f6ebd4aae5acc620420f
d259df0d3cbb552429f4ebb5790b0b6c1cddc6c1ed3424e72023d664dff7484a
d4ea1a07b23257f411af4f8c20aa528d23c4dadbd4c81d5db454f5d82351adc4
d57815170b555601f1684e5ab21fe161e30f792e316a4ddf40aa24d27aeb6792
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
e17a4dc139f878962b48d3ab0c7852bc10f0dc7d5d35d2c17511109ac2f4ce3f
e2573dd2248bd4492ed4d1607c7a88a46889e71c0619560fe5f2a7ffef4b98b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898
e94c23bef17b0db42892158294b1f02fb1ef898a123a3c04a2492781902757b7
f5470ab8a798d3902504468b215018d8d4b0bc540636a44f8ce3b41617553839
fc0ca50558785b8e91cbebe06639805440f50dbb106f263c93ba4b5f67976de5