qr123reg.click - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3035::6815:be0, located in United States and belongs to CLOUDFLARENET, US. The main domain is qr123reg.click.
TLS certificate: Issued by WE1 on November 6th 2024. Valid for: 3 months.

This is the only time qr123reg.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3035::6815:be0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.67.150.136 172.67.150.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2

2 2606:4700:3035::6815:be0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qr123reg.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.150.136 (United States)

ASN13335 (CLOUDFLARENET, US)

qr123reg.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	qr123reg.click 1 redirects qr123reg.click	370 KB
6	1

	Domain	Requested by
7	qr123reg.click	1 redirects qr123reg.click
6	1

This site contains no links.

Subject Issuer	Validity	Valid
qr123reg.click WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qr123reg.click/login
Frame ID: 33DC430CBDDA98AB0046B57D55C74AAD
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - BeLink

Page URL History Show full URLs

https://qr123reg.click/api/v1/link/usage HTTP 302
https://qr123reg.click/login Page URL

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

369 kB
Transfer

1207 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qr123reg.click/api/v1/link/usage HTTP 302
https://qr123reg.click/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response qr123reg.click/ Redirect Chain https://qr123reg.click/api/v1/link/usage https://qr123reg.click/login	93 KB 24 KB	321ms 320ms	Document text/html	2606:4700:3035::6815:be0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qr123reg.click/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:be0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bfb2388c239bee6330d8022dad3a026695ff6c25065ea9ab95c10389bea160ec` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 8e36e7093d3e7bcc-ATL content-encoding zstd content-type text/html; charset=UTF-8 date Sat, 16 Nov 2024 10:47:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p43pvkmk9SYXCvBen89h%2F3DSZjX%2Bbk3FKtixfynfDHhE4yc0%2BZ90a7MhEcy7m%2FzjK%2Bwgk6cN9VL%2FQfvAwvYxXX3QiCFETcjDezGrlxfCoGBoH76FgovIHi3X5EuLNkMW%2FsZaqnFgkvUXsLqP8g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing bootstrap;desc="Bootstrap";dur=20.292043685913, app;desc="App";dur=11, total;desc="Total";dur=31.639099121094, cfL4;desc="?proto=TCP&rtt=50211&sent=12&recv=16&lost=0&retrans=0&sent_bytes=5081&recv_bytes=2353&delivery_rate=78457&cwnd=37&unsent_bytes=0&cid=b565a8c07bba63c4&ts=947&x=0" vary Accept-Encoding Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 8e36e7065b7a7bcc-ATL content-type text/html; charset=UTF-8 date Sat, 16 Nov 2024 10:47:21 GMT location https://qr123reg.click/login nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2BkHPMLt1YE4C0UNOkPLCPgOsxyhvqkqcKaAyCX2YUp9NeV9ZlSjsh6ZnqWOaH1nFTekZ%2Fez7Q7aRtw4CD%2Be%2BtbAK2Ba%2BGkqCtiYFdSx97%2B3qiAkNHqItHB1sZSEjR1uGw0ADqXJmMZchCjZVg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=51884&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4031&recv_bytes=2297&delivery_rate=78457&cwnd=35&unsent_bytes=0&cid=b565a8c07bba63c4&ts=477&x=0"
GET H3	200	main-54a4a887.css qr123reg.click/build/assets/	86 KB 16 KB	715ms 715ms	Stylesheet text/css	172.67.150.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qr123reg.click/build/assets/main-54a4a887.css Requested by Host: qr123reg.click URL: https://qr123reg.click/login Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `54a4a88750ee7de6437d9c4b7c2c7e077d294236e99d55a74f4a25d74d6af184` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://qr123reg.click/login Response headers content-encoding gzip cf-cache-status EXPIRED etag "157dc-60fae3f7ac300-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJryih7AEZoJMkSqkbcPF%2FMsCY09JxfFtcHgVP7DjruF1JR2wAZ6Rf%2BO%2Fbjju7XyCbBZTomah4n0siDSb%2BY7DrpnxEudZnyVNVBYc4LcrI6BseOVopGo66v89PoSkXLBxA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=68920&sent=284&recv=76&lost=0&retrans=0&sent_bytes=327322&recv_bytes=8797&delivery_rate=1719613&cwnd=177600&unsent_bytes=0&cid=6cc1bcbf7b7ed827&ts=1013&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 16 Nov 2024 10:47:22 GMT content-type text/css last-modified Wed, 24 Jan 2024 10:08:44 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e36e70bac68eb02-DFW accept-ranges bytes content-length 15647 server cloudflare
