CONTINUOUS INTERNET TELEMETRY24H DRIFT2,036 material changesacross 1,855 domains · +77 vs yesterdayDNS DRIFT22 domains changed DNS providertop destination parity.domains · +3 vs yesterdayEMAIL DRIFT4 domains switched email providertop destination google.com · +1 vs yesterdayCERT DRIFT2 domains switched issuing CA24hNOW3,448 curated domains not answeringlast probe, steadyERRORS8,549 responded with an errorlast probe · 5xx / 404 / TLSTHROTTLED2,314 throttled or blocked our scanner429 rate-limit / 403 bot-block24H DRIFT2,036 material changesacross 1,855 domains · +77 vs yesterdayDNS DRIFT22 domains changed DNS providertop destination parity.domains · +3 vs yesterdayEMAIL DRIFT4 domains switched email providertop destination google.com · +1 vs yesterdayCERT DRIFT2 domains switched issuing CA24hNOW3,448 curated domains not answeringlast probe, steadyERRORS8,549 responded with an errorlast probe · 5xx / 404 / TLSTHROTTLED2,314 throttled or blocked our scanner429 rate-limit / 403 bot-block

qrserver.com

Observed 2026-07-14T22:44:29.589Z (4h ago). Every field below was attested with an Ed25519 signature at scan time.

Guarded by a firewall
Runs onCloudflare
Also usesGoogle Search Console
2 subdomains · tranco_40k
Every line above is a signed observation. Check the math at the bottom of the page.
INFRASTRUCTURE MAPwhat qrserver.com actually stands on - every host below is a signed observation
qrserver.com
A / AAAA
127.0.0.1
Cloudflareserves the site
NS
ns.domrobot.comns.domrobot.netns.domrobot.org
domrobot.com + domrobot.net + moreanswers its DNS
MX
mx01.hornetsecurity.commx02.hornetsecurity.commx03.hornetsecurity.commx04.hornetsecurity.com
hornetsecurity.comreceives its email

HTTPS probe

bot_blocked Blocked our probe (WAF / bot protection) 403 blocked by cloudflare - bot protection active
HTTP status403
Servercloudflare
TLS protocolHTTP/2
TLS issuernot observed
Behind Cloudflareyes
Response time109 ms
DNS resolutionNOERROR

Every field above is part of the same signed observation as the records below. Blank means not observed, never "none".

DNS Records

A 1

  • 127.0.0.1

MX 4

  • 10mx01.hornetsecurity.com
  • 20mx02.hornetsecurity.com
  • 30mx03.hornetsecurity.com
  • 40mx04.hornetsecurity.com

TXT 1

  • google-site-verification=iVYvKG-CL4TcrMwgCfz8q37x_S0vS7agPy8w_Am0UFc

NS 3

  • ns.domrobot.com
  • ns.domrobot.net
  • ns.domrobot.org

SOA 1

  • ns.domrobot.com hostmaster.inwx.de

TLS Certificates (0)

None.

Subdomains (2)

The proof

Signed at scan time. Check the math yourself. Every line above is part of one signed observation. Re-hash it and check the Ed25519 signature in your own browser; nothing leaves your machine.

Verify this receipt

Put the receipt on your own site. A live badge showing what DomainDrift observes and signs for qrserver.com. It updates itself. It attests a signed observation - not that the site is safe.

DomainDrift signed-observation badge for qrserver.com <a href="https://domaindrift.io/t/qrserver.com"> <img src="https://domaindrift.io/badge/qrserver.com.svg" width="300" height="64" alt="DomainDrift signed observations for qrserver.com"> </a>

Ed25519 Receipt

Receipt ID
6e0e6eb5-397d-4c6d-b083-2ae43c56ddad
Output Hash
65b4c8191a4abd455f91f2371f5c430e34769c81dee36ec89003ac9d6ca8f7d1
Signature
ed25519:8da0052f2bc76171b3fdce040814ea2f2fe4638b4bf4a2ed616d756f90409849a12d62d76317efcbebe1809ee768cd7137a8fd2add5660083cf06f35463ebe05
Public Key
ed25519:d610d74ef18f683e5beb859d241d5e67dff0c122e8928b06bec1c2476f4ba27b
Parent
(genesis)
Plane
fast
Verify this in your browser