qh.bingdimy.com Open in urlscan Pro
104.16.2.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://qh.bingdimy.com/
Submission: On February 19 via api (February 19th 2024, 3:18:58 pm UTC) from US — Scanned from US

Summary HTTP 15 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 104.16.2.1, located in and belongs to CLOUDFLARENET, US. The main domain is qh.bingdimy.com.
TLS certificate: Issued by E1 on February 17th 2024. Valid for: 3 months.

This is the only time qh.bingdimy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	104.16.2.1 104.16.2.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.176.202 142.250.176.202	15169 (GOOGLE) (GOOGLE)
3	142.251.40.131 142.251.40.131	15169 (GOOGLE) (GOOGLE)
15	3

11 104.16.2.1 (None, )

ASN13335 (CLOUDFLARENET, US)

qh.bingdimy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.202 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	bingdimy.com qh.bingdimy.com	273 KB
3	gstatic.com fonts.gstatic.com	43 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	1 KB
15	3

	Domain	Requested by
11	qh.bingdimy.com	qh.bingdimy.com
3	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	qh.bingdimy.com
15	3

This site contains links to these domains. Also see Links.

Domain
pay.leixt.com
stwl.lanzouo.com
qm.qq.com
wpa.qq.com
www.cssmoban.com

Subject Issuer	Validity	Valid
qh.bingdimy.com E1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qh.bingdimy.com/
Frame ID: 416373E7B94377B0F00D0EDAD455B862
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

情怀魔域

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

318 kB
Transfer

416 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://pay.leixt.com/ch/a.html?sid=25542
Title: 冲值页面

Search URL Search Domain Scan URL

URL: https://stwl.lanzouo.com/imbBc1oiwyqb
Title: 游戏下载

Search URL Search Domain Scan URL

URL: http://qm.qq.com/cgi-bin/qm/qr?_wv=1027&k=N2N34RIMaLUWQ7Uk_3cB3KzTMKdTJxzK&authKey
Title: 加入QQ群

Search URL Search Domain Scan URL

URL: http://wpa.qq.com/msgrd?v=3&uin=1541203688&site=qq&menu=yes
Title: 点击此处加客服QQ

Search URL Search Domain Scan URL

URL: http://www.cssmoban.com/
Title: 网站模板

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
qh.bingdimy.com/ 14 KB
5 KB 446ms
176ms Document
text/html 104.16.2.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qh.bingdimy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.2.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 814a47794d5f8240ac8ad4709ccda562c8cab957db92426ffda21fc4d9866c07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 857f7c197a5d827a-IAD
content-encoding: br
content-type: text/html
date: Mon, 19 Feb 2024 15:18:51 GMT
last-modified: Sun, 18 Feb 2024 13:07:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKV3XKlPUeAJNTaXVa3g0BW6Nb0vZwoyrhkJOSrU%2B3O21zpTvSRbrs29oFyH3XjhZdkMH8ucor4BwCHZRGafe0opJmjap86uN1Gfzivmn4Dh5RgqZUCFHolkGcHEj4wkvTg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H2 200 main.css
qh.bingdimy.com/css/ 26 KB
6 KB 386ms
385ms Stylesheet
text/css 104.16.2.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qh.bingdimy.com/css/main.css
Requested by: Host: qh.bingdimy.com
URL: https://qh.bingdimy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.2.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6da7f58ac49ea591a96474ff8584fc53689a9f30a05c96d59843bf3f9af10480