GET H3	200	main-96065a7f.js Show response qr123reg.click/build/assets/	1006 KB 309 KB	330ms 330ms	Script text/javascript	172.67.150.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qr123reg.click/build/assets/main-96065a7f.js Requested by Host: qr123reg.click URL: https://qr123reg.click/login Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1b49fd46637f3ec29284c26709df893e7c91cf366706e64e75079f88d1275e0a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://qr123reg.click Referer https://qr123reg.click/login Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status EXPIRED etag "fb898-60fae3f7ac300-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7uKYlDS7WAFBseYy1Jm5R7tqspeKj5Kad0tqtKzg6TXbyANVnGwaYhw%2FXq2nRAGuwSQNtqgF2IYZUP9eZCJcD0OICrTTgRM8weuuyZl2%2BSNkMxl4zgm9dRMXexmu5%2F0how%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e36e70bac6aeb02-DFW alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=73289&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4310&recv_bytes=5966&delivery_rate=280&cwnd=12000&unsent_bytes=0&cid=6cc1bcbf7b7ed827&ts=618&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 16 Nov 2024 10:47:22 GMT content-type text/javascript last-modified Wed, 24 Jan 2024 10:08:44 GMT vary Accept-Encoding priority u=1,i=?0
GET H3	200	logo-dark.png qr123reg.click/images/	9 KB 9 KB	808ms 808ms	Image image/png	172.67.150.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qr123reg.click/images/logo-dark.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `99eda75b2575b8d5b6ed0532349dbb65f00a5ea6ce71885c43d31ac7f7e68f82` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://qr123reg.click/login Response headers cf-cache-status REVALIDATED etag "2302-60fae3f7ac300" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lYwyOaBJ8%2F%2Fwcbodgw%2FkJDebF%2FiMMH4tCn1zJZZ1jowlB4riewjaNqM9DqPVchhPFzdVwO2XyLKUxFvgddC2fRxzGIPFF8O8Zfb0I%2BHVr8n4UduD1T818Ym3S61ltztX1g%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=70633&sent=311&recv=85&lost=0&retrans=0&sent_bytes=355594&recv_bytes=12764&delivery_rate=26407&cwnd=177600&unsent_bytes=0&cid=6cc1bcbf7b7ed827&ts=1974&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 16 Nov 2024 10:47:23 GMT content-type image/png last-modified Wed, 24 Jan 2024 10:08:44 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e36e7117e81eb02-DFW accept-ranges bytes content-length 8962 server cloudflare
GET H3	200	auth-bg-8529ec0e.svg qr123reg.click/build/assets/	5 KB 2 KB	774ms 774ms	Image image/svg+xml	172.67.150.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qr123reg.click/build/assets/auth-bg-8529ec0e.svg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8529ec0e6536ab6ae18eb48727a9ce4931218bd57335676add8b76850db81622` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://qr123reg.click/login Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status REVALIDATED etag W/"14ac-60fae3f7ac300" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tEA10IxApoYsolQ01%2B2lC8ly1LH8Z4HYme2gpU5vkYSOHB5pcgjr%2FXWWy8QDblZKkuAbOhugR6HtXJUPYLP0vUU59EJdM5hkjKd6TnccChLb%2B3N4OrfGfgFv47CxRuScMw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e36e7117e82eb02-DFW alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=70633&sent=308&recv=85&lost=0&retrans=0&sent_bytes=353335&recv_bytes=12764&delivery_rate=26407&cwnd=177600&unsent_bytes=0&cid=6cc1bcbf7b7ed827&ts=1939&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 16 Nov 2024 10:47:23 GMT content-type image/svg+xml last-modified Wed, 24 Jan 2024 10:08:44 GMT vary Accept-Encoding priority u=3,i
GET H3	200	icon-144x144.png qr123reg.click/favicon/	8 KB 9 KB	382ms 382ms	Other image/png	172.67.150.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qr123reg.click/favicon/icon-144x144.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.136 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ee5d69c5bb81eee9e106ded135b9042d7e6cea35c5ee312e58b67e2ff118870f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://qr123reg.click/login Response headers cf-cache-status REVALIDATED etag "2107-6185273ac446f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=exdRZ9eOoPOEablRjP0c%2Bt0yPr4SuGYdl0FPwz9zXlFj%2FaoF2SfUwOr0I9a44z%2BFpzL5SC1esdrjdIgMP7fAfm4aBLEKITHgiF61Ntee42gl5oYqSAuxmefWhKDsBKn0hg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=69902&sent=300&recv=84&lost=0&retrans=0&sent_bytes=344026&recv_bytes=12719&delivery_rate=380777&cwnd=177600&unsent_bytes=0&cid=6cc1bcbf7b7ed827&ts=1571&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 16 Nov 2024 10:47:23 GMT content-type image/png last-modified Mon, 13 May 2024 09:24:27 GMT vary Accept-Encoding priority u=1,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e36e7117e83eb02-DFW accept-ranges bytes content-length 8455 server cloudflare

