get-qr.com Open in urlscan Pro
2606:4700:20::ac43:49ae Public Scan

Go To Rescan
Add Verdict Report

URL:
https://get-qr.com/rMOeUp
Submission: On October 19 via manual (October 19th 2024, 3:28:16 am UTC) from PH — Scanned from DE

Summary HTTP 29 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 7 domains to perform 29 HTTP transactions. The main IP is 2606:4700:20::ac43:49ae, located in United States and belongs to CLOUDFLARENET, US. The main domain is get-qr.com. The Cisco Umbrella rank of the primary domain is 601229.
TLS certificate: Issued by WE1 on September 23rd 2024. Valid for: 3 months.

This is the only time get-qr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:20:... 2606:4700:20::ac43:49ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.85.19.25 95.85.19.25	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
12	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	172.67.73.174 172.67.73.174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
29	11

2 2606:4700:20::ac43:49ae (United States)

ASN13335 (CLOUDFLARENET, US)

get-qr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.85.19.25 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

geo.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.73.174 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

get-qr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	274 KB
8	get-qr.com 1 redirects get-qr.com — Cisco Umbrella Rank: 601229	83 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	97 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	1 KB
1	cookie-script.com geo.cookie-script.com — Cisco Umbrella Rank: 31152	22 KB
29	7

	Domain	Requested by
12	pagead2.googlesyndication.com	get-qr.com pagead2.googlesyndication.com
8	get-qr.com	1 redirects get-qr.com static.cloudflareinsights.com
3	region1.google-analytics.com	www.googletagmanager.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	static.cloudflareinsights.com	get-qr.com
1	www.googletagmanager.com	get-qr.com
1	cdnjs.cloudflare.com	get-qr.com
1	geo.cookie-script.com	get-qr.com
29	8

This site contains links to these domains. Also see Links.

Domain
docs.google.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
get-qr.com WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-17` - `2025-08-17`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://get-qr.com/rMOeUp
Frame ID: 8A8200D32D46D68D7DC948EA4A989AE1
Requests: 19 HTTP requests in this frame

Frame: https://get-qr.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: DD0B3AA72A8F991EE09673B1D364C593
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: 2DF86E9BC16CF1B5F9A5AF7D1305299E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3279640482765630&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729308491&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x540_l%7C188x540_r&format=0x0&url=https%3A%2F%2Fget-qr.com%2FrMOeUp&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&itsi=-1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729308491572&bpp=6&bdt=892&idt=262&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=3495831437328&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759842%2C31088131%2C95331833%2C95344189%2C31087608&oid=2&pvsid=975792612275168&tmod=1324990785&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=284
Frame ID: 2C7711423DF579103A14F9A7A0669CA5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3279640482765630&output=html&h=280&slotname=1730852512&adk=401481695&adf=123491214&pi=t.ma~as.1730852512&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1729308491&rafmt=1&format=1200x280&url=https%3A%2F%2Fget-qr.com%2FrMOeUp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729308491578&bpp=2&bdt=898&idt=301&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3495831437328&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759842%2C31088131%2C95331833%2C95344189%2C31087608&oid=2&pvsid=975792612275168&tmod=1324990785&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=308
Frame ID: 12C73298EB58482E664D62A9A5279C3E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3279640482765630&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1729308492&rafmt=1&to=qs&pwprc=5388466346&format=1200x280&url=https%3A%2F%2Fget-qr.com%2FrMOeUp&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729308492397&bpp=1&bdt=1716&idt=-M&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=3495831437328&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759842%2C31088131%2C95331833%2C95344189%2C31087608&oid=2&pvsid=975792612275168&tmod=1324990785&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Frame ID: 0AA6A2562A8256FEC223B0CF66F7668B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3279640482765630&output=html&h=280&adk=3088186576&adf=3476139620&pi=t.aa~a.2243947852~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1729308492&rafmt=1&to=qs&pwprc=5388466346&format=1200x280&url=https%3A%2F%2Fget-qr.com%2FrMOeUp&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729308492397&bpp=1&bdt=1716&idt=-M&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=3495831437328&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759842%2C31088131%2C95331833%2C95344189%2C31087608&oid=2&pvsid=975792612275168&tmod=1324990785&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Frame ID: 928A35E254DC784760E60D18E48E0B5B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3279640482765630&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1729308492&rafmt=1&to=qs&pwprc=5388466346&format=1200x280&url=https%3A%2F%2Fget-qr.com%2FrMOeUp&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729308492397&bpp=1&bdt=1717&idt=0&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=4&correlator=3495831437328&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4137&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759842%2C31088131%2C95331833%2C95344189%2C31087608&oid=2&pvsid=975792612275168&tmod=1324990785&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=12
Frame ID: AA1AC90A057E2296B8D48F0AD1A87A5E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: 3E9FE784E5CBA11EF61335A4E5DB0C19
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 121B88C0383EBF651421CB156D37705F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GET-QR Scan QR Code link

