qcs.com.ec Open in urlscan Pro
50.87.170.207  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Loginfirst.php Show response qcs.com.ec/Anmeldung/	34 KB 11 KB	1930ms 1526ms	Document text/html	50.87.170.207 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.170.207 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2378.bluehost.com Software nginx/1.21.6 / Resource Hash 0f1e9ac63459a2426be7ccaceeab5a6212c5b51d46b37fbeff505631e0b1647e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 10653 content-type text/html; charset=UTF-8 date Mon, 16 Oct 2023 15:36:58 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== server nginx/1.21.6 vary Accept-Encoding x-server-cache false
GET H2	200	dkb-global.css qcs.com.ec/Anmeldung/DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking_files/	6 KB 2 KB	199ms 197ms	Stylesheet text/html	50.87.170.207 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://qcs.com.ec/Anmeldung/DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking_files/dkb-global.css Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.170.207 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2378.bluehost.com Software Apache / Resource Hash 4cdd2592ba0a951c70bc75f107ed5d5ad87a61c7c6e7996fc0be0cc55f560a06 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/Anmeldung/Loginfirst.php User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip server Apache host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 1935 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/	227 KB 33 KB	38ms 19ms	Stylesheet text/css	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/bootstrap.min.css Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://qcs.com.ec/ Origin https://qcs.com.ec accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3933606 x-jsd-version 5.3.1 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230044-FRA, cache-yyz4568-YYZ x-jsd-version-type version server cloudflare etag W/"38d97-sT73BUPXDB7H/dVqXrydfWQCOFE" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BlYTCn5Tp8nNJODDNkKu7snw1ZTO%2FFHtUPPD5qkNqA5cAm9QZUyIFwNJAW%2FMfv0VeG63Z1nSG0Gajb4Owq7NDt5YUJack2dbngb%2FtHUFEKXIVtNGvrIIurXATWhHKhFl4Y%2F91fwHGdKLHc3ZUZY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 817160f858ef2bf5-FRA
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	27ms 6ms	Script application/javascript	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 2668402 x-cache HIT, HIT content-length 30879 x-served-by cache-lga13628-LGA, cache-fra-eddf8230045-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1697470601.019145,VS0,VE0 etag W/"28feccc0-15d84" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 43, 558884
GET H2	200	popper.min.js Show response cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/	21 KB 8 KB	41ms 23ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 20415784 x-jsd-version 1.16.0 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra19144-FRA, cache-yyz4571-YYZ x-jsd-version-type version server cloudflare etag W/"5309-YvI45zNIx3656GVCan0bfeI8uy0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwvEMMYnpqKSMrF6NkKbY8DTqXYZHan4VrkELBYOj1emnA1wdRHlhWMjerhDKp%2BQ2r%2BMZPLDeWfnN7OJinQw15LdhUgUj0X1Ay42FVTtolCJh4TcCvbs2iTiBMY8VPUvg2ob6n9zTMc95dtPxcY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 817160f85ca635e2-FRA
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/	59 KB 16 KB	42ms 23ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 601, 718, 718 age 20221647 cdn-cachedat 2021-08-03 11:18:10 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:10 GMT server cloudflare cdn-requestpullcode 200 vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid b390e598751bb8ef0fbad6c818f3ae72 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 817160f858c4695d-FRA cdn-requestpullsuccess True
GET H2	200	arcotfpcollect.js.t%C3%A9l%C3%A9chargement Show response qcs.com.ec/Anmeldung/Je%20me%20connecte_files/	6 KB 2 KB	212ms 210ms	Script text/html	50.87.170.207 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/arcotfpcollect.js.t%C3%A9l%C3%A9chargement Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.170.207 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2378.bluehost.com Software Apache / Resource Hash 4cdd2592ba0a951c70bc75f107ed5d5ad87a61c7c6e7996fc0be0cc55f560a06 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/Anmeldung/Loginfirst.php User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip server Apache host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 1935 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	collectddna.js.t%C3%A9l%C3%A9chargement Show response qcs.com.ec/Anmeldung/Je%20me%20connecte_files/	6 KB 2 KB	203ms 201ms	Script text/html	50.87.170.207 