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| bootstrapData function| nanomemoize

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			qr123reg.click/	1970-01-21 01:02:41	Name: XSRF-TOKEN Value: eyJpdiI6InBVaXBmd1ZBQkNTN1lOWFJ6a0JWNmc9PSIsInZhbHVlIjoiZWpuaUdOd3h1VU1OdHp1VkNFMmlIeVM3dkp4NEFudkl4ZVJzZ2I3dHpVZnFPMUpNa3p0UUVOYUhjMzA1TG81RUw2NDdKcWttQVdmUHVGTnBVYlBqZzFkRnYyMG5IUXRDMEl3Y0R6VnBIWnB4dm9WR0ZkSUlOT1pyRGpDcTdGNE0iLCJtYWMiOiIyZDJkZmI1ZTI5MGRmZjA4MTFmOTNkYTU2YWFjMzk1NTM4OTc0YWI4MGIyMDIyNGVjOTIyMWY1MTcxYzNiOGZlIiwidGFnIjoiIn0%3D
			qr123reg.click/	1970-01-21 01:02:41	Name: belink_session Value: eyJpdiI6IndSVzBpOXU2cmw1UmNRaDJLOGNaWFE9PSIsInZhbHVlIjoiSVNJNnAvR3VPVTVYQ2NNb3JnRUhUZkU1aG5ValFudm5lQ3FDbkVSRGlHR3NvYVc5d3RKWlVtMnVxMm45WTBNWFluQTVQNVBXWlgvbHVuVXppelZxcnl0U0dPTWwvaTkzOGxOR1hzNWxmUi9TRnRMenBtVnpaVUpGTGozNWU5UWkiLCJtYWMiOiJmYWNjMzc0NGY5NjlhOGM3Yjk2OTM1NWY2NGIxNTYxOGFkMmY2NjY3NmE3ZTIwMjc1YjVhYmVmM2YwZjdiNzgyIiwidGFnIjoiIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://qr123reg.click/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

qr123reg.click
172.67.150.136
2606:4700:3035::6815:be0
1b49fd46637f3ec29284c26709df893e7c91cf366706e64e75079f88d1275e0a
54a4a88750ee7de6437d9c4b7c2c7e077d294236e99d55a74f4a25d74d6af184
8529ec0e6536ab6ae18eb48727a9ce4931218bd57335676add8b76850db81622
99eda75b2575b8d5b6ed0532349dbb65f00a5ea6ce71885c43d31ac7f7e68f82
bfb2388c239bee6330d8022dad3a026695ff6c25065ea9ab95c10389bea160ec
ee5d69c5bb81eee9e106ded135b9042d7e6cea35c5ee312e58b67e2ff118870f

qr123reg.click Open in urlscan Pro 2606:4700:3035::6815:be0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

6 Requests

100 %HTTPS

50 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

369 kBTransfer

1207 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

qr123reg.click Open in urlscan Pro
2606:4700:3035::6815:be0 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

369 kB
Transfer

1207 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions