qr.net Open in urlscan Pro
188.40.28.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qr.net/user/upgrade
Effective URL:
https://qr.net/login
Submission: On November 04 via manual (November 4th 2022, 4:21:10 am UTC) from GB — Scanned from GB

Summary HTTP 60 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 31 IPs in 7 countries across 21 domains to perform 60 HTTP transactions. The main IP is 188.40.28.36, located in Germany and belongs to HETZNER-AS, DE. The main domain is qr.net. The Cisco Umbrella rank of the primary domain is 587232.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on September 24th 2022. Valid for: a year.

This is the only time qr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	188.40.28.36 188.40.28.36	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	199.212.255.245 199.212.255.245	25948 (FHMNET) (FHMNET)
1	2600:9000:21f... 2600:9000:21f3:4a00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	13.225.78.69 13.225.78.69	16509 (AMAZON-02) (AMAZON-02)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	52.222.214.79 52.222.214.79	16509 (AMAZON-02) (AMAZON-02)
2	64.202.112.63 64.202.112.63	23352 (SERVERCEN...) (SERVERCENTRAL)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.147.113 18.66.147.113	16509 (AMAZON-02) (AMAZON-02)
2	99.84.88.42 99.84.88.42	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.229.245.170 54.229.245.170	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
60	31

12 188.40.28.36 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: www256.your-server.de

qr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.212.255.245 (Canada)

ASN25948 (FHMNET, CA)

conversion.adshop.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:4a00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-69.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.214.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-79.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-113.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.88.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-42.muc50.r.cloudfront.net

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.245.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-245-170.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	qr.net 1 redirects qr.net — Cisco Umbrella Rank: 587232	269 KB
6	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 889 script.hotjar.com — Cisco Umbrella Rank: 1168 vars.hotjar.com — Cisco Umbrella Rank: 1210 in.hotjar.com — Cisco Umbrella Rank: 2124	106 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	265 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 815 www.linkedin.com — Cisco Umbrella Rank: 745 px4.ads.linkedin.com — Cisco Umbrella Rank: 7246	3 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	50 KB
4	google.com 1 redirects translate.google.com — Cisco Umbrella Rank: 2138 www.google.com — Cisco Umbrella Rank: 17	27 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118 translate.googleapis.com — Cisco Umbrella Rank: 1520	82 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3121 tr.outbrain.com — Cisco Umbrella Rank: 2798	4 KB
3	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1049 trc.taboola.com — Cisco Umbrella Rank: 810 trc-events.taboola.com — Cisco Umbrella Rank: 1697	20 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 616	12 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 397 region1.google-analytics.com — Cisco Umbrella Rank: 2041	18 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 3906	376 B
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2368	611 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 166	2 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1420	5 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 617	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	112 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	128 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1612	633 B
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 3611	10 KB
1	infolinks.com conversion.adshop.infolinks.com	245 B
60	21

	Domain	Requested by
12	qr.net	1 redirects qr.net
4	www.facebook.com	qr.net
3	script.hotjar.com	static.hotjar.com script.hotjar.com qr.net
3	www.google.com	1 redirects qr.net
3	bat.bing.com	qr.net bat.bing.com
3	translate.googleapis.com	translate.googleapis.com
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	www.gstatic.com	translate.googleapis.com qr.net
2	tr.outbrain.com	amplify.outbrain.com qr.net
2	www.google.co.uk	qr.net
2	snap.licdn.com	qr.net snap.licdn.com
2	s.yimg.com	qr.net s.yimg.com
2	connect.facebook.net	qr.net connect.facebook.net
2	ssl.google-analytics.com	1 redirects qr.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	qr.net
1	trc-events.taboola.com	cdn.taboola.com
1	sp.analytics.yahoo.com	qr.net
1	in.hotjar.com	script.hotjar.com
1	trc.taboola.com	cdn.taboola.com
1	px4.ads.linkedin.com	qr.net
1	www.linkedin.com	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	amplify.outbrain.com	qr.net
1	cdn.taboola.com	qr.net
1	static.hotjar.com	qr.net
1	www.dwin1.com	qr.net
1	conversion.adshop.infolinks.com	qr.net
1	translate.google.com	qr.net
1	fonts.googleapis.com	qr.net
60	34

This site contains links to these domains. Also see Links.

Domain
qr.de
qr.at
qrcode.ch

Subject Issuer	Validity	Valid
qr.net Encryption Everywhere DV TLS CA - G1	`2022-09-24` - `2023-09-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
conversion.adshop.infolinks.com R3	`2022-08-15` - `2022-11-13`	3 months	crt.sh
*.dwin1.com Amazon	`2022-11-03` - `2023-12-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-13` - `2022-11-11`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-10-17` - `2022-12-07`	2 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
www.google.co.uk GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://qr.net/login
Frame ID: 8956FCA32713421F000F080B3BA001BC
Requests: 57 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3A018B4FDF89E14596DB04410E9D03FB
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 2000237733F3B0B65C6CE08EA5490A1E
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0feefa1930c964ac6aa4db4e99e8f25f.html
Frame ID: 69772F0788BA8A2B1CAEEE54DC655FBE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QR.net - Login

Page URL History Show full URLs

https://qr.net/user/upgrade HTTP 301
https://qr.net/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

97 %
HTTPS

59 %
IPv6

21
Domains

34
Subdomains

31
IPs

7
Countries

854 kB
Transfer

2345 kB
Size

34
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://qr.de/
Title: QR Code Generator

Search URL Search Domain Scan URL

URL: https://qr.at/
Title: QR Code Generator

Search URL Search Domain Scan URL

URL: https://qrcode.ch/
Title: QR Code Generator

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qr.net/user/upgrade HTTP 301
https://qr.net/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1901413453&utmhn=qr.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=QR.net%20-%20Login&utmhid=1961791203&utmr=-&utmp=%2Flogin&utmht=1667535665177&utmac=UA-23661299-2&utmcc=__utma%3D1.1225026839.1667535665.1667535665.1667535665.1%3B%2B__utmz%3D1.1667535665.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=671467763&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23661299-2&cid=1225026839.1667535665&jid=671467763&_v=5.7.2&z=1901413453 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23661299-2&cid=1225026839.1667535665&jid=671467763&_v=5.7.2&z=1901413453 HTTP 302
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23661299-2&cid=1225026839.1667535665&jid=671467763&_v=5.7.2&z=1901413453&slf_rd=1&random=3496059464

Request Chain 46

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4455513&time=1667535665282&url=https%3A%2F%2Fqr.net%2Flogin HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4455513%26time%3D1667535665282%26url%3Dhttps%253A%252F%252Fqr.net%252Flogin%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4455513&time=1667535665282&url=https%3A%2F%2Fqr.net%2Flogin&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4455513&time=1667535665282&url=https%3A%2F%2Fqr.net%2Flogin&liSync=true&e_ipv6=AQJh5AdxL8WhFQAAAYRA3voK315ooRqTs_WUwPekf2biqFI_Lr6YGG7AlJqGqgNXZo4

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
qr.net/
Redirect Chain

https://qr.net/user/upgrade
https://qr.net/login

16 KB
5 KB

65ms
64ms

Document
text/html

188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.net/login
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 67720fd29a77a78083b3baa44d621b473f0da3b276f96c197b6803b2f9268c9b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
content-encoding: gzip
content-length: 4463
content-type: text/html; charset=UTF-8
date: Fri, 04 Nov 2022 04:21:04 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding
x-app-runtime: 0.021 sec

Redirect headers

cache-control: no-store
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 04 Nov 2022 04:21:04 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /login
pragma: no-cache
server: Apache
vary: Accept-Encoding
x-app-runtime: 0.014 sec

GET
H2 200 css
fonts.googleapis.com/ 2 KB
969 B 142ms
53ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900|Indie+Flower

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b82ecae1f93fb1aff35fd8bdb40881935f9d95aacf0f9e5215e4b1e4a0916c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 04:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 04:21:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 04:21:04 GMT

GET
H2 200 bootstrap.css
qr.net/lib/bootstrap/dist/css/ 144 KB
22 KB 88ms
87ms Stylesheet
text/css 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.net/lib/bootstrap/dist/css/bootstrap.css
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 4ede7c61ced76210d61b5737b39e48dfb7e3aa65022fd757442ab518b0b5df84

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:04 GMT
content-encoding: gzip
last-modified: Thu, 06 Feb 2020 13:07:49 GMT
server: Apache
etag: "240bc-59de7f5c02f7f-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 21871

GET
H2 200 font-awesome.min.css
qr.net/lib/font-awesome/css/ 30 KB
7 KB 46ms
45ms Stylesheet
text/css 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.net/lib/font-awesome/css/font-awesome.min.css
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:04 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 09:53:36 GMT
server: Apache
etag: "7918-59b75a211a4c6-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7053

GET
H2 200 flag-icon.min.css
qr.net/lib/flag-icon-css/css/ 33 KB
3 KB 45ms
44ms Stylesheet
text/css 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.net/lib/flag-icon-css/css/flag-icon.min.css
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 1108d9c16e258ebb7d76ca276f25feb22ea46f182455d7b8ed3cbd1507a19d48

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:04 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 07:18:12 GMT
server: Apache
etag: "82c9-597ea377f8d94-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2776

GET
H2 200 style.css
qr.net/css/ 53 KB
10 KB 87ms
86ms Stylesheet
text/css 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.net/css/style.css
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 1e8aaee7b22e3b9e1bc19ffe89e18f3bf4c516a11627e4e5169402eef82886ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:04 GMT
content-encoding: gzip
last-modified: Fri, 07 Feb 2020 07:58:30 GMT
server: Apache
etag: "d318-59df7c15e51ec-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9809

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 143ms
55ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-871988727

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

446964133847402469bdec71cf2eec7144e4040ddb11c5116fa7e16079d3ffdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52782
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Nov 2022 04:21:04 GMT

GET
H2 200 logo-qr.png
qr.net/img/ 6 KB
6 KB 44ms
43ms Image
image/png 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qr.net/img/logo-qr.png
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: db8b80b4d32e48c9059b6aaf10e281adbad861bed0e6f0562645e0769f3f4931

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:04 GMT
last-modified: Fri, 22 Nov 2019 07:18:02 GMT
server: Apache
etag: "181e-597ea36dcc56d"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6174

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 75 KB
26 KB 144ms
56ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81cbb13eac987c4c2ffdec2de5eebf62f0aa18f45a2461d0665db31e96500ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
qr.net/lib/jquery/dist/ 85 KB
30 KB 47ms
47ms Script
application/javascript 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.net/lib/jquery/dist/jquery.min.js
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:04 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 07:18:19 GMT
server: Apache
etag: "152b5-597ea37e106de-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 30080

GET
H2 200 bootstrap.min.js Show response
qr.net/lib/bootstrap/dist/js/ 36 KB
10 KB 46ms
44ms Script
application/javascript 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.net/lib/bootstrap/dist/js/bootstrap.min.js
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:04 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 07:18:23 GMT
server: Apache
etag: "90b5-597ea38264d5c-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9833

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
76 KB 153ms
64ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8L39YF2P2M

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da4bb2ce747d2b411e363703cf45ec3927a2fd1d0a041e93378608ce489b46b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77643
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Nov 2022 04:21:04 GMT

GET
H2 200 /
conversion.adshop.infolinks.com/conversion/ 37 B
245 B 726ms
111ms Image
image/gif 199.212.255.245
FHMNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conversion.adshop.infolinks.com/conversion/?pixel=1&aid=651845
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.212.255.245 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:21:08 GMT
x-replied-from: 199.212.255.228:26080
server: nginx/1.16.1
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
content-length: 37
expires: 0

GET
H2 200 17518.js Show response
www.dwin1.com/ 34 KB
10 KB 235ms
128ms Script
application/javascript 2600:9000:21f3:4a00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/17518.js
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4a00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccff1c79aca091e33eedd30d6b6ed267f09a37378a23c6709d444eb5039b4a52

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 0EZNIEwdwuhKy45Zn4P_.xs9NdMH0M.F
content-encoding: gzip
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 04:21:06 GMT
x-amz-cf-pop: FRA2-C2
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Nov 2022 12:50:49 GMT
server: AmazonS3
etag: W/"3f95d4158ae8e47725c1c6c44eda3355"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: hmKyZzUaV1X1S8DK9OzHuMZTJqQ_Hlz-kLCxnCJ0VzVawN4Sj4GtFg==

GET
H2 200 gb.svg
qr.net/lib/flag-icon-css/flags/4x3/ 956 B
567 B 44ms
44ms Image
image/svg+xml 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qr.net/lib/flag-icon-css/flags/4x3/gb.svg
Requested by: Host: qr.net
URL: https://qr.net/lib/flag-icon-css/css/flag-icon.min.css
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: d85f0f149b4390bed6624bc30ca2cbfa37d394f14474fcf81d63363ad363e284

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/lib/flag-icon-css/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:04 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 07:18:41 GMT
server: Apache
etag: "3bc-597ea39394474-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 477

GET
H2 200 qr_background.png
qr.net//img/ 100 KB
101 KB 81ms
81ms Image
image/png 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qr.net//img/qr_background.png
Requested by: Host: qr.net
URL: https://qr.net/css/style.css
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 618d46449b67812c0fc2872fb531603af894169ee594bddc0c272cfbb008b919

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:04 GMT
last-modified: Fri, 22 Nov 2019 07:18:02 GMT
server: Apache
etag: "1902c-597ea36de4c0d"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 102444

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 170ms
81ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Indie+Flower

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qr.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:59:57 GMT
x-content-type-options: nosniff
age: 584467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 09:59:57 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 129ms
40ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Indie+Flower

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qr.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 213175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 17:08:09 GMT

GET
H2 200 fontawesome-webfont.woff2
qr.net/lib/font-awesome/fonts/ 75 KB
76 KB 123ms
122ms Font
font/woff2 188.40.28.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qr.net/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: qr.net
URL: https://qr.net/lib/font-awesome/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 188.40.28.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www256.your-server.de
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://qr.net/lib/font-awesome/css/font-awesome.min.css
Origin: https://qr.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:04 GMT
last-modified: Fri, 22 Nov 2019 07:18:14 GMT
server: Apache
etag: "12d68-597ea379a7840"
content-type: font/woff2
cache-control: max-age=604800
accept-ranges: bytes
content-length: 77160

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 136ms
40ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.jUY4_WDT6tY.O/d=1/rs=AN8SPfo-BMNf26XhheE95_VcZtMnJF0ToQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 04 Nov 2022 04:56:35 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.jUY4_WDT6tY.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo-BMNf26XhheE95_VcZtMnJF0ToQ/ 207 KB
74 KB 137ms
41ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.jUY4_WDT6tY.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo-BMNf26XhheE95_VcZtMnJF0ToQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.jUY4_WDT6tY.O/d=1/rs=AN8SPfo-BMNf26XhheE95_VcZtMnJF0ToQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef9ae613e310483b7a82169bdabb06d68af52447bdf6b586b234cf97f7bfcb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 11:59:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75091
x-xss-protection: 0
last-modified: Sun, 23 Oct 2022 01:11:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 11:59:41 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 136ms
41ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 02:50:53 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5412
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 04 Nov 2022 04:50:53 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 123ms
42ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 04 Nov 2022 04:21:04 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EBDC46EF72904CDD8D3AFEF30C39695A Ref B: LON04EDGE0813 Ref C: 2022-11-04T04:21:05Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11376

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 125ms
42ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 04 Nov 2022 04:21:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MkkTmxP8/l02FXa2dGvtY32HZoijDvufIl1yWVOvpFm6WVIZaZkMha0LkT82hVzb2d1/vh9+K3l2HBI7t14VbA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 249ms
41ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:18:46 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: FZGMF59SB3A326N0
age: 140
x-amz-server-side-encryption: AES256
x-amz-id-2: R/7CE0mZl93A1Ca26aevKaXSIGh4mCPmz8ncQTQ0TCCUD9gyTTWWjGmHRa2GpoMhGA+4RMtFQ3R3ac+p98L13Q==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 hotjar-2217061.js Show response
static.hotjar.com/c/ 6 KB
3 KB 167ms
74ms Script
application/javascript 13.225.78.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2217061.js?sv=6

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-69.fra2.r.cloudfront.net

Software

Resource Hash

0d538fce920152e4c8fd591683f50500937e600e2fb9dfc46a8de2066c3e3aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/315496f20ef107d219fed0c14191abd5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 6SgqOa1RKawuEGDvQSHMx5J8Nly9ivFUMnkLtawjkZ5mxdiNorM4Kw==

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1376253/ 57 KB
18 KB 279ms
213ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1376253/tfa.js
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0c54565064d56cda8e713bc827744ad61a817b898a863c677789153ffd25a93

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: InCER_51gn2.Xjsk6c9zwilaGvg_xp1S
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Nov 2022 04:21:05 GMT
x-amz-request-id: DXCVP7CQXXMVJ8S8
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17957
x-amz-id-2: M+9cpTYMYhjPsLTNjZXatwGYDzVO5U0gMvinAa2lOh7jCxOMvkw64ojGZC3tEXlFJgmuM7FNdC0=
x-served-by: cache-lcy19254-LCY
last-modified: Sun, 30 Oct 2022 11:36:23 GMT
server: AmazonS3
x-timer: S1667535665.126457,VS0,VE185
etag: "be3022332acf097700b99584ef9941b7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
4 KB 140ms
42ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8f0234cadec8f9755a2b8aa9a745c354a5fbbff63a241a774c156cf93d375413

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 04:21:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 09 Oct 2022 07:50:08 GMT
Server: AkamaiNetStorage
ETag: "0d5508c59e34b5d35cde5aea2aa1c2fd:1665301953.026714"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3471
Expires: Fri, 04 Nov 2022 04:41:05 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 997 B
639 B 130ms
41ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d2667aa38599ee0de5244f5ea6aa603484f9cbaf6fea5bfe67d9d15cc7daa731

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:05 GMT
content-encoding: gzip
last-modified: Tue, 01 Nov 2022 19:12:50 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=36241
accept-ranges: bytes
content-length: 471

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/871988727/ 2 KB
1 KB 151ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/871988727/?random=1667535665082&cv=11&fst=1667535665082&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fqr.net%2Flogin&tiba=QR.net%20-%20Login&auid=1281942561.1667535665&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-871988727

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e35999381897270c6e71e23c6fe133f43b72cd45da1b5be336944b6add533c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 862
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
341 B 114ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8L39YF2P2M&gtm=2oeb20&_p=1961791203&cid=1225026839.1667535665&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667535665&sct=1&seg=0&dl=https%3A%2F%2Fqr.net%2Flogin&dt=QR.net%20-%20Login&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8L39YF2P2M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:21:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 15321837.js Show response
bat.bing.com/p/action/ 0
120 B 132ms
131ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15321837.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 04 Nov 2022 04:21:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 818D0EB60DA445AD89DC990F67E4C9CD Ref B: LON04EDGE0813 Ref C: 2022-11-04T04:21:05Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
177 B 41ms
41ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15321837&Ver=2&mid=f85dd88a-4f83-4567-ba37-e9f50bb47c71&sid=193686c05bf811edb57de3a9e6f1c44b&vid=19367d005bf811ed92d52595e5b1ce07&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=QR.net%20-%20Login&p=https%3A%2F%2Fqr.net%2Flogin&r=&lt=612&evt=pageLoad&sv=1&rn=211842

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 04 Nov 2022 04:21:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 97B0E06E26A7439892245AE9C4CCCEDC Ref B: LON04EDGE0813 Ref C: 2022-11-04T04:21:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ga-audiences
www.google.co.uk/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1901413453&utmhn=qr.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=QR.net%20-%20...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23661299-2&cid=1225026839.1667535665&jid=671467763&_v=5.7.2&z=1901413453
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23661299-2&cid=1225026839.1667535665&jid=671467763&_v=5.7.2&z=1901413453
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23661299-2&cid=1225026839.1667535665&jid=671467763&_v=5.7.2&z=1901413453&slf_rd=1&random=3496059464

42 B
63 B

136ms
53ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23661299-2&cid=1225026839.1667535665&jid=671467763&_v=5.7.2&z=1901413453&slf_rd=1&random=3496059464

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:21:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:21:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23661299-2&cid=1225026839.1667535665&jid=671467763&_v=5.7.2&z=1901413453&slf_rd=1&random=3496059464
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 311459669964517 Show response
connect.facebook.net/signals/config/ 293 KB
85 KB 153ms
153ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/311459669964517?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46c154188ef335388ee225ebb723eb607fce55e87f9661d59940402d69901e88

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 04 Nov 2022 04:21:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ElLtcgkXZxDlFlGIKi8oUbzDzQmXa2DYhkIP2IWEAe/xc4Dmk7A4nQ3wfrA1WXxLMfV7SypFPem0F5PUCB/kZg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.fb31143041749935774c.js Show response
script.hotjar.com/ 254 KB
65 KB 149ms
46ms Script
application/javascript 52.222.214.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.fb31143041749935774c.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2217061.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-79.fra56.r.cloudfront.net

Software

Resource Hash

2c31f8bb314c9d47e89662daac66d55d23a2db294da120978e1d33438b992b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 70079
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66231
last-modified: Thu, 03 Nov 2022 08:52:17 GMT
etag: "824d1340a30234e6909a3b6170eb8f07"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: hr_ZKxvNbqkG9KP6p8TBF2pfELMStRJF-uD8Me4CMuunZlg7sjb9lQ==

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 42ms
42ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3f50a1ccb55e595667f30077ae38364f5d3eab17837057fd32a0e2bc13cd9013

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:05 GMT
content-encoding: gzip
last-modified: Thu, 03 Nov 2022 02:12:26 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=70092
accept-ranges: bytes
content-length: 4611

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 468ms
99ms Script
application/javascript 64.202.112.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=0017c0c7e87302d039f5706e934f6d748c
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 04:21:05 GMT
content-encoding: gzip
X-TraceId: 0cebe23c3530139c0f71b11195c27a87
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 467ms
98ms Image
image/gif 64.202.112.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=0017c0c7e87302d039f5706e934f6d748c&obApiVersion=1.1&obtpVersion=1.10.0&name=PAGE_VIEW&dl=https%3A%2F%2Fqr.net%2Flogin&optOut=false&bust=05621158590259141&referrer=
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 04:21:05 GMT
Cache-Control: no-cache
content-encoding: gzip
X-TraceId: 791c465808f4f76f4d0127bfd9e2d97f
Content-Length: 60
Content-Type: image/gif;

GET
DATA 200
OK truncated Show response
/ Frame 3A01 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 144ms
40ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:14:27 GMT
x-content-type-options: nosniff
age: 398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 04 Nov 2023 04:14:27 GMT

GET
H3 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 2000 18 KB
4 KB 128ms
46ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.jUY4_WDT6tY.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo-BMNf26XhheE95_VcZtMnJF0ToQ/m=el_main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 04 Nov 2022 04:56:35 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
936 B 144ms
40ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:26:32 GMT
x-content-type-options: nosniff
age: 3273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 04 Nov 2023 03:26:32 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
598 B 152ms
48ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:21:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-0feefa1930c964ac6aa4db4e99e8f25f.html Show response
vars.hotjar.com/ Frame 6977 2 KB
1 KB 151ms
47ms Document
text/html 18.66.147.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-0feefa1930c964ac6aa4db4e99e8f25f.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2217061.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-113.fra60.r.cloudfront.net

Software

Resource Hash

d45014fa88918c35f5c3401458f0a26c0f45fe6132fc31a227b186ebe55d5d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://qr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 130799
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 16:01:06 GMT
etag: "7860f2201e5523a8914b582db81455db"
last-modified: Wed, 02 Nov 2022 16:00:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-amz-cf-id: qT2Fyd_eu-OgmQoId8WLaSEneI3JudlcLtTX2TZQUqFOUKKIBr2hdA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/4455513/domain/qr.net/ Frame 0
0 175ms
56ms Preflight 99.84.88.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4455513/domain/qr.net/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-42.muc50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://qr.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 18512
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 03 Nov 2022 23:12:33 GMT
via: 1.1 89a45b9ac94fb6c6e52c37fdd89a6cb0.cloudfront.net (CloudFront)
x-amz-cf-id: ac_jKn_-iqevcVJA9ZkGVSOo_MTJbZ0ourliIBv8JepXD1Sz2cEywA==
x-amz-cf-pop: MUC50-C1
x-cache: Hit from cloudfront

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4455513/domain/qr.net/ 36 B
376 B 57ms
56ms XHR
application/json 99.84.88.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4455513/domain/qr.net/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-42.muc50.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://qr.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 04 Nov 2022 04:00:22 GMT
content-encoding: gzip
via: 1.1 89a45b9ac94fb6c6e52c37fdd89a6cb0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 1243
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: h6c9sVZpJ25ZlXQ-OP-avNr9eCpZBCA7-7gGT9P8FkykQd_Eu9GVQA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4455513&time=1667535665282&url=https%3A%2F%2Fqr.net%2Flogin
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4455513%26time%3D1667535665282%26url%3Dhttps%253A%252F%252Fqr.net%252Flogin%26liS...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4455513&time=1667535665282&url=https%3A%2F%2Fqr.net%2Flogin&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4455513&time=1667535665282&url=https%3A%2F%2Fqr.net%2Flogin&liSync=true&e_ipv6=AQJh5AdxL8WhFQAAAYRA3voK315ooRqTs_WUwPekf2biqFI_Lr6YGG7AlJqGqgNXZo4

0
266 B

170ms
121ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4455513&time=1667535665282&url=https%3A%2F%2Fqr.net%2Flogin&liSync=true&e_ipv6=AQJh5AdxL8WhFQAAAYRA3voK315ooRqTs_WUwPekf2biqFI_Lr6YGG7AlJqGqgNXZo4
Requested by: Host: qr.net
URL: https://qr.net/login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:05 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A31B280F839D40DCAAC0614B4ED1160E Ref B: MAN30EDGE0818 Ref C: 2022-11-04T04:21:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXsnWcDJJjRqyjrkpyzog==

Redirect headers

date: Fri, 04 Nov 2022 04:21:05 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 72D81B8636F948079899B597BC53F2F2 Ref B: LTSEDGE1414 Ref C: 2022-11-04T04:21:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4455513&time=1667535665282&url=https%3A%2F%2Fqr.net%2Flogin&liSync=true&e_ipv6=AQJh5AdxL8WhFQAAAYRA3voK315ooRqTs_WUwPekf2biqFI_Lr6YGG7AlJqGqgNXZo4
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXsnWcAi5HPCuG5rrOJEg==

GET
H2 200 /
www.google.com/pagead/1p-user-list/871988727/ 42 B
270 B 143ms
54ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/871988727/?random=1667535665082&cv=11&fst=1667534400000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fqr.net%2Flogin&tiba=QR.net%20-%20Login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1626249000&rmt_tld=0&ipr=y

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:21:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/871988727/ 42 B
548 B 156ms
58ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/871988727/?random=1667535665082&cv=11&fst=1667534400000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fqr.net%2Flogin&tiba=QR.net%20-%20Login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1626249000&rmt_tld=1&ipr=y

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:21:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10143015.json Show response
s.yimg.com/wi/config/ 2 B
486 B 226ms
139ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10143015.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: ZY74VRNEHJVAKRKN
age: 1
content-length: 22
x-amz-id-2: u4kivfoQmIAPLq12WDVjusEZGZpWbQ3y5fP6BYIujjj4HiTKeDPw28SdyG3CwD7tysRVlSIoqM4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 json Show response
trc.taboola.com/1376253/trc/3/ 2 KB
2 KB 53ms
44ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1376253/trc/3/json?tim=1667535665339&data=%7B%22id%22%3A125%2C%22ii%22%3A%22%2Flogin%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667535665332%2C%22cv%22%3A%2220221029-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fqr.net%2Flogin%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-qrgmbhgooglemailcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667535665338%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fqr.net%2Flogin%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1376253/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 84e103b5ac097912e0bee4edaceda56abf044ab74ba18e1d2bce4a728f239731

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 14
date: Fri, 04 Nov 2022 04:21:05 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-lcy19254-LCY
server: nginx
x-timer: S1667535665.363400,VS0,VE14
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 124ms
41ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=311459669964517&ev=PageView&dl=https%3A%2F%2Fqr.net%2Flogin&rl=&if=false&ts=1667535665480&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667535665479.181304674&it=1667535665190&coo=false&exp=d1&rqm=GET

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 04:21:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 124ms
42ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=311459669964517&ev=tracking&dl=https%3A%2F%2Fqr.net%2Flogin&rl=&if=false&ts=1667535665482&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667535665479.181304674&it=1667535665190&coo=false&rqm=GET

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 04:21:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 124ms
42ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=311459669964517&ev=Search&dl=https%3A%2F%2Fqr.net%2Flogin&rl=&if=false&ts=1667535665482&sw=1600&sh=1200&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1667535665479.181304674&it=1667535665190&coo=false&rqm=GET

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 04:21:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2217061/ 147 B
322 B 146ms
44ms XHR
application/json 54.229.245.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2217061/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.fb31143041749935774c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.245.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-245-170.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 23084b00ffe368652957dcb8afc244c1c432069472e90048b07634fccd27440b

Request headers

Referer: https://qr.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 04:21:05 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 preact-incoming-feedback.ce6c0f3f9b08eb38f985.js Show response
script.hotjar.com/ 165 KB
33 KB 47ms
46ms Script
application/javascript 52.222.214.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/preact-incoming-feedback.ce6c0f3f9b08eb38f985.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.fb31143041749935774c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-79.fra56.r.cloudfront.net

Software

Resource Hash

8a18177c09e1a35ec7b3e03c0fa920f1b7f8442c6e783b62b9513b6715db9b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 70079
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33671
last-modified: Thu, 03 Nov 2022 08:52:17 GMT
etag: "f3056bc9ff2685d4e15bc4669ac79b6c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: k6HvZKtZ8-t8jBrwE8f5m9gzRU6ugawkRa-rqu3GksYmItAM2E-mrA==

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 128ms
41ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2004%20Nov%202022%2004%3A21%3A05%20GMT&n=0&b=QR.net%20-%20Login&.yp=10143015&f=https%3A%2F%2Fqr.net%2Flogin&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 04:21:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 04:21:05 GMT

GET
H2 200 font-hotjar_5.65042d.woff2
script.hotjar.com/ 2 KB
3 KB 122ms
40ms Font
font/woff2 52.222.214.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/font-hotjar_5.65042d.woff2

Requested by

Host: qr.net
URL: https://qr.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-79.fra56.r.cloudfront.net

Software

Resource Hash

fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://qr.net/
Origin: https://qr.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 2660704
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Tue, 04 Oct 2022 07:09:34 GMT
etag: "c9fb9163f8b7be37023ebe649688bebf"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Pt9a1c4xhbGaeRpZ04P-kqvAN7LzU2ASl6fNgZLn8rpy3q8hlbLxgg==

GET
H2 204 unip Show response
trc-events.taboola.com/1376253/log/3/ 0
241 B 161ms
34ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1376253/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=100&ssd=1&est=1667535665335&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1667535666891&vi=1667535665332&ri=9916d80e1c5c1a5c474de9407ff8e663&ref=null&cv=20221029-3-RELEASE&item-url=https%3A%2F%2Fqr.net%2Flogin
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1376253/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://qr.net
pragma: no-cache
date: Fri, 04 Nov 2022 04:21:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 84ms
40ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=311459669964517&ev=Microdata&dl=https%3A%2F%2Fqr.net%2Flogin&rl=&if=false&ts=1667535666982&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22QR.net%20-%20Login%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=3&o=30&fbp=fb.1.1667535665479.181304674&it=1667535665190&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://qr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 04:21:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qr.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: cb13e978b5efc7e0c5cc511ece34a2d4
qr.net/	1970-01-20 07:12:15	Name: qr_jump Value: %2Fuser%2Fupgrade
qr.net/	1970-01-20 07:12:22	Name: qr_test Value: 1667535664
.qr.net/	1970-01-20 09:21:51	Name: _gcl_au Value: 1.1.1281942561.1667535665
.qr.net/	1970-01-20 16:48:15	Name: _ga_8L39YF2P2M Value: GS1.1.1667535665.1.0.1667535665.0.0.0
.qr.net/	1970-01-20 16:48:15	Name: _ga Value: GA1.1.1225026839.1667535665
.bing.com/	1970-01-20 16:33:51	Name: MUID Value: 293D7371E9C76C2106196123E87C6DDA
.qr.net/	1970-01-20 07:13:42	Name: _uetsid Value: 193686c05bf811edb57de3a9e6f1c44b
.qr.net/	1970-01-20 16:33:51	Name: _uetvid Value: 19367d005bf811ed92d52595e5b1ce07
qr.net/	1970-01-20 16:48:15	Name: __utma Value: 1.1225026839.1667535665.1667535665.1667535665.1
qr.net/	1969-12-31 23:59:59	Name: __utmc Value: 1
qr.net/	1970-01-20 11:35:03	Name: __utmz Value: 1.1667535665.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
qr.net/	1970-01-20 07:12:16	Name: __utmt Value: 1
qr.net/	1970-01-20 07:12:17	Name: __utmb Value: 1.1.10.1667535665
.doubleclick.net/	1970-01-20 07:12:16	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-20 07:55:27	Name: UserMatchHistory Value: AQLw4j9kSCDX4gAAAYRA3vj-H4SR3XviLc5M3IQEmeFpLJ7oKTpO3ukMyTv2-wWHDBjnKvBnQnRrVA
.linkedin.com/	1970-01-20 07:55:27	Name: AnalyticsSyncHistory Value: AQIWmOLp-l4AkwAAAYRA3vj-mF50rS60e-oMA8D32vanJByDem6lNw4Z8xEtj41dHB6--Y9K53Gb3afX1ze8lA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:57:51	Name: bcookie Value: "v=2&59d93e76-0171-4c84-8dad-e9512ace0e4e"
.linkedin.com/	1970-01-20 07:13:42	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2515:u=1:x=1:i=1667535665:t=1667622065:v=2:sig=AQFUpVHhFq0x34ioZkB8jMy9lTGylI5x"
.qr.net/	1970-01-20 09:21:51	Name: _fbp Value: fb.1.1667535665479.181304674
.qr.net/	1970-01-20 15:57:51	Name: _hjSessionUser_2217061 Value: eyJpZCI6ImY4Y2NlN2ZhLTVlNzktNTg4Ny1iOTIxLTU1YWEzMjAwNTdlOCIsImNyZWF0ZWQiOjE2Njc1MzU2NjU0MjEsImV4aXN0aW5nIjpmYWxzZX0=
.qr.net/	1970-01-20 07:12:17	Name: _hjFirstSeen Value: 1
qr.net/	1970-01-20 07:12:15	Name: _hjIncludedInSessionSample Value: 0
.qr.net/	1970-01-20 07:12:17	Name: _hjSession_2217061 Value: eyJpZCI6ImYwY2MzZTM3LWI4MDEtNGZiZC1iZGJiLTQ3MzU5NzZkMjFmZCIsImNyZWF0ZWQiOjE2Njc1MzU2NjU0ODYsImluU2FtcGxlIjpmYWxzZX0=
qr.net/	1970-01-20 07:12:15	Name: _hjIncludedInPageviewSample Value: 1
.qr.net/	1970-01-20 07:12:17	Name: _hjAbsoluteSessionInProgress Value: 0
.qr.net/	1970-01-20 07:13:42	Name: ln_or Value: d
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 15:57:51	Name: bscookie Value: "v=1&202211040421052c5d726e-0f53-44db-81b3-52c82358f3a7AQHx4wLD23vaKkNQydhRWkcd39kp1hn7"
.linkedin.com/	1970-01-20 11:31:27	Name: li_gc Value: MTswOzE2Njc1MzU2NjU7MjswMjHl9ZQXDNvFMWtawjVBWf12dmZLtiGxNC4/iCkd/dczJQ==
.yahoo.com/	1970-01-20 15:58:13	Name: A3 Value: d=AQABBDGTZGMCECK7M-sOLlTmcSULDpjDn4QFEgEBAQHkZWNuYwAAAAAA_eMAAA&S=AQAAAusYugGp0GbJoKkJugxA_Cw
qr.net/	1970-01-20 07:12:15	Name: outbrain_cid_fetch Value: true
qr.net/	1970-01-20 07:13:42	Name: _hjShownFeedbackMessage Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
bat.bing.com
cdn.linkedin.oribi.io
cdn.taboola.com
connect.facebook.net
conversion.adshop.infolinks.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
px.ads.linkedin.com
px4.ads.linkedin.com
qr.net
region1.google-analytics.com
s.yimg.com
script.hotjar.com
snap.licdn.com
sp.analytics.yahoo.com
ssl.google-analytics.com
static.hotjar.com
stats.g.doubleclick.net
tr.outbrain.com
translate.google.com
translate.googleapis.com
trc-events.taboola.com
trc.taboola.com
vars.hotjar.com
www.dwin1.com
www.facebook.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
13.107.42.14
13.225.78.69
141.226.228.48
151.101.129.44
18.66.147.113
188.40.28.36
199.212.255.245
2001:4860:4802:32::36
212.82.100.181
23.35.237.86
2600:9000:21f3:4a00:f:8ce2:fb80:93a1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:803::2003
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2008
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:400c:c1b::9a
2a02:26f0:3500:16::215:14a0
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.222.214.79
54.229.245.170
64.202.112.63
99.84.88.42
0d538fce920152e4c8fd591683f50500937e600e2fb9dfc46a8de2066c3e3aaf
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1108d9c16e258ebb7d76ca276f25feb22ea46f182455d7b8ed3cbd1507a19d48
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e8aaee7b22e3b9e1bc19ffe89e18f3bf4c516a11627e4e5169402eef82886ed
23084b00ffe368652957dcb8afc244c1c432069472e90048b07634fccd27440b
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c31f8bb314c9d47e89662daac66d55d23a2db294da120978e1d33438b992b73
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3f50a1ccb55e595667f30077ae38364f5d3eab17837057fd32a0e2bc13cd9013
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446964133847402469bdec71cf2eec7144e4040ddb11c5116fa7e16079d3ffdd
46c154188ef335388ee225ebb723eb607fce55e87f9661d59940402d69901e88
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4ede7c61ced76210d61b5737b39e48dfb7e3aa65022fd757442ab518b0b5df84
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5b82ecae1f93fb1aff35fd8bdb40881935f9d95aacf0f9e5215e4b1e4a0916c2
618d46449b67812c0fc2872fb531603af894169ee594bddc0c272cfbb008b919
67720fd29a77a78083b3baa44d621b473f0da3b276f96c197b6803b2f9268c9b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
81cbb13eac987c4c2ffdec2de5eebf62f0aa18f45a2461d0665db31e96500ee0
84e103b5ac097912e0bee4edaceda56abf044ab74ba18e1d2bce4a728f239731
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a18177c09e1a35ec7b3e03c0fa920f1b7f8442c6e783b62b9513b6715db9b19
8f0234cadec8f9755a2b8aa9a745c354a5fbbff63a241a774c156cf93d375413
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a0c54565064d56cda8e713bc827744ad61a817b898a863c677789153ffd25a93
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ccff1c79aca091e33eedd30d6b6ed267f09a37378a23c6709d444eb5039b4a52
cef9ae613e310483b7a82169bdabb06d68af52447bdf6b586b234cf97f7bfcb7
d2667aa38599ee0de5244f5ea6aa603484f9cbaf6fea5bfe67d9d15cc7daa731
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d45014fa88918c35f5c3401458f0a26c0f45fe6132fc31a227b186ebe55d5d84
d85f0f149b4390bed6624bc30ca2cbfa37d394f14474fcf81d63363ad363e284
da4bb2ce747d2b411e363703cf45ec3927a2fd1d0a041e93378608ce489b46b3
db8b80b4d32e48c9059b6aaf10e281adbad861bed0e6f0562645e0769f3f4931
e35999381897270c6e71e23c6fe133f43b72cd45da1b5be336944b6add533c10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da

qr.net Open in urlscan Pro 188.40.28.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

59 %IPv6

21 Domains

34 Subdomains

31 IPs

7 Countries

854 kBTransfer

2345 kBSize

34 Cookies

3 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qr.net Open in urlscan Pro
188.40.28.36 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

59 %
IPv6

21
Domains

34
Subdomains

31
IPs

7
Countries

854 kB
Transfer

2345 kB
Size

34
Cookies

60 HTTP transactions
1 data transactions