check.qr.abundera.ai
QR code safety checker

Don't trust a QR until it's been cleared.

A QR code is a stranger handing you an envelope. Open it without checking and you can land on a credential-phishing page, an evil-twin WiFi, a wallet-drainer transaction, or an Android intent that sideloads malware. We trace the chain, screen the destination, and tell you who can change it after the QR was printed — the question that decides whether a parking-meter sticker, a restaurant menu, or a corporate MFA flyer is actually safe.

No signup, no account Payload never persisted Camera decoding stays local Mac, Windows, iOS, Android apps soon

Scan a QR code using your camera, upload an image, paste an image, or paste decoded text.

Camera and image decoding happen in your browser. Only the decoded text is sent to our analyzer.

How it works

  1. 1

    Decode

    Your browser decodes the QR locally (jsQR). The image never leaves your device. We only see the textual payload.

  2. 2

    Dispatch

    The payload is classified by URI scheme, structured-format prefix, or content heuristic into one of 13 categories: HTTP URL, WiFi, vCard, telephony, mail, Android intent, cryptocurrency, content-addressed, inline data, calendar, geo, hard-blocked scheme, or plain text. Each category goes to its dedicated analyzer.

  3. 3

    Trace + classify

    For HTTP URLs, we trace the redirect chain through indirection services (Bitly, Linktree, QR Tiger, & ~80 others), record per-hop intermediaries, classify mutability (static / dynamic-single / dynamic-chained / ad-interstitial / cyclic), and attribute control to each indirection-service operator. In parallel we screen the destination against Google Safe Browsing and URLhaus.

  4. 4

    Unify

    We compose a single verdict shape that's invariant across payload types: threat_class, mutability, chain, attribution, sub_payloads, plain-language disclosure. Sub-payloads embedded in a parent (URLs in a vCard NOTE field, SSIDs containing a link, etc.) are recursively dispatched.

What we catch that URL-only tools miss

URL-class threat scanners cover only one of 13 payload categories that a QR code can carry. Each of the other 12 has its own type-specific attack surface.

Redirect chain & mutability

Trace every hop. Detect Bitly + Linktree chains. Identify indirection-service operators. Surface the parties who can change the destination after print.

WiFi evil-twin SSIDs

SSID normalized against a high-mimicry-target list (Starbucks WiFi, airport free WiFi, hotel chains). Confusables-decoded. Open / weak-WEP / hidden flags surfaced.

vCard contact poisoning

Detect CRLF injection and BEGIN-block smuggling. Homograph FN / ORG. URL, TEL, EMAIL sub-fields recursively analyzed. NOTE-field URL extraction.

Premium-rate telephony

Match against US 900/976, UK premium-rate prefixes, IRSF country codes (Inmarsat, Globalstar, satellite ranges). SMS body URL extraction.

Mailto display-name spoofing

Display name vs. brand list with confusables. Mail-domain reputation. Subject + body URL extraction and credential-phrase detection.

Android intent sideload

Target package matched against allowlist + blocklist (MMRat, banking-trojan packages). Typosquat-package detection. Browser fallback URL recursively analyzed.

Crypto wallet drainers

Per-chain address format + checksum validation. EVM function-selector detection (approve, setApprovalForAll, permit). Chainabuse reputation.

IPFS / magnet mutability

Resolve IPFS CIDs through public gateway with bounded budget. Flag IPNS as mutable (owner can change). Magnet infohash + display-name analysis.

Calendar event injection

VEVENT sub-field URL extraction (LOCATION, DESCRIPTION, URL). ATTENDEE / ORGANIZER dispatched to mail analyzer. Far-future-date flag for meeting-spam patterns.

data: URI executable hard-block

MIME-allowlist enforcement (image/* + text/plain only). Base64 decode + magic-byte check for MZ, ELF, shebang. Hard-block on match.

Hard-blocked schemes

javascript:, file:, ftp:, gopher: — no network egress, immediate block with a "do not proceed" UI affordance.

Plain-text prompt injection & secrets

Detect Ignore previous instructions-class patterns. Match leaked Stripe / AWS / GitHub / JWT / PEM secrets without echoing them. Mixed-script density flag.

Why mutability matters

What URL-only tools say

"https://bit.ly/3xyz → walmart.com — clean ✓"

True. But the QR sticker on a parking meter routes through Bitly first. The account that owns bit.ly/3xyz can change the destination to a phishing page in 30 seconds. Every subsequent scan from that printed sticker now goes to phishing.

What we say

"Dynamic-single via Bitly. The Bitly account holder can change where this QR ends up after print. Currently routes to walmart.com (clean)."

Two independent verdict fields. Threat is about now; mutability is about who can change later. Both matter when the QR is on a printed surface that you can't un-print.

Pricing

Browser decoding is unmetered. Server-side classification (chain walk + reputation + 13-analyzer suite) is metered.

Try it

$0

No signup, just scan.

  • 5 scans / 24h per network
  • Burst cap: 3 / minute
  • Full mutability + redirect-chain analysis
  • Reputation: Safe Browsing + URLhaus
  • All 13 payload-type analyzers
  • No metering on browser decoding

Use it now ↑

Free Coming soon

$0

Email signup. More room to scan.

  • 50 scans / 24h per account
  • Burst cap: 15 / minute
  • Scan history (30 days)
  • 1 active mutation alert
  • All free-tier reputation sources

Join waitlist

Pro Most popular

$29/mo

For builders, brands, and security-aware teams.

  • 2,500 scans / 24h, 60 / min
  • REST API + per-team API keys
  • Mutation alerts — email when a tracked QR's destination changes
  • Chainabuse + VirusTotal + urlscan.io
  • Bulk CSV scanning + 90-day scan history
  • Webhook delivery on verdict

Get early access →

Business

$149/mo

For wallets, MSSPs, and high-volume products.

  • 3,000 scans / 24h, 200 / min
  • Everything in Pro
  • Custom-domain endpoint mirroring
  • Priority Chainabuse + VirusTotal quotas
  • Webhook + Slack / Teams delivery
  • 99.9% endpoint SLA

Talk to us

Enterprise Quishing-defense

Custom

Stop credential-phishing QRs at the corporate edge. Per-seat licensing for the workforce.

  • Fair-use scan pool sized to your headcount
  • MDM-distributed iOS / Android / desktop apps
  • SSO (SAML, OIDC) + SCIM provisioning
  • SIEM webhooks (Splunk, Sentinel, Sumo, Chronicle)
  • Per-tenant blocklists + indicator feeds
  • SOC 2 Type II · DPA · BAA available
  • Private VPC / on-prem deployment option
  • 99.95% SLA · 24×7 incident response

Contact sales →

Enterprise pricing reflects the real cost of quishing: a single employee clearing a malicious QR on the corporate network is the same attack surface as a phishing email that bypassed Microsoft Defender. Paid tiers map to disclosures in our pending QR-payload threat classification patents.

Native apps coming soon

Same engine, native on macOS, Windows, Linux, iOS, and Android. Camera scan stays on-device; classification goes to the same endpoint. abundera.app →

Questions

How is this different from Google Safe Browsing or VirusTotal?

Existing tools classify whether a URL is currently malicious. We additionally classify whether the destination is controllable by a third party after the QR was printed — a property we call mutability. A clean dynamic QR routed through a shortener is still high-risk for a parking-meter sticker or wedding invitation: the shortener account holder can change the destination at any time. We surface this control-posture as a first-class verdict field alongside the threat-content verdict.

Do you store the QR I scanned?

No. The decoded payload travels to our server over HTTPS so we can walk the chain and query reputation databases — that's a functional necessity, not a choice — but it is never persisted. Verdicts are cached by a SHA-256 hash of a per-payload-type discriminator concatenated with a server-held secret salt. The original payload cannot be reconstructed from any cache entry.

Why a separate domain from qr.abundera.ai?

qr.abundera.ai is a generator that promises everything-client-side: nothing leaves your device. This safety checker transmits the decoded payload to the server by necessity. We separate the two surfaces so the client-only promise stays clean on the generator domain, and the inverted-privacy-model surface stays clearly labeled here.

What's the mutation alert feature?

Pro tier. Submit a QR for tracking, and we re-walk the chain on a periodic cadence. Email when the redirect targets, terminal destination, or the set of indirection-service operators changes. This catches the most common quishing-in-the-wild pattern: print a clean QR, switch the destination to phishing months later, harvest scans from the printed asset.

Can I embed this in my security product?

Yes, on the Pro tier. The API is RESTful, returns a structured JSON verdict with payload-type, threat-class, mutability, redirect chain, per-hop control attribution, and sub-payload findings. Designed for embedding in wallet apps, mobile security suites, enterprise URL filtering, and corporate Slack / Teams link-preview enrichers.

Open-source?

Not at this time — the codebase backs pending patents on multi-modal QR payload threat classification (QR-17 + QR-18). Once the non-provisionals file, we'll publish reference implementations of the disclosed algorithms.