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

29
Requests

93 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

11
IPs

4
Countries

484 kB
Transfer

1492 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.google.com/forms/d/e/1FAIpQLSeMTAmJXNh25LDrdEdeJr75dMT1Fi3PmPjC1RcKl5Jfc8yonw/viewform
Title: QR-Code öffnen

Search URL Search Domain Scan URL

URL: https://www.facebook.com/getqrcompany
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/get_qr_company
Title: Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://get-qr.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://get-qr.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request rMOeUp Show response
get-qr.com/ 17 KB
7 KB 370ms
82ms Document
text/html 2606:4700:20::ac43:49ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get-qr.com/rMOeUp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02fdd99518023091040db8e5f4be903c89942116f1ee5e518e8d9e1245d414ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8d4dad323b1e65bf-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 19 Oct 2024 03:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fHd68L%2FNTm%2BSNM0p%2B94DECPVZI00w%2FMS4L9JUexHBR3C9qOda0HufvzboSMjQTOmJ64CExN7uhoWLhTa8kJyfzfJTt6nm8Sr9KoPA26TP8HFWLDNyQrEsIV0RKcaIFHURFQon6VRiFs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin
x-content-type-options: nosniff

GET
H2 200 29213d0351f6b6e988ad211ff1e3d87f.js Show response
geo.cookie-script.com/s/ 149 KB
22 KB 179ms
58ms Script
application/javascript 95.85.19.25
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.cookie-script.com/s/29213d0351f6b6e988ad211ff1e3d87f.js?country=us-br-mh-ch-gb&region=eu
Requested by: Host: get-qr.com
URL: https://get-qr.com/rMOeUp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.85.19.25 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e62e82ce49877556ca9850e133141e432652a138cee6f717654f1f5693b737eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://get-qr.com/

Response headers

x-cache-status: HIT
access-control-allow-origin: *
content-encoding: gzip
date: Sat, 19 Oct 2024 03:28:10 GMT
content-type: application/javascript
last-modified: Fri, 18 Oct 2024 13:59:49 GMT

GET
H3 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ 2 KB
1 KB 155ms
55ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.min.css

Requested by

Host: get-qr.com
URL: https://get-qr.com/rMOeUp

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://get-qr.com
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03f2b-745"
age: 711301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h15IDwrfTQ36ytyzyV1iHoGyhUlqCKIgdYl2v7rKbwutXXmJu1d3I3A%2F8OlxPjKXTBdghSpUoKPc01%2BBY3cok36qRHoWjMJRfBKe%2FdNP%2Fp6XnGmDr6qQOjxjp4HVquK038sPdNj%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 03:28:10 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 19 Oct 2024 03:28:10 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:13:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d4dad339e0b5c02-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 633
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
97 KB 630ms
56ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HCCL8ZXPEM

Requested by

Host: get-qr.com
URL: https://get-qr.com/rMOeUp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47d697ad0fd730ff82d8e3dea4f392c2ab4e637ec75af451e39adc038d8b1707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://get-qr.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 19 Oct 2024 03:28:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 03:28:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98167
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
52 KB 627ms
57ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3279640482765630