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qh.bingdimy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 15:18:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 06:24:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0b4806a61da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wB%2B02SjN%2FG5drAQddEkLajljo6AEDrW6YgnmzgIax5BEoAfhQ6Gnj6k9t%2F2JsK1HF7%2BlraahiaduijcfbD2LQdt27YNMlkNIsGcV80OeWsC%2F3%2FE6uDQ0InchqRXZKjq2fN4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 857f7c1aabcd827a-IAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
qh.bingdimy.com/js/ 86 KB
31 KB 542ms
541ms Script
application/x-javascript 104.16.2.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qh.bingdimy.com/js/jquery.min.js
Requested by: Host: qh.bingdimy.com
URL: https://qh.bingdimy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.2.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qh.bingdimy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 15:18:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 06:24:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0b4806a61da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpVB1e8jmywqDofYCSYX4L81DGwYHtRG0qp63eUvNUME4mSICgRdt6gEpXNvh%2BzCbudPTsOlNdUTItt9Sha8Yn8MRxqOOXcEDoAhtir%2F1wFdnDMU6q%2FCksMYEM0ZU4dTSjc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 857f7c1b3d547f86-IAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 browser.min.js Show response
qh.bingdimy.com/js/ 2 KB
1 KB 176ms
176ms Script
application/x-javascript 104.16.2.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qh.bingdimy.com/js/browser.min.js
Requested by: Host: qh.bingdimy.com
URL: https://qh.bingdimy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.2.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2b854af86a8f6a22eabfa5b258bbd1191aba7408f8a6fb959629ca0f70b097e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qh.bingdimy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 15:18:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 06:24:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0b4806a61da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Q2xvZVZELrY8GqtPQp9oNacelRShnL30njqi8GSISd5lYGshKDJ7yd3IRKgeW2409rZhT%2BBVDejty3UM0ilihB7H%2Bq%2FS%2BcIKEP6vvL4wU%2B8m3GEi%2BSbYH75NJU6rhrvOoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 857f7c1b3d577f86-IAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 breakpoints.min.js Show response
qh.bingdimy.com/js/ 2 KB
1 KB 180ms
180ms Script
application/x-javascript 104.16.2.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qh.bingdimy.com/js/breakpoints.min.js
Requested by: Host: qh.bingdimy.com
URL: https://qh.bingdimy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.2.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6f9d0ea0983b5de6d8dae067d4cb395e951760c25dfac9de7dce535fd82ebc2b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qh.bingdimy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 15:18:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 06:24:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0b4806a61da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otU6A7AvPM9fYySrD0ZpgeXhJkK5kJcCouAVgaF%2FFt99Auh2V444l9m7LOWpWhn8PuXUf7%2FG0pC%2BA5A1LEuBIaHce9aVVuc1bT6%2Bww3juxYXbDdVOWcKY88FieSr5nk9BHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 857f7c1b3d5a7f86-IAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 util.js Show response
qh.bingdimy.com/js/ 6 KB
2 KB 242ms
242ms Script
application/x-javascript 104.16.2.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qh.bingdimy.com/js/util.js
Requested by: Host: qh.bingdimy.com
URL: https://qh.bingdimy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.2.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0ff92ee55ae9185425fad1965c87ab6a708030da015c9ac6398423157c0282fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qh.bingdimy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 15:18:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 06:24:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0b4806a61da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Auqc4JynEjzoAVmzITUfmUkXRewSSVxjCpP1RyY03u%2FYGvlslw9Po3CjNxuAnE7fYBUBVcbEQj4YrXFh8vIs94rUMPd%2BXWTc6EdxlSt%2B%2FqL%2FFY2iBRCixnBGojxYv6%2Bjc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 857f7c1b3d5e7f86-IAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.js Show response
qh.bingdimy.com/js/ 4 KB
2 KB 245ms
245ms Script
application/x-javascript 104.16.2.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qh.bingdimy.com/js/main.js
Requested by: Host: qh.bingdimy.com
URL: https://qh.bingdimy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.2.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6b2271047e063a4f887aa1a1e56cb6199c91a64f91092d3ec2707e5e9bad7d25

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qh.bingdimy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 15:18:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 06:24:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0b4806a61da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MTS52FgB0XKx2Bi1XeclUuuFkRMWj0Ds9Hhq4Gv7F0I6P3%2Fbmp%2FbSMd%2FpWDYn6VdfXNht9Omopomwyo3tbgi2%2FnVgzz%2ByB0rSq9N38Hyp9%2BfnWsQPiHq80CbijDLA%2BiFO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 857f7c1b3d5f7f86-IAD
alt-svc: h3=":443"; ma=86400

GET
H3 404 fontawesome-all.min.css
qh.bingdimy.com/css/ 0
0 252ms
251ms Stylesheet
text/html 104.16.2.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qh.bingdimy.com/css/fontawesome-all.min.css
Requested by: Host: qh.bingdimy.com
URL: https://qh.bingdimy.com/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.2.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qh.bingdimy.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 15:18:51 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USmFZrj1sK7BmGe27Mz1%2BBFMhM0NyFXgytoRVCAMhOxXAEMlKKLfqdDZd%2F6%2FIhh1Mgoh%2BoXUjtAbVPvT3lWMnqJ68tpjDoooPXOS%2BOcMMo%2BOvKopHni0Z8HAcdkAZsnp988%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 857f7c1d1fbc7f86-IAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 73ms
34ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300italic,600italic,300,600