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/collectddna.js.t%C3%A9l%C3%A9chargement Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.170.207 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2378.bluehost.com Software Apache / Resource Hash 4cdd2592ba0a951c70bc75f107ed5d5ad87a61c7c6e7996fc0be0cc55f560a06 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/Anmeldung/Loginfirst.php User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip server Apache host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 1935 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	proxyid.js.t%C3%A9l%C3%A9chargement Show response qcs.com.ec/Anmeldung/Je%20me%20connecte_files/	6 KB 2 KB	208ms 207ms	Script text/html	50.87.170.207 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/proxyid.js.t%C3%A9l%C3%A9chargement Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.170.207 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2378.bluehost.com Software Apache / Resource Hash 4cdd2592ba0a951c70bc75f107ed5d5ad87a61c7c6e7996fc0be0cc55f560a06 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/Anmeldung/Loginfirst.php User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip server Apache host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 1935 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	28459.js.t%C3%A9l%C3%A9chargement Show response qcs.com.ec/Anmeldung/Je%20me%20connecte_files/	6 KB 2 KB	207ms 206ms	Script text/html	50.87.170.207 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/28459.js.t%C3%A9l%C3%A9chargement Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.170.207 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2378.bluehost.com Software Apache / Resource Hash 4cdd2592ba0a951c70bc75f107ed5d5ad87a61c7c6e7996fc0be0cc55f560a06 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/Anmeldung/Loginfirst.php User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip server Apache host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 1935 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	0 qcs.com.ec/Anmeldung/Je%20me%20connecte_files/	6 KB 6 KB	281ms 280ms	Image text/html	50.87.170.207 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/0 Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.170.207 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2378.bluehost.com Software nginx/1.21.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/Anmeldung/Loginfirst.php User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:58 GMT content-encoding gzip server nginx/1.21.6 x-server-cache false vary Accept-Encoding content-type text/html; charset=UTF-8 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 1935
GET H2	200	dkb-global-print.css qcs.com.ec/Anmeldung/DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking_files/	6 KB 2 KB	190ms 189ms	Stylesheet text/html	50.87.170.207 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://qcs.com.ec/Anmeldung/DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking_files/dkb-global-print.css Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.170.207 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2378.bluehost.com Software Apache / Resource Hash 4cdd2592ba0a951c70bc75f107ed5d5ad87a61c7c6e7996fc0be0cc55f560a06 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/Anmeldung/Loginfirst.php User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip server Apache host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 1935 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	imgbac.jpg qcs.com.ec/Anmeldung/	14 KB 14 KB	183ms 183ms	Image image/jpeg	50.87.170.207 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://qcs.com.ec/Anmeldung/imgbac.jpg Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.170.207 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2378.bluehost.com Software Apache / Resource Hash a8acf454559e66f5d858a9fc8d0ecc1ec8d612a7af422bdeca50f5d4e1521cd3 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/Anmeldung/Loginfirst.php User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT last-modified Mon, 16 Oct 2023 12:07:45 GMT server Apache accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 14314 content-type image/jpeg
GET H2	200	saved_resource(1).html Show response qcs.com.ec/Anmeldung/Je%20me%20connecte_files/ Frame 0749	6 KB 2 KB	266ms 265ms	Document text/html	50.87.170.207 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(1).html Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.170.207 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2378.bluehost.com Software nginx/1.21.6 / Resource Hash 4cdd2592ba0a951c70bc75f107ed5d5ad87a61c7c6e7996fc0be0cc55f560a06 Request headers Referer https://qcs.com.ec/Anmeldung/Loginfirst.php Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 1935 content-type text/html; charset=UTF-8 date Mon, 16 Oct 2023 15:36:58 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== server nginx/1.21.6 vary Accept-Encoding x-server-cache false