Requested by

Host: get-qr.com
URL: https://get-qr.com/rMOeUp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5081b4760eddd4d6d7d2ad867c0d7543c6d244436149d3f7cb1ca3151e4c66e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://get-qr.com
Referer: https://get-qr.com/

Response headers

content-encoding: br
etag: 8836400181845784494
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 03:28:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 19 Oct 2024 03:28:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53274
x-xss-protection: 0
server: cafe

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 624ms
53ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: get-qr.com
URL: https://get-qr.com/rMOeUp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://get-qr.com
Referer: https://get-qr.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8d4dad37986a085c-FRA
access-control-allow-origin: *
date: Sat, 19 Oct 2024 03:28:11 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 201 rMOeUp
get-qr.com/api/statistics/ 0
381 B 58ms
57ms Ping
text/plain 2606:4700:20::ac43:49ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get-qr.com/api/statistics/rMOeUp

Requested by

Host: get-qr.com
URL: https://get-qr.com/rMOeUp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://get-qr.com/rMOeUp

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U7rVOIhypLjBALgbn22%2FYwCLczxQDcN3T1202tn4btrVzvRPSTGLHWVl1g3dkbXZjHhxUhe%2BhDlyp3XJVYLE5Ikd6uJGqJkNhh8x5Wnk4T%2FdbGZeeva%2FX7vWnkB4PraUa0EWfNtWaW0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 19 Oct 2024 03:28:10 GMT
vary: Origin
strict-transport-security: max-age=15552000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-ratelimit-reset: 60
referrer-policy: strict-origin-when-cross-origin
x-ratelimit-remaining: 99
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8d4dad33abff65bf-FRA
access-control-allow-origin: https://get-qr.com
content-length: 0
x-ratelimit-limit: 100
server: cloudflare

GET
H3 200 scan-link.png
get-qr.com/img/ 64 KB
65 KB 227ms
227ms Image
image/png 172.67.73.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get-qr.com/img/scan-link.png

Requested by

Host: get-qr.com
URL: https://get-qr.com/rMOeUp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df081ace6455788b74bb619260238fdb7a10edb5bb8051bb8a0ccdb72635bc54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://get-qr.com/rMOeUp

Response headers

cf-cache-status: EXPIRED
etag: W/"ff1d-191ff2e63e0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wmRGHHxlDdWjSO4Dt2Ole0xVhqHkRdLD3PTg85MlMlClln77IMWFEPWpHWUY0eEEvmm5nu7G4V50D6Af2d22YZAar5TrB2yvWgmvXNEslG9LfWieQXr7dQMxR%2Bs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 19 Oct 2024 03:28:11 GMT
content-type: image/png
last-modified: Tue, 17 Sep 2024 08:51:56 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d4dad349d17d22a-FRA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
accept-ranges: bytes
content-length: 65309
server: cloudflare

GET
H3

200

main.js Show response
get-qr.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame DD0B
Redirect Chain

https://get-qr.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://get-qr.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

8 KB
4 KB

56ms
55ms

Script
application/javascript

172.67.73.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get-qr.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

Requested by

Host: get-qr.com
URL: https://get-qr.com/rMOeUp

Protocol

Server

172.67.73.174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c057ad6ae185bec313682cb3a1d317af65ea22b540efe5c646d504e4f788026

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qZXihi66hNR6B9QCyOLJp9sVCs%2Fd5%2BFSTCkRoDLCvPca8xFALaQE3pu%2BpI9Hiexio4p5WQsd6t06R000vBWzPl7emE6mcw3kkj5d%2FcGgmslQJTO13NzeNEilMso%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d4dad3849e6d22a-FRA
alt-svc: h3=":443"; ma=86400
date: Sat, 19 Oct 2024 03:28:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AfYCAnkQx4NsMQcJVyDzsyUIlifiAM8zSJS66mvY7GCaP8LZpb6wyou3I7Dj%2Bg5LzMSqDs4kMBc4ZfFh33lfAAd0yxpJQgeCORuXhZbMIjPBrqDCmlSfC%2Ffj2A8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d4dad37f97ad22a-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 19 Oct 2024 03:28:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/ 432 KB
144 KB 154ms
66ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3279640482765630&plah=get-qr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3279640482765630

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

80eaa6308a288256a1ec11c5e733594850e4988a1e5e55427096c77577526417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://get-qr.com/

Response headers

content-encoding: br
etag: 464247361049747795
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 03:28:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 19 Oct 2024 03:28:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147166
x-xss-protection: 0
server: cafe

POST
H3 200 8d4dad323b1e65bf Show response
get-qr.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame DD0B 0
965 B 54ms
47ms XHR
text/plain 172.67.73.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get-qr.com/cdn-cgi/challenge-platform/h/b/jsd/r/8d4dad323b1e65bf

Requested by

Host: get-qr.com
URL: https://get-qr.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O8QHM94VrSj0fUszzBieFLCFtFq8EmVaBTAI2Y2W%2BxVLXgYLygzIoxv9C%2B4gyEK92ajcF7RwWlVPcf3TNR8Eq6pW%2FJWHKq2sB3f1ldK7MhnkB%2FwVLh1APHTHhvA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d4dad39abbfd22a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 19 Oct 2024 03:28:11 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/ Frame 2DF8 0
0 119ms
40ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3279640482765630&plah=get-qr.com

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get-qr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 41271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Oct 2024 16:00:20 GMT
etag: 13108003645644964576
expires: Fri, 01 Nov 2024 16:00:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 2C77 0
0 434ms
370ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3279640482765630&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729308491&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x540_l%7C188x540_r&format=0x0&url=https%3A%2F%2Fget-qr.com%2FrMOeUp&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&itsi=-1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729308491572&bpp=6&bdt=892&idt=262&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=3495831437328&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759842%2C31088131%2C95331833%2C95344189%2C31087608&oid=2&pvsid=975792612275168&tmod=1324990785&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=284

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get-qr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 50308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Oct 2024 03:28:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 12C7 0
0 380ms
342ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3279640482765630&output=html&h=280&slotname=1730852512&adk=401481695&adf=123491214&pi=t.ma~as.1730852512&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1729308491&rafmt=1&format=1200x280&url=https%3A%2F%2Fget-qr.com%2FrMOeUp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729308491578&bpp=2&bdt=898&idt=301&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3495831437328&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759842%2C31088131%2C95331833%2C95344189%2C31087608&oid=2&pvsid=975792612275168&tmod=1324990785&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=308

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get-qr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 44884
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Oct 2024 03:28:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 200ms
47ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HCCL8ZXPEM&gtm=45je4ah0v895876204za200&_p=1729308490856&gcs=G100&gcd=13p3pPl2l5l1&npa=1&dma_cps=-&dma=1&tag_exp=101529666~101686685&cid=1571555758.1729308492&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1729308491&sct=1&seg=0&dl=https%3A%2F%2Fget-qr.com%2FrMOeUp&dt=GET-QR%20Scan%20QR%20Code%20link&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1824
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HCCL8ZXPEM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://get-qr.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://get-qr.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 03:28:12 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/ 177 KB
59 KB 60ms
58ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5940aa7e129028597c1667094309ec44179dbab52a517b54b9a13da420fd4364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://get-qr.com/

Response headers

content-encoding: br
etag: 14999336473230686004
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 03:28:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 19 Oct 2024 03:28:12 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 60543
x-xss-protection: 0
server: cafe

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 0AA6 0
0 213ms
210ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3279640482765630&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1729308492&rafmt=1&to=qs&pwprc=5388466346&format=1200x280&url=https%3A%2F%2Fget-qr.com%2FrMOeUp&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729308492397&bpp=1&bdt=1716&idt=-M&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=3495831437328&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759842%2C31088131%2C95331833%2C95344189%2C31087608&oid=2&pvsid=975792612275168&tmod=1324990785&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get-qr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Oct 2024 03:28:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 928A 0
0 322ms
316ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3279640482765630&output=html&h=280&adk=3088186576&adf=3476139620&pi=t.aa~a.2243947852~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1729308492&rafmt=1&to=qs&pwprc=5388466346&format=1200x280&url=https%3A%2F%2Fget-qr.com%2FrMOeUp&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729308492397&bpp=1&bdt=1716&idt=-M&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=3495831437328&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759842%2C31088131%2C95331833%2C95344189%2C31087608&oid=2&pvsid=975792612275168&tmod=1324990785&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get-qr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 304
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Oct 2024 03:28:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame AA1A 0
0 300ms
299ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3279640482765630&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1729308492&rafmt=1&to=qs&pwprc=5388466346&format=1200x280&url=https%3A%2F%2Fget-qr.com%2FrMOeUp&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729308492397&bpp=1&bdt=1717&idt=0&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=4&correlator=3495831437328&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4137&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759842%2C31088131%2C95331833%2C95344189%2C31087608&oid=2&pvsid=975792612275168&tmod=1324990785&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get-qr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Oct 2024 03:28:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/ Frame 3E9F 0
0 0ms
0ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get-qr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 41271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Oct 2024 16:00:20 GMT
etag: 13108003645644964576
expires: Fri, 01 Nov 2024 16:00:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 49ms
48ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HCCL8ZXPEM&gtm=45je4ah0v895876204za200&_p=1729308490856&gcs=G100&gcd=13p3pPl2l5l1&npa=1&dma_cps=-&dma=1&tag_exp=101529666~101686685&cid=1571555758.1729308492&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=2&sid=1729308491&sct=1&seg=0&dl=https%3A%2F%2Fget-qr.com%2FrMOeUp&dt=GET-QR%20Scan%20QR%20Code%20link&en=scan_code&_ee=1&ep.contentType=link&ep.ads=true&_et=3&tfd=2238
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HCCL8ZXPEM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://get-qr.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://get-qr.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 03:28:12 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 90ms
90ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241014&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b0a8dd6e5bbdfd853556f9ead1862346e636c0cb7b34ac831ce2f0936e9ff8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://get-qr.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12939
date: Sat, 19 Oct 2024 03:28:12 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 51ms
50ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HCCL8ZXPEM&gtm=45je4ah0v895876204za200&_p=1729308490856&gcs=G100&gcd=13p3pPl2l5l1&npa=1&dma_cps=-&dma=1&tag_exp=101529666~101686685&gdid=dMmY1Mm&cid=1571555758.1729308492&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=AEI&sid=1729308491&sct=1&seg=0&dl=https%3A%2F%2Fget-qr.com%2FrMOeUp&dt=GET-QR%20Scan%20QR%20Code%20link&_s=3&tfd=2527
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HCCL8ZXPEM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://get-qr.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://get-qr.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 03:28:12 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 rum Show response
get-qr.com/cdn-cgi/ 0
137 B 84ms
43ms XHR
text/plain 172.67.73.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get-qr.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://get-qr.com/rMOeUp

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8d4dad407c74d22a-FRA
access-control-allow-origin: https://get-qr.com
date: Sat, 19 Oct 2024 03:28:12 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 favicon.ico
get-qr.com/ 162 KB
6 KB 62ms
59ms Other
image/x-icon 172.67.73.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get-qr.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7102fbf34f50ee9e859ad732c2a2baa3889900f7d53790f84f43ea1307d52260

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://get-qr.com/rMOeUp

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: W/"2871e-186089960f8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fISU07HNFvvg0aNEVVjOMDg34Q271nrrS5RYqJ%2FWwf9LfVoabMSYfA0if%2FzvipNZW5p9FWhzn0VY3wnPsPw3El%2BVVzeWA3DCKqRHGnlh9I285A4l90C1MJarSY4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 19 Oct 2024 03:28:12 GMT
content-type: image/x-icon
last-modified: Tue, 31 Jan 2023 16:11:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d4dad40bca9d22a-FRA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
server: cloudflare

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 139ms
50ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://get-qr.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 03:28:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 03:28:13 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 121B 0
0 40ms
39ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get-qr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Oct 2024 02:40:18 GMT
expires: Sat, 19 Oct 2024 03:30:18 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
46ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-3279640482765630&su=get-qr.com&eid=95343853%2C44759875%2C44759926%2C44759842%2C31088131%2C95331833%2C95344189%2C31087608&doc=complete&pg_h=3691&pg_w=1600&pg_hs=3691&c=1&aa_c=0&av_h=280&av_w=1600&av_a=448000&b=3097.500&all_b=3097.500&d=0.076&all_d=0.076&ard=0.076&all_ard=0.076&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://get-qr.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 19 Oct 2024 03:28:13 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241014&jk=975792612275168&bg=!OTqlOnXNAAaUWUsktFk7ADQBe5WfOFOXrIVS6VtCzzzcN8x5x-vtmD11Rx47g_ZMZBloxdRYO6bnQscb9Rp0mFLo1MNoAgAAAG9SAAAABGgBB34ANnvqAgoNCJjnPjiYF0TLIpb5DMecrxBQr3oofOlPhAMih5EFkgg3R6lHJcYumM95M-F7p2o4WgoAsMhr5HyLMx6XaIRUX51mmxRL64GBcwkeTCqYEa9JitsNk-jze_GDkrq3SQ45zBh2RqCmaSut3-IW6RaQ2LDSk-tSYt3DpiXfuloZ7h2Dvu07v3gsU3egccc8IQq4JbbWHDhvUG4wqIypxaGwUNVnvGgZAnb1s42lC6U2r8OO2PQ4LWWoMnJ6dlAXzVDODm4CCjQ6loBFQNcT06zuyPTnSknrTaVvW4BmzpG4FiiuQd6MmQKNSrzImXfZ3MK6TA4LI8n4LZRM_o0WL9Vdb0SVE4LVC72vXQ0-J_09zoiQXatbKwA7f6sjZ4s5-8iOWWQEqg6K6VVDPBlzhgmIG1aLXciI23hPhu-FOnd-gfYqHeMSg--5sNKbEGXf_rwZB0w0IE6SkdvRUkJ6QjA1DYbbHua3JDscr6l_sPTjAZ6NloepseWoYJEvDFJtWJj1I-1v0lsJ3eISK5-xgoYMnaDsnLRgjh5vxVUb4o6vPu-PuvMZ7OfKmDftU_b8lyiZsPQWjID3vyzy0LM6qzk0Lo5G52B8Jc_jldjHJi-6GHI_8Mwt5mOYkxuCCaQEy6ASpAFXXmshqlLXoIAbooWbJZBkJ8pW4g4xcemHi-E_xQYhneLCTUOPn9p-1_1w3W92ZVeZTTeguPsqIjkli7pDUrFYnWS6aTQNDF5tvPI0huUDahlDFJU_0bij3wtXa4q2vC40KXERUBDlKekXz7nlo8bA2_gAHQ40poA3rC12UJJORE8g1vlTyuFgylZY6uFCCSZ_lJJqUnEgPe4-P3xv8tdzi_-apO-wR2t8Cs989f2rIMu46K6lvgeyFO9Vi7ZLfMPrBC3Ux_eAeseRd1fVURMhLCkcilWjj-u9ApgF8s-eLHWG1Per7ibPkJePGoE4qli8XcjDCExUBfRtTvSUgBC3MGnqy7ggM-jh50RAPuDIG2LEwbg8EoRTTkRK0Enr2hyCtb8uYGU5xwk2rZIVVq4pDaXwClkTW1ihhdf3EDkJNUHc31g5lFJkCDvJbKAEZ8Pa625pEkSnqfc162U2pbjHtNkEYqnFF6-EZ4qX9oLjuuJIzrfU96KvYrLXjWToyLj7F23ftcqvvl5Y1K9uc5E1wD0

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
get-qr.com/	1970-01-21 09:07:24	Name: scanedQrs Value: rMOeUp
.get-qr.com/	1970-01-21 09:07:24	Name: cf_clearance Value: gZnxu5xbhkRG5fg7GHVqM3tUA.6kw1DlNtLUVciMinY-1729308491-1.2.1.1-aGEVh0F87YoyHaHDoBF4fazCo0gDlmsPF7UdQ6UY8L1zteivAkhkEwPxHi.BYwp.qFfVNjNiHq9vOFvbW7rlEP90_gIb0ww_Kf74LaSmhMRiuFtGQwAZLPqIG4ZTfjEHabVfpA8YDxhZ.Ky3IviHEhIVqCg96_W6nLMnqWGjtfj_.ehLpSIxm1u9O4ZKCn8SMw1nCvxoiN.X_1HeRG8I2iDydXVEA4oaYe6Seip5H5wbj8mH0Lr95iNHBi3f2Ux2.KYQkj7oqGFq2YL0mBBVEkRm0pr4k7Zaq5GU2z47h07tMCI2WAKpvdlj2YlkIY2DUbwFYo6x87c1WB7JsBRRQD1Fk8UOvuVS3tG.3UyoFygHp7iFm1QPNS.f9cnul0au
.get-qr.com/	1970-01-21 04:41:00	Name: __eoi Value: ID=e8eeb752bf3e774b:T=1729308491:RT=1729308491:S=AA-Afjbim30FM2wjssIoeQXt3eji
get-qr.com/	1970-01-21 09:00:12	Name: CookieScriptConsent Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","ad_personalization":"targeting","ad_user_data":"targeting","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"},"bannershown":1}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
geo.cookie-script.com
get-qr.com
pagead2.googlesyndication.com
region1.google-analytics.com
static.cloudflareinsights.com
tpc.googlesyndication.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.17.25.14
142.250.185.226
172.67.73.174
2001:4860:4802:34::36
216.239.32.36
2606:4700:20::ac43:49ae
2606:4700::6810:4f49
2a00:1450:4001:80e::2001
2a00:1450:4001:827::2008
95.85.19.25
02fdd99518023091040db8e5f4be903c89942116f1ee5e518e8d9e1245d414ff
0c057ad6ae185bec313682cb3a1d317af65ea22b540efe5c646d504e4f788026
47d697ad0fd730ff82d8e3dea4f392c2ab4e637ec75af451e39adc038d8b1707
5081b4760eddd4d6d7d2ad867c0d7543c6d244436149d3f7cb1ca3151e4c66e3
5940aa7e129028597c1667094309ec44179dbab52a517b54b9a13da420fd4364
7102fbf34f50ee9e859ad732c2a2baa3889900f7d53790f84f43ea1307d52260
80eaa6308a288256a1ec11c5e733594850e4988a1e5e55427096c77577526417
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
b0a8dd6e5bbdfd853556f9ead1862346e636c0cb7b34ac831ce2f0936e9ff8dd
df081ace6455788b74bb619260238fdb7a10edb5bb8051bb8a0ccdb72635bc54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62e82ce49877556ca9850e133141e432652a138cee6f717654f1f5693b737eb
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

get-qr.com Open in urlscan Pro 2606:4700:20::ac43:49ae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

29 Requests

93 %HTTPS

50 %IPv6

7 Domains

8 Subdomains

11 IPs

4 Countries

484 kBTransfer

1492 kBSize

4 Cookies

3 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

get-qr.com Open in urlscan Pro
2606:4700:20::ac43:49ae Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

93 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

11
IPs

4
Countries

484 kB
Transfer

1492 kB
Size

4
Cookies

29 HTTP transactions
0 data transactions