Requested by

Host: qh.bingdimy.com
URL: https://qh.bingdimy.com/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

69b3ddfc93427310e010ee73a90b679dc54eb48a552a08cb92c0d8eb59ddfcca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qh.bingdimy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Feb 2024 15:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 15:18:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Feb 2024 15:18:51 GMT

GET
H3 400 svg+xml;charset=utf8;base64,PHN2ZyB4bWxucz0naHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmcnIHdpZHRoPSc0MCcgaGVpZ2h0PSc0MCcgcHJlc2VydmVBc3BlY3RSYXRpbz0nbm9uZScgdmlld0JveD0nMCAwIDQwIDQwJz48cGF0aCBkPSdNOS40LDEyL...
qh.bingdimy.com/other/ 324 B
324 B 175ms
175ms Image
text/html 104.16.2.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qh.bingdimy.com/other/svg+xml;charset=utf8;base64,PHN2ZyB4bWxucz0naHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmcnIHdpZHRoPSc0MCcgaGVpZ2h0PSc0MCcgcHJlc2VydmVBc3BlY3RSYXRpbz0nbm9uZScgdmlld0JveD0nMCAwIDQwIDQwJz48cGF0aCBkPSdNOS40LDEyLjNsMTAuNCwxMC40bDEwLjQtMTAuNGMwLjItMC4yLDAuNS0wLjQsMC45LTAuNGMwLjMsMCwwLjYsMC4xLDAuOSwwLjRsMy4zLDMuM2MwLjIsMC4yLDAuNCwwLjUsMC40LDAuOSBjMCwwLjQtMC4xLDAuNi0wLjQsMC45TDIwLjcsMzEuOWMtMC4yLDAuMi0wLjUsMC40LTAuOSwwLjRjLTAuMywwLTAuNi0wLjEtMC45LTAuNEw0LjMsMTcuM2MtMC4yLTAuMi0wLjQtMC41LTAuNC0wLjkgYzAtMC40LDAuMS0wLjYsMC40LTAuOWwzLjMtMy4zYzAuMi0wLjIsMC41LTAuNCwwLjktMC40UzkuMSwxMi4xLDkuNCwxMi4zeicgZmlsbD0nI2ZmZmZmZicgLz48L3N2Zz4=
Requested by: Host: qh.bingdimy.com
URL: https://qh.bingdimy.com/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.2.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14c08afc15e276b96c48de6598e86fcc933f3b105a2a18667d395d82c1ea97d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qh.bingdimy.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 15:18:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGZXsI0R4SUJPmZTzy7zaUdHvXMde%2BaRVmuaq57Zg44KUQOg0JosTy4C4zTe8gr2Oi9ogjdrYvYmZGqp6uQYlBFW0RWvO%2FqOs3yJK5JCKYEryN7dBi0k0tStqqPjHreicjU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=us-ascii
cf-ray: 857f7c1ed9e67f86-IAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 overlay.png
qh.bingdimy.com/images/ 4 KB
5 KB 250ms
249ms Image
image/png 104.16.2.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qh.bingdimy.com/images/overlay.png
Requested by: Host: qh.bingdimy.com
URL: https://qh.bingdimy.com/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.2.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 29104d8dba9179915cd8e216cd8b39dce3f9d66993429a9108d2ab3797782a43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qh.bingdimy.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 15:18:52 GMT
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 06:24:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "80a1e006a61da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7usTfOupm8Ie7Ctd%2BwfKbhcQl%2B20CDARomQNRLvaWlbbU46JIxuz43Y9SdhQzwoDgb8uwVEARJbp%2BEp6lYTfu9kwV%2BDPWSW6t0ua%2Fb5bFmSifCnas1Q3Ro3CMseUdBnaOBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 857f7c1ed9e87f86-IAD
alt-svc: h3=":443"; ma=86400
content-length: 4385

GET
H3 200 bg.jpg
qh.bingdimy.com/images/ 219 KB
219 KB 477ms
476ms Image
image/jpeg 104.16.2.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qh.bingdimy.com/images/bg.jpg
Requested by: Host: qh.bingdimy.com
URL: https://qh.bingdimy.com/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.2.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a46228518ff798e41782a128f6a062bc3148ed153a1414cecf14716a9a213ce6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qh.bingdimy.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 15:18:52 GMT
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 06:24:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "80a1e006a61da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4q4esBTSPZ3Nt6AEhQSBggkgpnJnWJCcevnRmFUvqaF5NxG1TWrVC%2BqTCVHSih%2F6j1d9FnLM0kI7q1GcEHvP2WQ9H4MfNhCNOBLJ6OMoU%2FTKDVyqJhCUW1kyRgZ6qkYbDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 857f7c1ed9ec7f86-IAD
alt-svc: h3=":443"; ma=86400
content-length: 223897

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 67ms
20ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300italic,600italic,300,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qh.bingdimy.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:12 GMT
x-content-type-options: nosniff
age: 368800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 08:52:12 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 61ms
15ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300italic,600italic,300,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qh.bingdimy.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 00:42:16 GMT
x-content-type-options: nosniff
age: 311796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14780
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 00:42:16 GMT

GET
H2 200 6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 70ms
24ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300italic,600italic,300,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

c5bf2b44104c6ae4bdc5ccaf16169c7d3bf8ea750cdde9cae7cc6dd0973a0dd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qh.bingdimy.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:07:38 GMT
x-content-type-options: nosniff
age: 324674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14104
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 21:07:38 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| browser function| breakpoints

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://qh.bingdimy.com/css/fontawesome-all.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://qh.bingdimy.com/other/svg+xml;charset=utf8;base64,PHN2ZyB4bWxucz0naHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmcnIHdpZHRoPSc0MCcgaGVpZ2h0PSc0MCcgcHJlc2VydmVBc3BlY3RSYXRpbz0nbm9uZScgdmlld0JveD0nMCAwIDQwIDQwJz48cGF0aCBkPSdNOS40LDEyLjNsMTAuNCwxMC40bDEwLjQtMTAuNGMwLjItMC4yLDAuNS0wLjQsMC45LTAuNGMwLjMsMCwwLjYsMC4xLDAuOSwwLjRsMy4zLDMuM2MwLjIsMC4yLDAuNCwwLjUsMC40LDAuOSBjMCwwLjQtMC4xLDAuNi0wLjQsMC45TDIwLjcsMzEuOWMtMC4yLDAuMi0wLjUsMC40LTAuOSwwLjRjLTAuMywwLTAuNi0wLjEtMC45LTAuNEw0LjMsMTcuM2MtMC4yLTAuMi0wLjQtMC41LTAuNC0wLjkgYzAtMC40LDAuMS0wLjYsMC40LTAuOWwzLjMtMy4zYzAuMi0wLjIsMC41LTAuNCwwLjktMC40UzkuMSwxMi4xLDkuNCwxMi4zeicgZmlsbD0nI2ZmZmZmZicgLz48L3N2Zz4= Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
qh.bingdimy.com
104.16.2.1
142.250.176.202
142.251.40.131
0ff92ee55ae9185425fad1965c87ab6a708030da015c9ac6398423157c0282fb
14c08afc15e276b96c48de6598e86fcc933f3b105a2a18667d395d82c1ea97d5
29104d8dba9179915cd8e216cd8b39dce3f9d66993429a9108d2ab3797782a43
2b854af86a8f6a22eabfa5b258bbd1191aba7408f8a6fb959629ca0f70b097e8
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
69b3ddfc93427310e010ee73a90b679dc54eb48a552a08cb92c0d8eb59ddfcca
6b2271047e063a4f887aa1a1e56cb6199c91a64f91092d3ec2707e5e9bad7d25
6da7f58ac49ea591a96474ff8584fc53689a9f30a05c96d59843bf3f9af10480
6f9d0ea0983b5de6d8dae067d4cb395e951760c25dfac9de7dce535fd82ebc2b
814a47794d5f8240ac8ad4709ccda562c8cab957db92426ffda21fc4d9866c07
a46228518ff798e41782a128f6a062bc3148ed153a1414cecf14716a9a213ce6
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c5bf2b44104c6ae4bdc5ccaf16169c7d3bf8ea750cdde9cae7cc6dd0973a0dd0
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

qh.bingdimy.com Open in urlscan Pro 104.16.2.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

318 kBTransfer

416 kBSize

0 Cookies

5 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

qh.bingdimy.com Open in urlscan Pro
104.16.2.1 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

318 kB
Transfer

416 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions