www.qhcar.net Open in urlscan Pro
68.66.226.92 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.qhcar.net/
Submission: On October 02 via api (October 2nd 2024, 2:58:01 pm UTC) from US — Scanned from DE

Summary HTTP 45 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 45 HTTP transactions. The main IP is 68.66.226.92, located in United States and belongs to A2HOSTING, US. The main domain is www.qhcar.net.
TLS certificate: Issued by R10 on September 4th 2024. Valid for: 3 months.

This is the only time www.qhcar.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	68.66.226.92 68.66.226.92	55293 (A2HOSTING) (A2HOSTING)
10	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
20	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	39.156.66.111 39.156.66.111	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3037::6815:1a0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
45	10

3 68.66.226.92 (United States)

ASN55293 (A2HOSTING, US)
PTR: az1-ts4.a2hosting.com

www.qhcar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.yunjiema.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 39.156.66.111 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

libs.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:1a0c (United States)

ASN13335 (CLOUDFLARENET, US)

1.jacie.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	yunjiema.net static.yunjiema.net	383 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	310 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 3391	22 KB
3	jacie.top 1.jacie.top	22 KB
3	qhcar.net www.qhcar.net	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	171 KB
1	baidu.com libs.baidu.com — Cisco Umbrella Rank: 196589	29 KB
45	7

	Domain	Requested by
20	static.yunjiema.net	www.qhcar.net static.yunjiema.net
10	pagead2.googlesyndication.com	www.qhcar.net pagead2.googlesyndication.com
3	1.jacie.top	www.qhcar.net 1.jacie.top
3	www.qhcar.net	www.qhcar.net
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.qhcar.net www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	libs.baidu.com	www.qhcar.net
45	9

This site contains links to these domains. Also see Links.

Domain
www.xxfseo.com

Subject Issuer	Validity	Valid
www.qhcar.net R10	`2024-09-04` - `2024-12-03`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
yunjiema.net WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
jacie.top WE1	`2024-08-06` - `2024-11-04`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.qhcar.net/
Frame ID: 4D85581031BC724E9867CF7089AE6AC6
Requests: 38 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240930/r20190131/zrt_lookup_fy2021.html
Frame ID: 178ED82910A7585CD2C72CB5D05B8FD1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1711213447767808&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1727881074&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.qhcar.net%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727881072931&bpp=1257&bdt=134&idt=1257&shv=r20240930&mjsv=m202409300101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2621184955642&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95343328%2C31087682&oid=2&pvsid=3069677060582906&tmod=1277399379&uas=0&nvt=1&fsapi=1&fc=1920&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1356
Frame ID: 71653AC13018448BBA4E55C852FAB46D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3993128489863289&output=html&h=280&slotname=7365343729&adk=1132976473&adf=1715028348&pi=t.ma~as.7365343729&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1727881074&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.qhcar.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727881074487&bpp=3&bdt=1691&idt=3&shv=r20240930&mjsv=m202409300101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2621184955642&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=307&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95343328%2C31087682&oid=2&pvsid=3069677060582906&tmod=1277399379&uas=0&nvt=1&fc=1920&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=9
Frame ID: 51D00D18BF9155D4A8954E7FC2FC90C0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3993128489863289&output=html&h=280&slotname=7365343729&adk=3539489905&adf=33162377&pi=t.ma~as.7365343729&w=1080&abgtt=6&fwrn=4&fwrnh=100&lmt=1727881074&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.qhcar.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727881074530&bpp=47&bdt=1733&idt=47&shv=r20240930&mjsv=m202409300101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2621184955642&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95343328%2C31087682&oid=2&pvsid=3069677060582906&tmod=1277399379&uas=0&nvt=1&fc=1920&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=51
Frame ID: 6E77EB80AA904FB5995AAAA51C6B6867
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3993128489863289&output=html&h=280&slotname=7365343729&adk=3539489905&adf=3178925079&pi=t.ma~as.7365343729&w=1080&abgtt=6&fwrn=4&fwrnh=100&lmt=1727881074&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.qhcar.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727881074612&bpp=3&bdt=1816&idt=3&shv=r20240930&mjsv=m202409300101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1110x280%2C1080x280&nras=1&correlator=2621184955642&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1693&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95343328%2C31087682&oid=2&pvsid=3069677060582906&tmod=1277399379&uas=0&nvt=1&fc=1920&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=15
Frame ID: 16D25E7AE58DB621A8ABEDC31F15698B
Requests: 1 HTTP requests in this frame

Frame: https://www.qhcar.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: 97FAA31F6120BF93926C4528219C6AFE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 4F6E4B385422C000C09D88506F1476E2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

免費在線领受短信验证码,短信接码,免費接短信,姑且手机号码 - 云接码

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

98 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

941 kB
Transfer

2224 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.xxfseo.com/?time=1727881072
Title: xxfseo.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.qhcar.net/ 28 KB
4 KB 1870ms
827ms Document
text/html 68.66.226.92
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.qhcar.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.92 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts4.a2hosting.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

a912697a598ee626b570fba572966fd44b3d348c84f103d60e3eda8a539203eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html;charset=utf-8
date: Wed, 02 Oct 2024 14:57:52 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 56ms
29ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1711213447767808

Requested by

Host: www.qhcar.net
URL: https://www.qhcar.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

835c4e607e4792ec7de8a1783d5ebd104245939d28a6e41c6b22261c0cef1a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.qhcar.net
Referer: https://www.qhcar.net/

Response headers

content-encoding: br
etag: 1398118954580018514
x-content-type-options: nosniff
expires: Wed, 02 Oct 2024 14:57:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 02 Oct 2024 14:57:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52481
x-xss-protection: 0
server: cafe

GET
H2 200 bootstrap-sortable.css
static.yunjiema.net/style/css/ 2 KB
814 B 76ms
24ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/bootstrap-sortable.css
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dc89e48147a069f0faaf2da79766e633938ca8d6d81f3f17b27a643f18f3354

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-bgj: minify
etag: W/"5cc6830c-657"
age: 8746
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSJFVSyxVuay69tZwrTa5FsHizLH%2BU3YgsLVXlvy52WdTUsBf7A1QZaYDNB2ptPS7VfQKJ%2FaH9w97wq7BdaOUtYCozz3ds99%2BhIwZaK%2FDmdQQK1eIyaH1LBOri5Dl4ouC0H2LnJMSVjq3DszQlljrEuE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c216e96dbd2-FRA
expires: Thu, 03 Oct 2024 00:32:06 GMT
date: Wed, 02 Oct 2024 14:57:52 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2019 04:52:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 subbscribe.css
static.yunjiema.net/style/css/ 4 KB
1 KB 68ms
16ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/subbscribe.css
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 170123c95adf24326177c11b88a97f979a781326a11a998e66ec93461311a67c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"5cc6830c-feb"
age: 8740
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8%2FOXICmQSmNl3ze7Aw7Cz3Wlo4TmhSW57kpqnaYX7NTMSw7G8ltjjCTTyZ7%2FLMz4g3b36PIi1p%2FylvyRhB%2FuuipsgtO0KOgR%2FmFfd1YxPyRyGT0EAz6SA7EVsORIqHdxRWrN8IO0pxVhFSAo1DmGQnk"}],"group":"cf-nel","max_age":604800}
expires: Wed, 02 Oct 2024 15:19:01 GMT
cf-polished: origSize=4075
date: Wed, 02 Oct 2024 14:57:52 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2019 04:52:28 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8cc58c216e98dbd2-FRA
server: cloudflare

GET
H/1.1 200
OK jquery.min.js Show response
libs.baidu.com/jquery/2.0.0/ 81 KB
29 KB 1080ms
158ms Script
application/x-javascript 39.156.66.111
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.baidu.com/jquery/2.0.0/jquery.min.js

Requested by

Host: www.qhcar.net
URL: https://www.qhcar.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

39.156.66.111 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),

Reverse DNS

Software

Apache /

Resource Hash

91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451

Security Headers

Name	Value
Strict-Transport-Security	max-age=87600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=87600
Cache-Control: max-age=2592000
Content-Encoding: gzip
Connection: keep-alive
Expires: Fri, 01 Nov 2024 14:57:53 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Date: Wed, 02 Oct 2024 14:57:53 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Jan 2015 09:16:30 GMT
Server: Apache
Vary: Accept-Encoding

GET
H2 200 bootstrap.min.js Show response
static.yunjiema.net/style/js/ 27 KB
8 KB 76ms
24ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/js/bootstrap.min.js
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5cc68320-6c51"
age: 8739
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OLOaWnJkWD9cieoIxG1YOOaH7mRtU80o%2B4O%2Fi7dLrERscRtngA13T4DZm3l8j53Dt8R6eO9d2FLQMw%2B2E2xw7600ElklF38IxitjiKbNZLpmhnVk5nIjirN4SSWMqmsjmxg7EbfBvTF%2FyXHEwj5Gkl0e"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c216ea4dbd2-FRA
expires: Wed, 02 Oct 2024 14:51:06 GMT
date: Wed, 02 Oct 2024 14:57:52 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2019 04:52:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 bootstrap.min.css
static.yunjiema.net/style/css/ 141 KB
25 KB 366ms
314ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/bootstrap.min.css
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"5cc68310-235f0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uovgkmiD9bRQONJAeo5ZP%2Fb4poXCbSPMjDPRJQDdndupB1Je6Dw16dpDkGUnO6E%2BRX31qpho0XDk%2FUuBvOgcoZPRC5fbw%2BWrmqY8RJcEXWK3ofjMfZCYlsykH%2FzScs64SrmGxyIM5am2hNs3PE%2FjzAxe"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c216e99dbd2-FRA
expires: Thu, 03 Oct 2024 02:57:53 GMT
date: Wed, 02 Oct 2024 14:57:53 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2019 04:52:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 custom.css
static.yunjiema.net/style/css/ 19 KB
4 KB 78ms
27ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/custom.css
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ff099cd80faf11a847e939f8056c400ca8d2e8d29edcff32b16b5631e65488

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"5de38848-4e2f"
age: 8746
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZeemwTSSMhRbX9Xq3%2FOpkIE0ow40FtNg82kS6Jt6TY2jiOdqVSAcjvRP0eVy%2BH%2BXnQ17MHhcNGzlYrldgtep6MNauZ8PgdAcij9lHvyC0W1WarvFTTQSUsjYIP6rrowskU49jlYtnN0z%2BmlSROiwoce"}],"group":"cf-nel","max_age":604800}
expires: Thu, 03 Oct 2024 00:32:06 GMT
cf-polished: origSize=20015
date: Wed, 02 Oct 2024 14:57:52 GMT
content-type: text/css
last-modified: Sun, 01 Dec 2019 09:30:48 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8cc58c216e95dbd2-FRA
server: cloudflare

GET
H2 200 bootstrap.3.0.0.css
static.yunjiema.net/style/css/ 89 KB
16 KB 73ms
23ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/bootstrap.3.0.0.css
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dcbd3aa09c5dbb6b1334d4ed35a63125e4c666243a53d9bc4b77e3f2d5d26bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"5de626aa-164e2"
age: 8746
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8CiCgy%2Fi7yRuOcHxIc0MQX5cW%2B2KXnlzb4t4Khk8TKY3g1jHlpol8sMqlGzxJJlCLArpKPTNZoIgzKks7CQr1Xy5cODUW%2BydoXdx5DWX2lUTqXzq%2BKLTOJv6swBZ4td6GpXg62KAPoCJvwtdyDVFCayh"}],"group":"cf-nel","max_age":604800}
expires: Thu, 03 Oct 2024 00:32:06 GMT
cf-polished: origSize=91362
date: Wed, 02 Oct 2024 14:57:52 GMT
content-type: text/css
last-modified: Tue, 03 Dec 2019 09:11:06 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8cc58c216e9bdbd2-FRA
server: cloudflare

GET
H2 200 home.css
static.yunjiema.net/style/css/ 6 KB
2 KB 67ms
17ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/home.css
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78620bf0b66edc359528949fe57b963afcc15668f2f67713ead45416e2c078b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"5dc6e936-18a1"
age: 8746
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uVBxJewsOHMkxolHP1txtNFOE3H6LVsdCs7QaDs9hJS97KUf37dFUm53CrF2cOOFKcBSCgrVAZl2RXmN6PJJWpjW5aP18ajEsm9i5sjOTPIlqlyPG8UwJmGirN4mNmwOtoo9KTW3pMgI3M%2B8Zelutvv%2B"}],"group":"cf-nel","max_age":604800}
expires: Thu, 03 Oct 2024 00:32:06 GMT
cf-polished: origSize=6305
date: Wed, 02 Oct 2024 14:57:52 GMT
content-type: text/css
last-modified: Sat, 09 Nov 2019 16:28:38 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8cc58c216e9adbd2-FRA
server: cloudflare

GET
H2 200 index.css
static.yunjiema.net/style/css/ 2 KB
1007 B 66ms
17ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/index.css
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 275810868348a8ad70acdd2e4ecd776d62fddb226d7ab3deea9fe6187289a2d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"5cec771e-9b5"
age: 1436
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pNPHZU5nV6Q1HTpgY1axOhLWXwwgOtJrY6hrVmBq0D7X71zI69Ab%2Bb3cFdiseztv0sMXQBNqcM%2Ffm4C0wPVOH53hb4EXcvWT2TKmUbX%2B16ayn780EkecDfP4k8rd6sFEKCs9GdueXbQGmrAl%2BT5TrUVa"}],"group":"cf-nel","max_age":604800}
expires: Thu, 03 Oct 2024 02:33:56 GMT
cf-polished: origSize=2485
date: Wed, 02 Oct 2024 14:57:52 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 23:47:42 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8cc58c216e9cdbd2-FRA
server: cloudflare

GET
H2 200 clipboard.min.js Show response
static.yunjiema.net/style/js/ 10 KB
4 KB 65ms
16ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/js/clipboard.min.js
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d25c45901b74f341ca3abb0d40859e5b2a2511e08feb135a786e262af8fc621f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5cc68322-26a6"
age: 8739
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1Dz3OEHV55UPG%2B%2Bmn5S9F0Q3gZOi1wLKiEow4VL4LKKn5HZudOKh8EAc56qP1ENOgvlBFCyF7D%2F45GRwPSGRmQoWKsqCwRfpPk6iQPE7kzhQA0PTl6RTxDV9JcHsmw5XQwBWkBeWRHuZZVGPdR0R9OK"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c216e9fdbd2-FRA
expires: Thu, 03 Oct 2024 00:32:13 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 02 Oct 2024 14:57:52 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2019 04:52:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 34ms
33ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3993128489863289

Requested by

Host: www.qhcar.net
URL: https://www.qhcar.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b954ad0f63090f874d7ff557e8750fad7d5e451cdf27c2cfd91231f9ba7fd42e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.qhcar.net
Referer: https://www.qhcar.net/

Response headers

content-encoding: br
etag: 5879276401163197472
x-content-type-options: nosniff
expires: Wed, 02 Oct 2024 14:57:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 02 Oct 2024 14:57:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52576
x-xss-protection: 0
server: cafe

GET
H2 200 logo.png
static.yunjiema.net/style/img/ 27 KB
27 KB 20ms
19ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/img/logo.png
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d08c960fd0fb23ab9b0a02328f08b3089919699b2c6dc634c3d583b4cf7287b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5cd2bae2-6afc"
age: 8746
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rnp%2F5zbCsipdtF07GRio0sqbuyoUT%2ByMizsgWkHQutXSzrFy0ztOoHbRH4lc2%2FQO%2FcGXb9AZQvNU5yUpHcW5BTDlGMkPrOwH69giGXZvuHmLq6reUaoX4A2fiISHHADx6ZuLpW55P8YzyE9LxEPGuOxc"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c217edadbd2-FRA
expires: Tue, 08 Oct 2024 21:45:59 GMT
accept-ranges: bytes
content-length: 27388
date: Wed, 02 Oct 2024 14:57:52 GMT
content-type: image/png
last-modified: Wed, 08 May 2019 11:17:54 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ru.png
static.yunjiema.net/style/img/flags/normal/ 557 B
975 B 472ms
472ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/img/flags/normal/ru.png
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 097120f26463b30ef295e0c6ceda482ef82c7a948de02db71a9334a4d907cf1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5c2b714c-22d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s1CEoIQ1NTqqkpr5t5m%2F8hSdcPQ7m50sxJWZcfXBVB%2BtaQTEG7sRy3DRVU7CqsWaG%2BI7qS41IL8UfZT7jxYQF0kc1K%2FDxJ%2BY7HGaIBeqaIXwVaRNSz%2B057VBxZdfHNSkaS4FqKVREX4j7kjAYgea8gar"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c217ededbd2-FRA
expires: Tue, 15 Oct 2024 00:18:14 GMT
accept-ranges: bytes
content-length: 557
date: Wed, 02 Oct 2024 14:57:53 GMT
content-type: image/png
last-modified: Tue, 01 Jan 2019 13:55:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 nl.png
static.yunjiema.net/style/img/flags/normal/ 437 B
796 B 318ms
316ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/img/flags/normal/nl.png
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd657f59f6177fe452dcc444fd43c7cdc785fefd6e74ce2b60c0dfde3c5618d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "5c2b7142-1b5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FvPCuDE65yeJoM5K7JhUnIjxtXkXFvo%2B7Ivo5%2BOwcG52H%2BWTuQTBJYVtsCuqCjec5HkDpX26um1Kx0E85Usy1rkxQraNQxlP%2F0ctbmM5g%2Fla5d6BE246nyEl%2BakDbbewaQXqHd1rcWQY4TnqWLzm%2FjIK"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c21af3fdbd2-FRA
expires: Fri, 01 Nov 2024 14:57:53 GMT
accept-ranges: bytes
content-length: 437
date: Wed, 02 Oct 2024 14:57:53 GMT
content-type: image/png
last-modified: Tue, 01 Jan 2019 13:55:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 us.png
static.yunjiema.net/style/img/flags/normal/ 11 KB
12 KB 14ms
14ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/img/flags/normal/us.png
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b0da5ae266460e1cb6084e6f48f18a0fbc3c7cd286ecd3f6386503326e698a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5c2b7160-2d40"
age: 8746
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4VIZQ02DCAJbfTsN4wXkN52SslsrsVui7%2FjVyXw0KP1ULgsoUWSPrkDBSa5Qxs1dbkfP%2ByO9hRJeN2ZkX4PBQwxXIAcEBb8LuTWdQhoV4vAKG2FQzpZTFtAiIbN7i9qu3ccASlxybhEsTw%2BFDtuuzvib"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c23ad34dbd2-FRA
expires: Fri, 01 Nov 2024 12:32:07 GMT
accept-ranges: bytes
content-length: 11584
date: Wed, 02 Oct 2024 14:57:53 GMT
content-type: image/png
last-modified: Tue, 01 Jan 2019 13:55:44 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 dk.png
static.yunjiema.net/style/img/flags/normal/ 645 B
1020 B 497ms
497ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/img/flags/normal/dk.png
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65639e7a7408e335e02b95421cbcd978331ae30c01db62e46baa910e287918fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5c2b7110-285"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m1u9WgLQ%2BLn03t5JISm3MNSnPb8p5%2FOuBlNUl19KhZH5PVtHUmIBwUAJAcMqgFoVso2JsYngLrx%2F%2Fz8PZt6kMZKpo%2F4BQwU7qfctLifSF4hzPC1%2FKhAQiJHGpAYWlFJEphQddLCqayQi7tntOLrL5grY"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c24c84cdbd2-FRA
expires: Mon, 07 Oct 2024 07:08:52 GMT
accept-ranges: bytes
content-length: 645
date: Wed, 02 Oct 2024 14:57:53 GMT
content-type: image/png
last-modified: Tue, 01 Jan 2019 13:54:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 tool.js Show response
static.yunjiema.net/style/js/ 776 B
719 B 21ms
21ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/js/tool.js?v1
Requested by: Host: www.qhcar.net
URL: https://www.qhcar.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f577e2d4b70c5bfbacda4e900bbc259374b85f881032d1952586d2609d557c0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"65f12042-37f"
age: 8740
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GkLlFqmgwMLt3ZU1jYgSIP8W0zK03skgj4mz1YDXhLuxjf8eZKeFW6%2FgwzkJIsdnN1H%2But6sH6kvBzvtK7pWjf8xD%2FtUrQNTPXlnDkh8AIDiRf%2FhhUc8%2Bsto260nbV1Od9wyx1z19pN9W6wSJ%2FZDXwMj"}],"group":"cf-nel","max_age":604800}
expires: Thu, 03 Oct 2024 00:32:13 GMT
cf-polished: origSize=895
date: Wed, 02 Oct 2024 14:57:53 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 03:40:50 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8cc58c23ddaedbd2-FRA
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
78 KB 49ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128637489-4

Requested by

Host: www.qhcar.net
URL: https://www.qhcar.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4936154790de9ac75cbb2c7d836a5e7b8eb1788a4b14df9185d81c338b94b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 02 Oct 2024 14:57:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 02 Oct 2024 14:57:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 02 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 78875
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 36ms
32ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3228894471178692

Requested by

Host: www.qhcar.net
URL: https://www.qhcar.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

af10d3c4b567acaec6b8988fc0a3fa317a27e69cde50aae09fdb80941e1f1d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.qhcar.net
Referer: https://www.qhcar.net/

Response headers

content-encoding: br
etag: 14773386125697102765
x-content-type-options: nosniff
expires: Wed, 02 Oct 2024 14:57:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 02 Oct 2024 14:57:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52479
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409300101/ 409 KB
136 KB 70ms
53ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1711213447767808&plah=www.qhcar.net&bust=31087682

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1711213447767808

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a70e9536f6f0499ac7ca43d9e67d1db3a96d86afaa2e363429740b3e5bf3247e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

content-encoding: br
etag: 756696969742729206
x-content-type-options: nosniff
expires: Wed, 02 Oct 2024 14:57:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 02 Oct 2024 14:57:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 139455
x-xss-protection: 0
server: cafe

GET
H2 200 matomo.js Show response
1.jacie.top/matomo/ 64 KB
22 KB 666ms
223ms Script
application/javascript 2606:4700:3037::6815:1a0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1.jacie.top/matomo/matomo.js

Requested by

Host: www.qhcar.net
URL: https://www.qhcar.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:1a0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 28345
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vmsvuWS3FJcL1Xy5M9rUca0nFUAEpDkM%2BMs%2BApC1LkWGU2TFOpP%2FDGJRn1S%2FCIzJDg1j5OJNEnYSQXLkC%2FsjDGkxFSp9MB4p9XosDq9%2BCuqmkkiTyb96RYL9JffDHmUulZ6qGgwM1MPsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 09 Oct 2024 07:05:29 GMT
date: Wed, 02 Oct 2024 14:57:54 GMT
content-type: application/javascript
last-modified: Tue, 18 Apr 2023 11:33:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8cc58c2d283fa08b-SIN
accept-ranges: bytes
content-length: 21519
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 bg-min.jpg
static.yunjiema.net/style/css/img/ 252 KB
253 KB 16ms
16ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/css/img/bg-min.jpg
Requested by: Host: static.yunjiema.net
URL: https://static.yunjiema.net/style/css/home.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 083828ee2916031aaa4969753ab1c20bdd49b4034b5afdda1af915574cea6e69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://static.yunjiema.net/style/css/home.css

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5ce93306-3f043"
age: 8741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1YjHSIF90teD339hFxpr8VTdMeXn6m8dz9XDAERzeGcngve3%2F7V5SvX%2B2JkOT%2BXFw0OiFUczw6rWDJxiKOJr7s%2FpzkkoIkj3QwYsAO5zvlMgG2%2FblVztTjrxr6wh4PfLphk%2BoSMsbDk0DsesLH6KUMAi"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c29bd32dbd2-FRA
expires: Fri, 01 Nov 2024 12:32:13 GMT
accept-ranges: bytes
content-length: 258115
date: Wed, 02 Oct 2024 14:57:54 GMT
content-type: image/jpeg
last-modified: Sat, 25 May 2019 12:20:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240930/r20190131/ Frame 178E 0
0 34ms
20ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240930/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1711213447767808&plah=www.qhcar.net&bust=31087682

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.qhcar.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 34637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Oct 2024 05:20:37 GMT
etag: 13108003645644964576
expires: Wed, 16 Oct 2024 05:20:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 7165 0
0 44ms
43ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1711213447767808&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1727881074&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.qhcar.net%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727881072931&bpp=1257&bdt=134&idt=1257&shv=r20240930&mjsv=m202409300101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2621184955642&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95343328%2C31087682&oid=2&pvsid=3069677060582906&tmod=1277399379&uas=0&nvt=1&fsapi=1&fc=1920&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1356

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.qhcar.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Oct 2024 14:57:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 51D0 0
0 149ms
148ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3993128489863289&output=html&h=280&slotname=7365343729&adk=1132976473&adf=1715028348&pi=t.ma~as.7365343729&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1727881074&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.qhcar.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727881074487&bpp=3&bdt=1691&idt=3&shv=r20240930&mjsv=m202409300101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2621184955642&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=307&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95343328%2C31087682&oid=2&pvsid=3069677060582906&tmod=1277399379&uas=0&nvt=1&fc=1920&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.qhcar.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Oct 2024 14:57:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 6E77 0
0 153ms
150ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3993128489863289&output=html&h=280&slotname=7365343729&adk=3539489905&adf=33162377&pi=t.ma~as.7365343729&w=1080&abgtt=6&fwrn=4&fwrnh=100&lmt=1727881074&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.qhcar.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727881074530&bpp=47&bdt=1733&idt=47&shv=r20240930&mjsv=m202409300101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2621184955642&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95343328%2C31087682&oid=2&pvsid=3069677060582906&tmod=1277399379&uas=0&nvt=1&fc=1920&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=51

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.qhcar.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Oct 2024 14:57:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 16D2 0
0 147ms
145ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3993128489863289&output=html&h=280&slotname=7365343729&adk=3539489905&adf=3178925079&pi=t.ma~as.7365343729&w=1080&abgtt=6&fwrn=4&fwrnh=100&lmt=1727881074&rafmt=1&format=1080x280&url=https%3A%2F%2Fwww.qhcar.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727881074612&bpp=3&bdt=1816&idt=3&shv=r20240930&mjsv=m202409300101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1110x280%2C1080x280&nras=1&correlator=2621184955642&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1693&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95343328%2C31087682&oid=2&pvsid=3069677060582906&tmod=1277399379&uas=0&nvt=1&fc=1920&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.qhcar.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 02 Oct 2024 14:57:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sms.png
static.yunjiema.net/style/css/img/ 4 KB
5 KB 2317ms
2316ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/css/img/sms.png
Requested by: Host: static.yunjiema.net
URL: https://static.yunjiema.net/style/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14ae5f3b413cd6962d595986079bbf95605a9a00ea8c664913ee7d460b9d8a8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://static.yunjiema.net/style/css/index.css

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "5cc68110-1183"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAY%2FoI0gHKBQXY6iKmj3VslnyGLYtKTxR6f7O%2F5%2FsVgmVPIEra4ue80MRsgX9BKJ3qi0MUyjqYW%2BFiPfrOh3nF3VDdPwsv70K5lSW%2Bw8ks9eCaYqj8PS1zTjC8ccvR7gyrmIFhuaX4nIpx1GmXmwTWvH"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c2ced9fdbd2-FRA
expires: Fri, 01 Nov 2024 14:57:56 GMT
accept-ranges: bytes
content-length: 4483
date: Wed, 02 Oct 2024 14:57:57 GMT
content-type: image/png
last-modified: Mon, 29 Apr 2019 04:44:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 email.png
static.yunjiema.net/style/css/img/ 6 KB
6 KB 4506ms
4506ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/css/img/email.png
Requested by: Host: static.yunjiema.net
URL: https://static.yunjiema.net/style/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d5ddaaa2b3bcbd4b21f5919acafdc761a10f261572ef5a8bf768210d637c8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://static.yunjiema.net/style/css/index.css

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5cc68110-1738"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i1hHQGZBxR57AEx8CMH%2FxkkY2hYxI6ic7ehNU3WLyeZee5cOIDFkR7lw9HWk7%2Fj5BpkTexcQv1GI%2B%2Fhlwl6qRQPDnBDVeydPKWtYsa69Ik47NOXDl5lQuMl1v0m7krMvcQL4oXfMIcwraTKc1%2FdjmIXE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c2ceda3dbd2-FRA
expires: Thu, 24 Oct 2024 03:13:00 GMT
accept-ranges: bytes
content-length: 5944
date: Wed, 02 Oct 2024 14:57:59 GMT
content-type: image/png
last-modified: Mon, 29 Apr 2019 04:44:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 webchat.png
static.yunjiema.net/style/css/img/ 9 KB
9 KB 182ms
182ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/css/img/webchat.png
Requested by: Host: static.yunjiema.net
URL: https://static.yunjiema.net/style/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08839bd4d5e633ee6a16ef0787ff14ee9ab60ce50d9dbcb62a22661a14c512f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://static.yunjiema.net/style/css/index.css

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5cc68110-2389"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=28hU2iSZk9vdsKlULrgGGaQONRGr5DlrZ5XylK76%2FUWnoFZYv4XX6IqdW955fdYyCM35b5lNK2%2FFEyO5J%2BPLhnj7JUjBv9oFHmftTqv6SGP6zFdeGX7zlU8FxcxcXAmRvBiPPMbOMmBRGuuK%2FgzZBXj7"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c2ceda6dbd2-FRA
expires: Mon, 14 Oct 2024 23:14:30 GMT
accept-ranges: bytes
content-length: 9097
date: Wed, 02 Oct 2024 14:57:54 GMT
content-type: image/png
last-modified: Mon, 29 Apr 2019 04:44:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 captcha.png
static.yunjiema.net/style/css/img/ 5 KB
6 KB 336ms
336ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/css/img/captcha.png
Requested by: Host: static.yunjiema.net
URL: https://static.yunjiema.net/style/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eec043548d710b80cd41fa600ba163753c3b6c5de8771be401ad40aa34f20354

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://static.yunjiema.net/style/css/index.css

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "5cc68110-14e7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sJIY1hG%2BepUH4ZRxaSHy8Pxx2gM%2BegbDz26lBX%2FZbiuvpum1UtzMdO59qu9bNjauTmBt%2B8KpB7MAzjWlBwMcwUDcGSBHhmzD9YIEGteO4Yiexr55XKMT0eUviZdSJ%2FUIhIhhUv%2BxRFC2EqoFVMryDyWn"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc58c2ceda7dbd2-FRA
expires: Fri, 01 Nov 2024 14:57:54 GMT
accept-ranges: bytes
content-length: 5351
date: Wed, 02 Oct 2024 14:57:55 GMT
content-type: image/png
last-modified: Mon, 29 Apr 2019 04:44:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
93 KB 38ms
35ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0S6T5QJZ4G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128637489-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21cc390e108391a2cb2efbc36009526747455cf93246f7c7d00860bbaee7363c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 02 Oct 2024 14:57:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 02 Oct 2024 14:57:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94937
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 88ms
11ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128637489-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

content-encoding: gzip
age: 5266
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 02 Oct 2024 15:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 02 Oct 2024 13:30:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 404 main.js
www.qhcar.net/cdn-cgi/challenge-platform/scripts/jsd/ Frame 97FA 0
0 152ms
145ms Script
text/html 68.66.226.92
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.qhcar.net/cdn-cgi/challenge-platform/scripts/jsd/main.js

Requested by

Host: www.qhcar.net
URL: https://www.qhcar.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.92 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts4.a2hosting.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-content-type-options: nosniff
content-length: 796
date: Wed, 02 Oct 2024 14:57:54 GMT
content-type: text/html
server: LiteSpeed
x-frame-options: SAMEORIGIN

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 116ms
17ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0S6T5QJZ4G&gtm=45je4a10v9115702446za200&_p=1727881074662&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1189154282.1727881075&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1727881074&sct=1&seg=0&dl=https%3A%2F%2Fwww.qhcar.net%2F&dt=%E5%85%8D%E8%B2%BB%E5%9C%A8%E7%B7%9A%E9%A2%86%E5%8F%97%E7%9F%AD%E4%BF%A1%E9%AA%8C%E8%AF%81%E7%A0%81%2C%E7%9F%AD%E4%BF%A1%E6%8E%A5%E7%A0%81%2C%E5%85%8D%E8%B2%BB%E6%8E%A5%E7%9F%AD%E4%BF%A1%2C%E5%A7%91%E4%B8%94%E6%89%8B%E6%9C%BA%E5%8F%B7%E7%A0%81%20-%20%E4%BA%91%E6%8E%A5%E7%A0%81&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3980
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0S6T5QJZ4G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.qhcar.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 02 Oct 2024 14:57:55 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
418 B 20ms
19ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=445245524&t=pageview&_s=1&dl=https%3A%2F%2Fwww.qhcar.net%2F&ul=de-de&de=UTF-8&dt=%E5%85%8D%E8%B2%BB%E5%9C%A8%E7%B7%9A%E9%A2%86%E5%8F%97%E7%9F%AD%E4%BF%A1%E9%AA%8C%E8%AF%81%E7%A0%81%2C%E7%9F%AD%E4%BF%A1%E6%8E%A5%E7%A0%81%2C%E5%85%8D%E8%B2%BB%E6%8E%A5%E7%9F%AD%E4%BF%A1%2C%E5%A7%91%E4%B8%94%E6%89%8B%E6%9C%BA%E5%8F%B7%E7%A0%81%20-%20%E4%BA%91%E6%8E%A5%E7%A0%81&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=522633447&gjid=1362364841&cid=1189154282.1727881075&tid=UA-128637489-4&_gid=2049855677.1727881075&_r=1&gtm=457e4a10za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&jsscut=1&npa=1&z=738199838

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.qhcar.net/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 02 Oct 2024 14:57:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.qhcar.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

POST
H2 204 matomo.php
1.jacie.top/matomo/ 0
0 695ms
691ms Ping
text/html 2606:4700:3037::6815:1a0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1.jacie.top/matomo/matomo.php?action_name=%E5%85%8D%E8%B2%BB%E5%9C%A8%E7%B7%9A%E9%A2%86%E5%8F%97%E7%9F%AD%E4%BF%A1%E9%AA%8C%E8%AF%81%E7%A0%81%2C%E7%9F%AD%E4%BF%A1%E6%8E%A5%E7%A0%81%2C%E5%85%8D%E8%B2%BB%E6%8E%A5%E7%9F%AD%E4%BF%A1%2C%E5%A7%91%E4%B8%94%E6%89%8B%E6%9C%BA%E5%8F%B7%E7%A0%81%20-%20%E4%BA%91%E6%8E%A5%E7%A0%81&idsite=1&rec=1&r=218837&h=16&m=57&s=54&url=https%3A%2F%2Fwww.qhcar.net%2F&_id=b079ead0ca6de602&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=9N8N4j&pf_net=1025&pf_srv=828&pf_tfr=3&pf_dm1=2003&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: 1.jacie.top
URL: https://1.jacie.top/matomo/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://www.qhcar.net/

Response headers

POST
H2 204 matomo.php
1.jacie.top/matomo/ 0
0 462ms
458ms Ping
text/html 2606:4700:3037::6815:1a0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1.jacie.top/matomo/matomo.php?action_name=%E5%85%8D%E8%B2%BB%E5%9C%A8%E7%B7%9A%E9%A2%86%E5%8F%97%E7%9F%AD%E4%BF%A1%E9%AA%8C%E8%AF%81%E7%A0%81%2C%E7%9F%AD%E4%BF%A1%E6%8E%A5%E7%A0%81%2C%E5%85%8D%E8%B2%BB%E6%8E%A5%E7%9F%AD%E4%BF%A1%2C%E5%A7%91%E4%B8%94%E6%89%8B%E6%9C%BA%E5%8F%B7%E7%A0%81%20-%20%E4%BA%91%E6%8E%A5%E7%A0%81&idsite=1&rec=1&r=937653&h=16&m=57&s=54&url=https%3A%2F%2Fwww.qhcar.net%2F&_id=b079ead0ca6de602&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=iiD6Fz&pf_net=1025&pf_srv=828&pf_tfr=3&pf_dm1=2003&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: 1.jacie.top
URL: https://1.jacie.top/matomo/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://www.qhcar.net/

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 27ms
27ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240930&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

00152f8ba7b415222a967406c7fe6acc85dcf7208b4b1dbdba9e4c4e6f1300e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12973
date: Wed, 02 Oct 2024 14:57:59 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 404 favicon.ico
www.qhcar.net/ 796 B
1 KB 148ms
147ms Other
text/html 68.66.226.92
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.qhcar.net/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

68.66.226.92 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts4.a2hosting.com

Software

LiteSpeed /

Resource Hash

c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 796
date: Wed, 02 Oct 2024 14:57:59 GMT
content-type: text/html
server: LiteSpeed
x-frame-options: SAMEORIGIN

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 55ms
18ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.qhcar.net/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 02 Oct 2024 14:57:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 02 Oct 2024 14:57:59 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 4F6E 0
0 32ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.qhcar.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 34550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Oct 2024 05:22:09 GMT
expires: Thu, 02 Oct 2025 05:22:09 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20240930&jk=3069677060582906&bg=!7-yl7KPNAAbzZSz302U7ADQBe5WfOFmayMtG2Av7ieo4O6YKShP4Wz_ObgpeTz-nc1q2XMoiCP1Y36KtYSLKEgXcFv0WAgAAAIZSAAAABGgBB34ANigmr8L1Ezcq1MfYULV7AoBwds7QR026li08E_Y4lMgcG5AkTP_UKJS4Gn7KtAuAJV5_ltHquAoAmwXPy0LCitm-QHKijXUQgwiLwCv86lZIRETk2fDT8ThzyIFHM5cUW6K9lpA9WzM3q7RJ0LxtKQuYlXRJ9OQ9QdvOJ4ir2aYMA070Zh_qcxZMj3zoo6n2HK6XXCFn9GhLez-wGEQfttNuRUes4I0pRH8gMYHpqW_RJM48xEbVdpdhaY2ku71kSDgVAwUFcdJyJouAz6sw3uEydRYsmQKRSN6Q3Wbd2c3T35nuN2IGmWvWzq6hRQw9XMmDW3K1e_OuYE0rAlWZTCvAU59Nuami0y9dpVcghkav3UI8Gx1sV16bQZ1eFkRVFzKulJRMwxhzj5M6KKDSymXfu2Zw2j7gKBqU1QofUUZ74sdYifLHbOQTRQ8ZuFAzhEkGK-_7TU22WgIyEU4tR88r8hJWQxYdiBpkE4mZW6PpLgHHya-lhKcs_DuDPBsOcE9I-vglFHOwU4Mm38l3bxlW-AyNVSEC4Oe5hnUfXFfDoyA_GagKlHUN2zUOS2T2QXKL5UHOzlhHNBwXNjG7tMhhR5JW7v4F4CGdXvA-91zFPqiPCzTHu-WefGQW8e7v7jRaUd1CtCzzt8z6jpbtbW4XLNVKbY6jbeP9Ed4A_nQFjcv3KjvW5JPhdIvQqderuLkh8-Aq_9cuHhB-hbnyZAaBP1TAa6q6_En4OxNLeCU93FFR8QsMJppIs-aBeKgisrGHAEL8mEYV7jzooNqLubn6WP5px9Q2ocML3kY7W5sKg_A6y99jVdJCK1JKP3WkOqOTL7iAsF9rkzc3R9uI8xCJiK4TgaG65B_-ajrtd6TEQBylHrFyoCH8jwUQiV3Aw7NjikH7F7OMAHImPChPocgx_2UwjgFflmgWChAFdhJOAjemF4oCgFNi-Mv4GmhvfSbJDRK9a1feIexjJuxlgS-0car65ysbvcpVCivmoMeGYSstlexGQ23tI2MrpOlV--aXGVbJmqMYnPSBQcUouuAIJKY9A6WMXQxN8Npek1_phpR9EPqWNYBkzMTCBX7RHdcSLviS4x0awuou_AZ-K29iRmUBOwS_p7HyzcTPtt30_-NhAKT5NcPDW3-aH2TnLaN1AVkkUSr1

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.baidu.com/	1970-01-21 09:34:01	Name: BAIDUID_BFESS Value: BE3FC4F09DB6F6568C087290C9256260:FG=1
.qhcar.net/	1970-01-21 09:34:01	Name: _ga_0S6T5QJZ4G Value: GS1.1.1727881074.1.0.1727881074.0.0.0
.qhcar.net/	1970-01-21 09:34:01	Name: _ga Value: GA1.2.1189154282.1727881075
.qhcar.net/	1970-01-20 23:59:27	Name: _gid Value: GA1.2.2049855677.1727881075
.qhcar.net/	1970-01-20 23:58:01	Name: _gat_gtag_UA_128637489_4 Value: 1
www.qhcar.net/	1970-01-21 09:23:56	Name: _pk_id.1.ee3a Value: b079ead0ca6de602.1727881075.
www.qhcar.net/	1970-01-20 23:58:02	Name: _pk_ses.1.ee3a Value: 1

53 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/ru.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/ru.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/ru.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/ Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/dk.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 70) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 150) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/ru.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 150) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 150) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 150) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 221) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 221) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 221) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 221) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/ru.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/ru.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.qhcar.net/(Line 523) Message: Mixed Content: The page at 'https://www.qhcar.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/dk.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.qhcar.net/cdn-cgi/challenge-platform/scripts/jsd/main.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: about:blank Message: Refused to execute script from 'https://www.qhcar.net/cdn-cgi/challenge-platform/scripts/jsd/main.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://www.qhcar.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.jacie.top
libs.baidu.com
pagead2.googlesyndication.com
region1.google-analytics.com
static.yunjiema.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.qhcar.net
pagead2.googlesyndication.com
142.250.181.226
2001:4860:4802:34::36
2606:4700:3037::6815:1a0c
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2001
2a00:1450:4001:811::200e
2a06:98c1:3121::3
39.156.66.111
68.66.226.92
00152f8ba7b415222a967406c7fe6acc85dcf7208b4b1dbdba9e4c4e6f1300e7
083828ee2916031aaa4969753ab1c20bdd49b4034b5afdda1af915574cea6e69
08839bd4d5e633ee6a16ef0787ff14ee9ab60ce50d9dbcb62a22661a14c512f1
097120f26463b30ef295e0c6ceda482ef82c7a948de02db71a9334a4d907cf1c
14ae5f3b413cd6962d595986079bbf95605a9a00ea8c664913ee7d460b9d8a8e
170123c95adf24326177c11b88a97f979a781326a11a998e66ec93461311a67c
21cc390e108391a2cb2efbc36009526747455cf93246f7c7d00860bbaee7363c
275810868348a8ad70acdd2e4ecd776d62fddb226d7ab3deea9fe6187289a2d2
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
40ff099cd80faf11a847e939f8056c400ca8d2e8d29edcff32b16b5631e65488
54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7
65639e7a7408e335e02b95421cbcd978331ae30c01db62e46baa910e287918fa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dc89e48147a069f0faaf2da79766e633938ca8d6d81f3f17b27a643f18f3354
78620bf0b66edc359528949fe57b963afcc15668f2f67713ead45416e2c078b5
835c4e607e4792ec7de8a1783d5ebd104245939d28a6e41c6b22261c0cef1a0c
91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451
9dcbd3aa09c5dbb6b1334d4ed35a63125e4c666243a53d9bc4b77e3f2d5d26bf
a4936154790de9ac75cbb2c7d836a5e7b8eb1788a4b14df9185d81c338b94b64
a70e9536f6f0499ac7ca43d9e67d1db3a96d86afaa2e363429740b3e5bf3247e
a912697a598ee626b570fba572966fd44b3d348c84f103d60e3eda8a539203eb
af10d3c4b567acaec6b8988fc0a3fa317a27e69cde50aae09fdb80941e1f1d20
b5b0da5ae266460e1cb6084e6f48f18a0fbc3c7cd286ecd3f6386503326e698a
b954ad0f63090f874d7ff557e8750fad7d5e451cdf27c2cfd91231f9ba7fd42e
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400
cd657f59f6177fe452dcc444fd43c7cdc785fefd6e74ce2b60c0dfde3c5618d0
d08c960fd0fb23ab9b0a02328f08b3089919699b2c6dc634c3d583b4cf7287b8
d25c45901b74f341ca3abb0d40859e5b2a2511e08feb135a786e262af8fc621f
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2d5ddaaa2b3bcbd4b21f5919acafdc761a10f261572ef5a8bf768210d637c8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eec043548d710b80cd41fa600ba163753c3b6c5de8771be401ad40aa34f20354
f577e2d4b70c5bfbacda4e900bbc259374b85f881032d1952586d2609d557c0f
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

www.qhcar.net Open in urlscan Pro 68.66.226.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

98 %HTTPS

67 %IPv6

7 Domains

9 Subdomains

10 IPs

3 Countries

941 kBTransfer

2224 kBSize

7 Cookies

1 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.qhcar.net Open in urlscan Pro
68.66.226.92 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

98 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

941 kB
Transfer

2224 kB
Size

7
Cookies

45 HTTP transactions
0 data transactions