GET H2	200	saved_resource(2).html Show response qcs.com.ec/Anmeldung/Je%20me%20connecte_files/ Frame F228	6 KB 2 KB	256ms 256ms	Document text/html	50.87.170.207 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(2).html Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.170.207 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2378.bluehost.com Software nginx/1.21.6 / Resource Hash 4cdd2592ba0a951c70bc75f107ed5d5ad87a61c7c6e7996fc0be0cc55f560a06 Request headers Referer https://qcs.com.ec/Anmeldung/Loginfirst.php Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 1935 content-type text/html; charset=UTF-8 date Mon, 16 Oct 2023 15:36:58 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== server nginx/1.21.6 vary Accept-Encoding x-server-cache false
GET H2	200	c7de60f8e486341024c609f38e44b314e04aab37.html Show response qcs.com.ec/Anmeldung/Je%20me%20connecte_files/ Frame C9F7	6 KB 2 KB	240ms 238ms	Document text/html	50.87.170.207 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/c7de60f8e486341024c609f38e44b314e04aab37.html Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Loginfirst.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.170.207 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2378.bluehost.com Software nginx/1.21.6 / Resource Hash 4cdd2592ba0a951c70bc75f107ed5d5ad87a61c7c6e7996fc0be0cc55f560a06 Request headers Referer https://qcs.com.ec/Anmeldung/Loginfirst.php Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 1935 content-type text/html; charset=UTF-8 date Mon, 16 Oct 2023 15:36:58 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== server nginx/1.21.6 vary Accept-Encoding x-server-cache false
GET H2	200	css2 fonts.googleapis.com/ Frame C9F7	815 B 467 B	41ms 17ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Tajawal&display=swap Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/c7de60f8e486341024c609f38e44b314e04aab37.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 508cc4fbd58c5604546b470b26cd1a36d9a553ecbc7b0830079f79d5407593ef Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 16 Oct 2023 15:36:41 GMT
GET H2	200	css fonts.googleapis.com/ Frame C9F7	5 KB 930 B	43ms 19ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Share+Tech+Mono|Rajdhani|Oswald:700|Iceland|PT+Sans&display=swap Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/c7de60f8e486341024c609f38e44b314e04aab37.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d547c11caf325ec7d1fa877dadaa75b9473e67429ca3afc135889a8f61fb6914 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 16 Oct 2023 15:36:41 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame C9F7	1 KB 502 B	42ms 18ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Rajdhani&display=swap Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/c7de60f8e486341024c609f38e44b314e04aab37.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 26119ca5a44bf1e6114452cec5643865db042c68ce484f2fef4ce1fb029aa1b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 16 Oct 2023 15:36:41 GMT
GET H2	200	DroidKufi-Bold.ttf d2wqffb2bc8st5.cloudfront.net/web/fonts/DroidKufi-Bold/ Frame C9F7	79 KB 80 KB	54ms 18ms	Stylesheet binary/octet-stream	2600:9000:223d:8600:17:dd2e:f640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2wqffb2bc8st5.cloudfront.net/web/fonts/DroidKufi-Bold/DroidKufi-Bold.ttf?family=kurdi Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/c7de60f8e486341024c609f38e44b314e04aab37.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:8600:17:dd2e:f640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9e55bbd33cd73b86d4fde58fa45f368e91be4865478414395f5e3881c883a80c Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 14:28:13 GMT via 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront) last-modified Mon, 02 Aug 2021 12:25:32 GMT server AmazonS3 x-amz-cf-pop FRA56-P3 age 4109 etag "1b89eb34f74a02c0681727faadf48466" access-control-allow-methods GET, POST content-type binary/octet-stream access-control-allow-origin * x-cache Hit from cloudfront accept-ranges bytes content-length 81220 x-amz-cf-id x_UtcKDBlx5plYzIrzFRNl6o5CPwps_wJMRH-i5tPePr7-SvojGeWg==
GET H2	200	droidarabickufi.css fonts.googleapis.com/earlyaccess/ Frame C9F7	1 KB 586 B	40ms 16ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/earlyaccess/droidarabickufi.css Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/c7de60f8e486341024c609f38e44b314e04aab37.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 16 Oct 2023 15:36:41 GMT
GET H2	200	image-processing20220427-1516-hf6b1d-copy.png i.ibb.co/0JQDzLF/ Frame C9F7	164 KB 164 KB	166ms 36ms	Image image/png	162.19.58.157 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/0JQDzLF/image-processing20220427-1516-hf6b1d-copy.png Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/c7de60f8e486341024c609f38e44b314e04aab37.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.157 , France, ASN16276 (OVH, FR), Reverse DNS ns3096589.ip-162-19-58.eu Software nginx / Resource Hash 183e021737575b991ec925f953e7264b4fb29f68ec283b67bb28bb8f2d1d8044 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT last-modified Mon, 09 Oct 2023 14:45:54 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 167543 expires Thu, 31 Dec 2037 23:55:55 GMT
GET		css fonts.googleapis.com/ Frame C9F7	0 0
GET H2	200	css2 fonts.googleapis.com/ Frame 0749	815 B 454 B	34ms 23ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Tajawal&display=swap Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(1).html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 508cc4fbd58c5604546b470b26cd1a36d9a553ecbc7b0830079f79d5407593ef Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 16 Oct 2023 15:36:41 GMT
GET H2	200	css fonts.googleapis.com/ Frame 0749	5 KB 930 B	31ms 20ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Share+Tech+Mono|Rajdhani|Oswald:700|Iceland|PT+Sans&display=swap Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(1).html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d547c11caf325ec7d1fa877dadaa75b9473e67429ca3afc135889a8f61fb6914 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 16 Oct 2023 15:36:41 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame 0749	1 KB 502 B	33ms 22ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Rajdhani&display=swap Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(1).html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 26119ca5a44bf1e6114452cec5643865db042c68ce484f2fef4ce1fb029aa1b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 16 Oct 2023 15:36:41 GMT
GET H2	200	DroidKufi-Bold.ttf d2wqffb2bc8st5.cloudfront.net/web/fonts/DroidKufi-Bold/ Frame 0749	79 KB 80 KB	31ms 8ms	Stylesheet binary/octet-stream	2600:9000:223d:8600:17:dd2e:f640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2wqffb2bc8st5.cloudfront.net/web/fonts/DroidKufi-Bold/DroidKufi-Bold.ttf?family=kurdi Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(1).html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:8600:17:dd2e:f640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9e55bbd33cd73b86d4fde58fa45f368e91be4865478414395f5e3881c883a80c Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 14:28:13 GMT via 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront) last-modified Mon, 02 Aug 2021 12:25:32 GMT server AmazonS3 x-amz-cf-pop FRA56-P3 age 4109 etag "1b89eb34f74a02c0681727faadf48466" access-control-allow-methods GET, POST content-type binary/octet-stream access-control-allow-origin * x-cache Hit from cloudfront accept-ranges bytes content-length 81220 x-amz-cf-id reBd-txthHBRuXCjro8r7yfYqUe1o6npSOT1Uq-VkZC6mnhWM_rTmw==
GET H2	200	droidarabickufi.css fonts.googleapis.com/earlyaccess/ Frame 0749	1 KB 364 B	33ms 23ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/earlyaccess/droidarabickufi.css Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(1).html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 16 Oct 2023 15:36:41 GMT
GET H2	200	image-processing20220427-1516-hf6b1d-copy.png i.ibb.co/0JQDzLF/ Frame 0749	164 KB 164 KB	152ms 35ms	Image image/png	162.19.58.157 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/0JQDzLF/image-processing20220427-1516-hf6b1d-copy.png Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(1).html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.157 , France, ASN16276 (OVH, FR), Reverse DNS ns3096589.ip-162-19-58.eu Software nginx / Resource Hash 183e021737575b991ec925f953e7264b4fb29f68ec283b67bb28bb8f2d1d8044 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT last-modified Mon, 09 Oct 2023 14:45:54 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 167543 expires Thu, 31 Dec 2037 23:55:55 GMT
GET		css fonts.googleapis.com/ Frame 0749	0 0
GET H2	200	css2 fonts.googleapis.com/ Frame F228	815 B 454 B	25ms 17ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Tajawal&display=swap Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(2).html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 508cc4fbd58c5604546b470b26cd1a36d9a553ecbc7b0830079f79d5407593ef Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 16 Oct 2023 15:36:41 GMT
GET H2	200	css fonts.googleapis.com/ Frame F228	5 KB 930 B	35ms 28ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Share+Tech+Mono|Rajdhani|Oswald:700|Iceland|PT+Sans&display=swap Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(2).html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d547c11caf325ec7d1fa877dadaa75b9473e67429ca3afc135889a8f61fb6914 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 16 Oct 2023 15:36:41 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame F228	1 KB 502 B	34ms 27ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Rajdhani&display=swap Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(2).html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 26119ca5a44bf1e6114452cec5643865db042c68ce484f2fef4ce1fb029aa1b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 16 Oct 2023 15:36:41 GMT
GET H2	200	DroidKufi-Bold.ttf d2wqffb2bc8st5.cloudfront.net/web/fonts/DroidKufi-Bold/ Frame F228	79 KB 80 KB	40ms 22ms	Stylesheet binary/octet-stream	2600:9000:223d:8600:17:dd2e:f640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2wqffb2bc8st5.cloudfront.net/web/fonts/DroidKufi-Bold/DroidKufi-Bold.ttf?family=kurdi Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(2).html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:8600:17:dd2e:f640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9e55bbd33cd73b86d4fde58fa45f368e91be4865478414395f5e3881c883a80c Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 14:28:13 GMT via 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront) last-modified Mon, 02 Aug 2021 12:25:32 GMT server AmazonS3 x-amz-cf-pop FRA56-P3 age 4109 etag "1b89eb34f74a02c0681727faadf48466" access-control-allow-methods GET, POST content-type binary/octet-stream access-control-allow-origin * x-cache Hit from cloudfront accept-ranges bytes content-length 81220 x-amz-cf-id aMzbTVRW4WlvMK8Zfz_MrditsnVQNLI1wzeZrecu5pDglTK9r88u0A==
GET H2	200	droidarabickufi.css fonts.googleapis.com/earlyaccess/ Frame F228	1 KB 364 B	30ms 24ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/earlyaccess/droidarabickufi.css Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(2).html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 16 Oct 2023 15:36:41 GMT
GET H2	200	image-processing20220427-1516-hf6b1d-copy.png i.ibb.co/0JQDzLF/ Frame F228	164 KB 164 KB	148ms 35ms	Image image/png	162.19.58.157 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/0JQDzLF/image-processing20220427-1516-hf6b1d-copy.png Requested by Host: qcs.com.ec URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(2).html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.157 , France, ASN16276 (OVH, FR), Reverse DNS ns3096589.ip-162-19-58.eu Software nginx / Resource Hash 183e021737575b991ec925f953e7264b4fb29f68ec283b67bb28bb8f2d1d8044 Request headers accept-language de-DE,de;q=0.9 Referer https://qcs.com.ec/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 16 Oct 2023 15:36:41 GMT last-modified Mon, 09 Oct 2023 14:45:54 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 167543 expires Thu, 31 Dec 2037 23:55:55 GMT
GET		css fonts.googleapis.com/ Frame F228	0 0
GET H2	200	rax9HiuFsdMNOnWPaKtMARJYk0o.woff2 fonts.gstatic.com/s/iceland/v20/ Frame F228	5 KB 6 KB	34ms 9ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/iceland/v20/rax9HiuFsdMNOnWPaKtMARJYk0o.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Share+Tech+Mono|Rajdhani|Oswald:700|Iceland|PT+Sans&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7fe173c45ec9677e60646730ceeb3522f56101dd39d389020fd46da66972c1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://qcs.com.ec accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 13 Oct 2023 18:31:47 GMT x-content-type-options nosniff age 248694 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5444 x-xss-protection 0 last-modified Thu, 24 Aug 2023 17:22:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Oct 2024 18:31:47 GMT
GET H2	200	LDIxapCSOBg7S-QT7p4HM-aGW-rO.woff2 fonts.gstatic.com/s/rajdhani/v15/ Frame F228	9 KB 9 KB	26ms 10ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rajdhani/v15/LDIxapCSOBg7S-QT7p4HM-aGW-rO.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Share+Tech+Mono|Rajdhani|Oswald:700|Iceland|PT+Sans&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b07ee7f36fb0631c97fd51d711f50f0dd004034851948494a168b51f49c8502e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://qcs.com.ec accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 12 Oct 2023 21:45:51 GMT x-content-type-options nosniff age 323450 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8952 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:32:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Oct 2024 21:45:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fonts.googleapis.com

URL

http://fonts.googleapis.com/css?family=Averia+Sans+Libre

Domain

fonts.googleapis.com

URL

http://fonts.googleapis.com/css?family=Averia+Sans+Libre

Domain

fonts.googleapis.com

URL

http://fonts.googleapis.com/css?family=Averia+Sans+Libre

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DKB (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery function| Popper object| bootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/c7de60f8e486341024c609f38e44b314e04aab37.html(Line 38) Message: Mixed Content: The page at 'https://qcs.com.ec/Anmeldung/Loginfirst.php' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Averia+Sans+Libre'. This request has been blocked; the content must be served over HTTPS.
rendering	warning	URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/c7de60f8e486341024c609f38e44b314e04aab37.html(Line 48) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
security	error	URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(1).html(Line 38) Message: Mixed Content: The page at 'https://qcs.com.ec/Anmeldung/Loginfirst.php' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Averia+Sans+Libre'. This request has been blocked; the content must be served over HTTPS.
rendering	warning	URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(1).html(Line 48) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
security	error	URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(2).html(Line 38) Message: Mixed Content: The page at 'https://qcs.com.ec/Anmeldung/Loginfirst.php' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Averia+Sans+Libre'. This request has been blocked; the content must be served over HTTPS.
rendering	warning	URL: https://qcs.com.ec/Anmeldung/Je%20me%20connecte_files/saved_resource(2).html(Line 48) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
d2wqffb2bc8st5.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
qcs.com.ec
stackpath.bootstrapcdn.com
fonts.googleapis.com
162.19.58.157
2600:9000:223d:8600:17:dd2e:f640:93a1
2606:4700::6810:5514
2606:4700::6812:bcf
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2003
2a04:4e42:200::649
50.87.170.207
06eb9b648fd1429d0cef25265009259c35f053a76118194b4073c98e161812be
0f1e9ac63459a2426be7ccaceeab5a6212c5b51d46b37fbeff505631e0b1647e
183e021737575b991ec925f953e7264b4fb29f68ec283b67bb28bb8f2d1d8044
26119ca5a44bf1e6114452cec5643865db042c68ce484f2fef4ce1fb029aa1b4
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
4cdd2592ba0a951c70bc75f107ed5d5ad87a61c7c6e7996fc0be0cc55f560a06
508cc4fbd58c5604546b470b26cd1a36d9a553ecbc7b0830079f79d5407593ef
9e55bbd33cd73b86d4fde58fa45f368e91be4865478414395f5e3881c883a80c
a8acf454559e66f5d858a9fc8d0ecc1ec8d612a7af422bdeca50f5d4e1521cd3
b07ee7f36fb0631c97fd51d711f50f0dd004034851948494a168b51f49c8502e
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
d547c11caf325ec7d1fa877dadaa75b9473e67429ca3afc135889a8f61fb6914
d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f7fe173c45ec9677e60646730ceeb3522f56101dd39d389020fd46da66972c1d