urlscan.io logo urlscan.io
SecurityTrails logo

qrco.de Open in urlscan Pro
13.225.77.45  Public Scan

Go To Rescan Add Verdict Report
URL: https://qrco.de/hjfk10?trackingid=9qrGmYAzHe1I&signature=newslet
Submission Tags: falconsandbox
Submission: On June 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 13.225.77.45, located in United States and belongs to AMAZON-02, US. The main domain is qrco.de. The Cisco Umbrella rank of the primary domain is 91821.
TLS certificate: Issued by Amazon on November 16th 2021. Valid for: a year.
This is the only time qrco.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 13.225.77.45 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
20 5
9    13.225.77.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-45.fra2.r.cloudfront.net
qrco.de
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
Apex Domain
Subdomains		 Transfer
9 qrco.de
qrco.de — Cisco Umbrella Rank: 91821
350 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 459
133 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 739
432 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
77 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
885 B
20 5
Domain Requested by
9 qrco.de qrco.de
8 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
1 geolocation.onetrust.com cdn.cookielaw.org
1 www.googletagmanager.com qrco.de
1 fonts.googleapis.com qrco.de
20 5
Subject Issuer Validity Valid
qrco.de
Amazon		 2021-11-16 -
2022-12-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://qrco.de/hjfk10?trackingid=9qrGmYAzHe1I&signature=newslet
Frame ID: 47087D8EDACE11EE2C01299A09362419
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

QR Code Generator - ShortenerCookies ButtonBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

20
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

561 kB
Transfer

2079 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hjfk10
qrco.de/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qrco.de/hjfk10?trackingid=9qrGmYAzHe1I&signature=newslet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-45.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
c4b04196c27d5816b3615092ef2553808f4ed1ad734b4b03ece4da7fa0e79fca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 06 Jun 2022 11:36:41 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-id
ZhXN2Ax7gq_uOUYWpMEVqdo1nj_n7FIoZrWcCQHmqh5AalYAI1inrw==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
libs.min.css
qrco.de/css/build/ 		51 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qrco.de/css/build/libs.min.css?1.264
Requested by
Host: qrco.de
URL: https://qrco.de/hjfk10?trackingid=9qrGmYAzHe1I&signature=newslet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-45.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
4923d769d1d3da957cd9f9f5030e33f6bcd881291a8ff3c2730bfe175d52fa15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qrco.de/hjfk10?trackingid=9qrGmYAzHe1I&signature=newslet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 11:27:43 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:45:54 GMT
server
nginx
age
538
etag
W/"62824782-cbd6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
gpJGDnVLJlkY1O0BdLPMYAAgsH6Tz0t2wZqqUgoAf8E9K4NDDV78SQ==
app.min.css
qrco.de/css/build/ 		1 MB
167 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qrco.de/css/build/app.min.css?1.264
Requested by
Host: qrco.de
URL: https://qrco.de/hjfk10?trackingid=9qrGmYAzHe1I&signature=newslet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-45.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
d442fd9241eb5181c3580788ad8ec6be2752e0f103f224d6edd09988abffb886

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qrco.de/hjfk10?trackingid=9qrGmYAzHe1I&signature=newslet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 11:27:43 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:45:54 GMT
server
nginx
age
538
etag
W/"62824782-108172"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
-nB91NlDa9LG3ogjE6Fzv69jYCI2SiHzSgxqWf_Ib9YPkz3IlwhYHw==
smartphone-preview.min.css
qrco.de/css/build/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qrco.de/css/build/smartphone-preview.min.css
Requested by
Host: qrco.de
URL: https://qrco.de/hjfk10?trackingid=9qrGmYAzHe1I&signature=newslet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-45.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
b65a36ddd85def0f675ac5897c25598e43dcc39fc2a45aeaabd316f3dc943187

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qrco.de/hjfk10?trackingid=9qrGmYAzHe1I&signature=newslet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 11:27:17 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:45:54 GMT
server
nginx
age
564
etag
W/"62824782-6aed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Uztnmd1Y2ab37b2YA1bl83R1qZKfWsGs9xlIMutRfk9sw0lIbew_lA==
css
fonts.googleapis.com/ 		1 KB
885 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,700
Requested by
Host: qrco.de
URL: https://qrco.de/hjfk10?trackingid=9qrGmYAzHe1I&signature=newslet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4d6d4261ff8934fae656f8b18ac4b856479f47c9cec48e7abaf4ba1b50e4f8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qrco.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 10:13:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Jun 2022 11:36:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Jun 2022 11:36:41 GMT
gtm.js
www.googletagmanager.com/ 		233 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TNVMQJV
Requested by
Host: qrco.de
URL: https://qrco.de/hjfk10?trackingid=9qrGmYAzHe1I&signature=newslet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b4bba36ced73676af9f8cf29e9736e58c9f28818f83246e394271e31b4266a93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qrco.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 11:36:42 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78786
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Jun 2022 11:36:42 GMT
qrbackend2.woff
qrco.de/css/build/fonts/qrbackend/fonts/ 		80 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qrco.de/css/build/fonts/qrbackend/fonts/qrbackend2.woff
Requested by
Host: qrco.de
URL: https://qrco.de/css/build/app.min.css?1.264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-45.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
598eb75b4f5a20db95116b749fc4f414255d1a4b24df3f2e173be94af13632cd

Request headers

Referer
https://qrco.de/css/build/app.min.css?1.264
Origin
https://qrco.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 11:36:42 GMT
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
last-modified
Mon, 16 May 2022 12:45:54 GMT
server
nginx
x-amz-cf-pop
FRA2-C2
etag
"62824782-13f0c"
x-cache
RefreshHit from cloudfront
content-type
application/font-woff
accept-ranges
bytes
content-length
81676
x-amz-cf-id
AgDcIjTNKL_SfNQt-KdeQKGtfpNTAwg4_meU3SuPWQmK0ri0R3ihvw==
source-sans-pro-700.woff
qrco.de/css/build/fonts/source_sans/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qrco.de/css/build/fonts/source_sans/source-sans-pro-700.woff
Requested by
Host: qrco.de
URL: https://qrco.de/css/build/app.min.css?1.264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-45.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
d8dd0de638293eb62dba15a6e410fb0af9a5b36c35df226237b1b609d573c63e

Request headers

Referer
https://qrco.de/css/build/app.min.css?1.264
Origin
https://qrco.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 11:27:44 GMT
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
last-modified
Mon, 16 May 2022 12:45:54 GMT
server
nginx
age
538
etag
"62824782-4db8"
x-cache
Hit from cloudfront
content-type
application/font-woff
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
19896
x-amz-cf-id
qMCN84hzDtBGCDFnPaF85Ou-qh0Gg31A0Py8zIem8vDfnqjTVgZy5w==
source-sans-pro-300.woff
qrco.de/css/build/fonts/source_sans/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qrco.de/css/build/fonts/source_sans/source-sans-pro-300.woff
Requested by
Host: qrco.de
URL: https://qrco.de/css/build/app.min.css?1.264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-45.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
4c24262a87fdf021d377bf7e4d6c08ce81a1862e774facca70713391a4cd3bc7

Request headers

Referer
https://qrco.de/css/build/app.min.css?1.264
Origin
https://qrco.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 11:27:44 GMT
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
last-modified
Mon, 16 May 2022 12:45:54 GMT
server
nginx
age
538
etag
"62824782-4eec"
x-cache
Hit from cloudfront
content-type
application/font-woff
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
20204
x-amz-cf-id
TDcItlxSZFpMRSTexMr3Qt2pCWo5rsIhs4rV2ChFSDpJpj4oIW7e9A==
source-sans-pro-400.woff
qrco.de/css/build/fonts/source_sans/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qrco.de/css/build/fonts/source_sans/source-sans-pro-400.woff
Requested by
Host: qrco.de
URL: https://qrco.de/css/build/app.min.css?1.264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-45.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
38399efe707a8ffc12359a0086e7340315b42194a10fd2e1d1288be12da9e39c

Request headers

Referer
https://qrco.de/css/build/app.min.css?1.264
Origin
https://qrco.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 11:27:44 GMT
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
last-modified
Mon, 16 May 2022 12:45:54 GMT
server
nginx
age
538
etag
"62824782-4ed4"
x-cache
Hit from cloudfront
content-type
application/font-woff
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
20180
x-amz-cf-id
PDAAfaVdzu48qkd2qF37N_OHUSAzZf5pbN04NmP7ufRELga0VUEDYA==
source-sans-pro-600.woff
qrco.de/css/build/fonts/source_sans/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qrco.de/css/build/fonts/source_sans/source-sans-pro-600.woff
Requested by
Host: qrco.de
URL: https://qrco.de/css/build/app.min.css?1.264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-45.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
c08efa91781865d1a2e9fcb030f8ac55c2d8eadbf8822c2ea251556333f99d9c

Request headers

Referer
https://qrco.de/css/build/app.min.css?1.264
Origin
https://qrco.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 11:27:44 GMT
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
last-modified
Mon, 16 May 2022 12:45:54 GMT
server
nginx
age
538
etag
"62824782-4e80"
x-cache
Hit from cloudfront
content-type
application/font-woff
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
20096
x-amz-cf-id
JfTOzWOfVM23D0L4mJ-WsDJLphmUnGMSOCzWCdntlXGN3oZkNNH2jg==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TNVMQJV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5699a9f1ae7a130fcd36591551ae1443606804654acae67173e1c9dda43848b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qrco.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Jun 2022 11:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
g2v9xMx/aUUS06TIQnKQZA==
age
13681
vary
Accept-Encoding
content-length
6830
x-ms-lease-status
unlocked
last-modified
Mon, 06 Jun 2022 06:21:09 GMT
server
cloudflare
etag
0x8DA4784BF33387E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5ddb321d-501e-000a-5c71-79c16f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7170da10686b9153-FRA
77ee6f9e-9c37-487b-9fb6-cdfb977a2841-test.json
cdn.cookielaw.org/consent/77ee6f9e-9c37-487b-9fb6-cdfb977a2841-test/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/77ee6f9e-9c37-487b-9fb6-cdfb977a2841-test/77ee6f9e-9c37-487b-9fb6-cdfb977a2841-test.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd8d28406a687c5ba728b925170e744c654a9a2a4090f9d6c609039ef378a4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qrco.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Jun 2022 11:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
PH/1zyqeXP4MQm9ZhWgcew==
content-length
1621
x-ms-lease-status
unlocked
last-modified
Mon, 30 May 2022 10:19:39 GMT
server
cloudflare
etag
0x8DA4225E7CB84B6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d23db4fa-e01e-005c-4d99-79291f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7170da114d3f68ef-FRA
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		153 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://qrco.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 11:36:42 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7170da124ee4692e-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.35.0/ 		360 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qrco.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Jun 2022 11:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
bDp57sS049dDkRqCL4m53Q==
age
4802
vary
Accept-Encoding
content-length
87115
x-ms-lease-status
unlocked
last-modified
Mon, 06 Jun 2022 06:21:06 GMT
server
cloudflare
etag
0x8DA4784BD4AE529
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
74e8856d-c01e-0004-086f-792d64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7170da12bd369153-FRA
en.json
cdn.cookielaw.org/consent/77ee6f9e-9c37-487b-9fb6-cdfb977a2841-test/746214f9-c55f-4174-a360-e7c4807e580b/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/77ee6f9e-9c37-487b-9fb6-cdfb977a2841-test/746214f9-c55f-4174-a360-e7c4807e580b/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a63add728cfe1beef449e8cda99cb251f25d6aa32945f85cbe07cda74af63f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qrco.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Jun 2022 11:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
fWH/JbDGYS9+z0mAiVo9dA==
content-length
15022
x-ms-lease-status
unlocked
last-modified
Mon, 30 May 2022 10:19:45 GMT
server
cloudflare
etag
0x8DA4225EAFFF7D8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
764d50c4-a01e-0176-1199-791a0f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7170da13597e68ef-FRA
otFloatingRoundedIcon.json
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 		16 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFloatingRoundedIcon.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a888ea6d5d038815dff899fbf323e33c68196968b44cecd2b30303e59d0e1154
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qrco.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Jun 2022 11:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
k/TPdeIPvu9LtKYi5IINhw==
age
7842
vary
Accept-Encoding
content-length
3789
x-ms-lease-status
unlocked
last-modified
Thu, 12 May 2022 19:17:56 GMT
server
cloudflare
etag
0x8DA344C1E82488A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0cf83ad4-f01e-0147-19b3-6a41d8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7170da13da7b68ef-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.35.0/assets/v2/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74420758de35d9e305c4be91525ace39bc3961b99841ab0624834b863b7cd01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qrco.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Jun 2022 11:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LrLVzrJD9h3ON5w7RMLtUg==
age
7842
vary
Accept-Encoding
content-length
12974
x-ms-lease-status
unlocked
last-modified
Thu, 12 May 2022 19:17:57 GMT
server
cloudflare
etag
0x8DA344C1F3FFF8A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
fec0b1f1-b01e-0126-37b3-6a0507000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7170da13da7d68ef-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qrco.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Jun 2022 11:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/wtHD+oYY7dZRzCx50GZrQ==
age
7842
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 12 May 2022 19:18:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
871019b8-901e-00f2-22b3-6a0a72000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7170da13da7f68ef-FRA
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qrco.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Jun 2022 11:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LpuayL42jB78xRllx0vkOw==
age
11555
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Mon, 06 Jun 2022 06:21:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
dfd553d1-801e-00a9-0773-790d0e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7170da1489a59153-FRA

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| dataLayer object| LABELS string| webroot string| GLOBAL_CSRF_TOKEN function| postscribe object| google_tag_manager_external object| google_tag_manager function| removeOneTrustBanner object| OneTrustStub function| OptanonWrapper string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust

1 Cookies

Domain/Path Name / Value
qrco.de/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Jun+06+2022+11%3A36%3A42+GMT%2B0000+(GMT)&version=6.35.0&isIABGlobal=false&hosts=&consentId=f63fdf27-7ada-4ce2-8a49-5e515d3ce794&interactionCount=0&landingPath=https%3A%2F%2Fqrco.de%2Fhjfk10%3Ftrackingid%3D9qrGmYAzHe1I%26signature%3Dnewslet&groups=C0004%3A0%2CC0001%3A1%2CC0002%3A0%2CC0003%3A0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
fonts.googleapis.com
geolocation.onetrust.com
qrco.de
www.googletagmanager.com
13.225.77.45
2606:4700:10::6814:b944
2606:4700::6810:9540
2a00:1450:4001:80f::200a
2a00:1450:4001:830::2008
0a63add728cfe1beef449e8cda99cb251f25d6aa32945f85cbe07cda74af63f5
38399efe707a8ffc12359a0086e7340315b42194a10fd2e1d1288be12da9e39c
4923d769d1d3da957cd9f9f5030e33f6bcd881291a8ff3c2730bfe175d52fa15
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4c24262a87fdf021d377bf7e4d6c08ce81a1862e774facca70713391a4cd3bc7
598eb75b4f5a20db95116b749fc4f414255d1a4b24df3f2e173be94af13632cd
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
a888ea6d5d038815dff899fbf323e33c68196968b44cecd2b30303e59d0e1154
afd8d28406a687c5ba728b925170e744c654a9a2a4090f9d6c609039ef378a4a
b4bba36ced73676af9f8cf29e9736e58c9f28818f83246e394271e31b4266a93
b4d6d4261ff8934fae656f8b18ac4b856479f47c9cec48e7abaf4ba1b50e4f8c
b65a36ddd85def0f675ac5897c25598e43dcc39fc2a45aeaabd316f3dc943187
b74420758de35d9e305c4be91525ace39bc3961b99841ab0624834b863b7cd01
c08efa91781865d1a2e9fcb030f8ac55c2d8eadbf8822c2ea251556333f99d9c
c4b04196c27d5816b3615092ef2553808f4ed1ad734b4b03ece4da7fa0e79fca
d442fd9241eb5181c3580788ad8ec6be2752e0f103f224d6edd09988abffb886
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
d8dd0de638293eb62dba15a6e410fb0af9a5b36c35df226237b1b609d573c63e
f5699a9f1ae7a130fcd36591551ae1443606804654acae67173e1c9dda43848b