diff --git a/pikit-web/onboarding/index.html b/pikit-web/onboarding/index.html
index fdfdf3e..997f0e3 100644
--- a/pikit-web/onboarding/index.html
+++ b/pikit-web/onboarding/index.html
@@ -85,17 +85,19 @@
         <button id="continueBtn">Go to secure dashboard</button>
       </section>
 
+      
       <section class="qr-wrap">
         <div class="qr-block">
           <div>
             <p class="qr-title">Use your phone</p>
-            <p class="subtle tiny">Scan to open https://pikit.local</p>
+            <p class="subtle tiny">Scan to open http://pikit.local</p>
           </div>
-          <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAALQAAAC0CAYAAAA9zQYyAAAAAklEQVR4AewaftIAAAVgSURBVO3BMWol3Q5G0W1xAwcddioEmv+YBEITeeFL6jTUpdr+rf7W+uDz129EljBEFjFEFjFEFjFEFjFEFjFEFnnxJ9XDT5XhXKkenpbhXKkeTjKck+rhrgznrurhp8pwLhgiixgiixgiixgiixgiixgii7x4V4bz3aqHn6p6OMlwrlQPJ9XDlQznHRnOd6sebjJEFjFEFjFEFjFEFjFEFjFEFnnxN1QPT8lwvkqG847q4UqGs0318KQM50GGyCKGyCKGyCKGyCKGyCIv5P+qhydVDycZzkn1cFeGIxgiixgiixgiixgiixgiixgii7yQ/8tw3lE9XMlwTqoHeZwhsoghsoghsoghsoghssiLvyHD+a/KcE6qhydVD1+leriS4Twpw/kPM0QWMUQWMUQWMUQWMUQWMUQWefGu6uEnqh5OMpyT6uEkw7lSPZxkOCfVw5UM56R6eFL18AMZIosYIosYIosYIosYIosYIou8+JMM519SPZxkOCfVw5UM56R6OMlwvkKGs4whsoghsoghsoghsoghssiLd1UPd2U4J9XDlQznpHq4K8N5R/XwpAznpHr4CtXDSYZzpXr4L8hwLhgiixgiixgiixgiixgiixgii3zw+es3J9XDSYZzV/VwkuE8qXq4kuGcVA/vyHCuVA8nGc6TqocnZTjfrXo4yXAuGCKLGCKLGCKLGCKLGCKLGOIfX4bz/UB18yXAuVA8nmU4J9XDkwznVGf4IIbI IobI IobI IobI IobyIjP8nw3pUPTxNcK5UD2cZzkn1cFeGcxgiixgiixgiixgiixgiixgii7w4R/Xw1OU4J9VDycZTmn1cFeGcxgiixgiixgiixgiixgiixgii7xwR/Xw1OU4J9VDycZTmn1cF eAIrGCKLGCKLGCKLGCKLGCKLvHgXhuf9IHq4yXCuVA9nmU4J9XDkwznVGf4IIbI IobI IobI IobI IobyIjv+Q/6tw3lE9XMlwTqoHeZwhsoghsoghsoghsoghssiLvyHD+a/KcE6qhydVD0/lXhXKyR6eluFcqR5OMpyT6uGuDOeu6uGnynAuGCKLGCKLGCKLGCKLGCKLGCIL/ADzYO+b5TgVYwAAAABJRU5ErkJggg==" alt="QR code to https://pikit.local" />
+          <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAMgAAADICAYAAACtWK6eAAAAAklEQVR4AewaftIAAAVnSURBVO3BMXYl2RFDQTDP92jRp/mw/wUhFyNjjHEG1TrVKpLTuhFvev/4FIB/NAJQjQBUIwDVCEA1AlCNAFQjANVLv5KN/iQ+VpONrvhYTTb6N/Gx7spGfxIfqxgBqEYAqhGAagSgGgGoRgCql36Hj/XTZKOnZKMn+FhNNnpCNrriY93lY/002eiGEYBqBKAaAahGAKoRgGoEoBoBqF56UjZ6go/10/hYT/CxrmSjxsdqstF3yEZP8LEeMAJQjQBUIwDVCEA1AlCNAFQv4X8jGzU+1l3Z6IqP1WSjxsfCL40AVCMA1QhANQJQjQBUIwDVCED1Ev57PlaTjZps9JRshMeMAFQjANUIQDUCUI0AVCMA1UtP8rH+TXysu3ysJhtd8bHuykZ3ZKMrPtYTfKx/kRGAagSgGgGoRgCqEYBqBKB66Xdkoz9JNrriYzXZqPGxrmSjxse6y8dqstFTstEfYgSgGgGoRgCqEYBqBKAaAahGAKo3vX98Cn/JRnf5WE02uuJj4UcaAahGAKoRgGoEoBoBqEYAqpd+Rza6y8e6ko0aH6vJRnf5WHdlo8bHupKNGh/rCdnoio/VZKMrPlaTjX4aH6sYAahGAKoRgGoEoBoBqEYAqhGA6qVfyUaNj3UlG93lYzXZqPGxnpKNGh+ryUZXfKwmG13xsZ6QjZ7gY32HbHTDCEA1AlCNAFQjANUIQDUCUL3p/eNTT8lGd/lYTTZ6go91VzZ6go91JRs1PtZ3yEZ3+FhXstETfKxiBKAaAahGAKoRgGoEoBoBqF76lWzU+FhXfKy7stEdPtZd2eiKj3WHj3UlGzXZ6AnZ6IqP1WSj7+BjNdnoio91wwhANQJQjQBUIwDVCEA1AlCNAFQvfZdsdMXHuiMb/dv4WHdloyYb3ZWN7vKx7shGV3ysu7JR42MVIwDVCEA1AlCNAFQjANUIQPWm949P/UTZqPGxnpCN7vKx7spGT/Cxmmz0FB/rjmx0xce6Kxs1PlYxAlCNAFQjANUIQDUCUI0AVCMA1Uu/ko0aH+tKNmp8rCdkoys+VuNjXclGT/Cxmmz0HXysJ2Sjxse6ko2+2AhANQJQjQBUIwDVCEA1AlC96f3jU3dloys+1hOyUeNjPSUbfTUf665sdJePdVc2anysKz7WDSMA1QhANQJQjQBUIwDVCEA1AlC9hL9loys+VpONmmx0xce6Kxvd4WNdyUaNj3UlG92Rja74WHdlo8bHKkYAqhGAagSgGgGoRgCqEYDqpSf5WH+SbNT4WE02upKN7vKxmmzUZKMrPtZdPlaTjZ6Qja74WDeMAFQjANUIQDUCUI0AVCMA1QhA9dLvyEZ/Eh/rrmx0l4/1BB+ryUZ3ZaO7fKzvkI0aH6sYAahGAKoRgGoEoBoBqEYAqje9f3wKwD8aAahGAKoRgGoEoBoBqEYAqv8ASvCWxtlGWh4AAAAASUVORK5CYII=" alt="QR code to http://pikit.local" />
         </div>
       </section>
 
 
+
       <p class="footnote">Once trusted, this page will auto-forward you to the secure dashboard.</p>
       <p class="footnote">If the hostname ever fails, try http://&lt;pi-ip&gt;/ (or https://&lt;pi-ip&gt;/ — your browser will show the same warning to bypass).</p>
     </main>
@@ -169,11 +171,10 @@
         const has = (s) => ua.includes(s) || platform.includes(s);
         if (has("windows")) openOne("win");
         else if (has("mac")) openOne("mac");
-        else if (has("arch") || has("manjaro") || has("garuda")) openOne("arch");
-        else if (has("fedora") || has("centos") || has("rhel")) openOne("fedora");
-        else if (has("ubuntu") || has("debian") || has("mint")) openOne("deb");
+        else if (has("arch") || has("manjaro") || has("garuda") || has("endeavour")) openOne("arch");
+        else if (has("fedora") || has("centos") || has("rhel") || has("alma") || has("rocky")) openOne("fedora");
+        else if (has("ubuntu") || has("debian") || has("mint") || has("pop")) openOne("deb");
         else if (has("bsd")) openOne("bsd");
-        else if (has("linux")) openOne("deb");
 
         if (hasCookie) {
           statusChip.textContent = "HTTPS trusted — redirecting…";
