arming.pages.dev Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://arming.pages.dev/
Effective URL:
https://arming.pages.dev/
Submission Tags: threatview.io malwar3ninja rule: suspected phishing scam automated-submission Search All
Submission: On October 02 via api (October 2nd 2024, 9:18:43 am UTC) from DE — Scanned from NL

Summary HTTP 53 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 53 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is arming.pages.dev.
TLS certificate: Issued by WE1 on September 29th 2024. Valid for: 3 months.

This is the only time arming.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 25	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2408:8748:c11... 2408:8748:c110:302::3f	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	111.45.11.83 111.45.11.83	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
1	240e:954:0:41... 240e:954:0:41:3::7e2	134768 (CHINANET-...) (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network)
9	172.66.46.252 172.66.46.252	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	240d:c000:201... 240d:c000:2010:1807:0:9aca:1a5a:cd35	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	2408:8752:e00... 2408:8752:e00:81::3c	() ()
53	8

25 188.114.97.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

arming.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2408:8748:c110:302::3f (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

user.guancha.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.45.11.83 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:954:0:41:3::7e2 (China)

ASN134768 (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN)

s95.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.66.46.252 (United States)

ASN13335 (CLOUDFLARENET, US)

user.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 240d:c000:2010:1807:0:9aca:1a5a:cd35 (Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

turing.captcha.qcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2408:8752:e00:81::3c (None, )

ASN- ()

turing.captcha.gtimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	pages.dev 2 redirects arming.pages.dev user.pages.dev	74 KB
2	qcloud.com turing.captcha.qcloud.com — Cisco Umbrella Rank: 70490	74 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 10108	12 KB
1	gtimg.com turing.captcha.gtimg.com Failed
1	cnzz.com s95.cnzz.com — Cisco Umbrella Rank: 282195	311 B
1	guancha.cn i.guancha.cn Failed user.guancha.cn — Cisco Umbrella Rank: 664338	2 KB
0	admaster.com.cn Failed v.admaster.com.cn Failed
53	7

	Domain	Requested by
25	arming.pages.dev	2 redirects arming.pages.dev
9	user.pages.dev	user.guancha.cn
2	turing.captcha.qcloud.com	user.guancha.cn turing.captcha.qcloud.com
2	hm.baidu.com	arming.pages.dev
1	turing.captcha.gtimg.com	turing.captcha.qcloud.com
1	s95.cnzz.com	arming.pages.dev
1	user.guancha.cn	arming.pages.dev
0	v.admaster.com.cn Failed	arming.pages.dev
0	i.guancha.cn Failed	arming.pages.dev
53	9

This site contains links to these domains. Also see Links.

Domain
user.guancha.cn
m.guancha.cn
weibo.com
member.guancha.cn
www.idcpc.org.cn
www.chinapeace.gov.cn
www.fmprc.gov.cn
www.gwytb.gov.cn
www.21bcr.com
navy.81.cn
rdcy-sf.ruc.edu.cn
www.jwview.com
www.cac.gov.cn

Subject Issuer	Validity	Valid
arming.pages.dev WE1	`2024-09-29` - `2024-12-28`	3 months	crt.sh
*.guancha.cn TrustAsia RSA DV TLS CA G2	`2024-04-10` - `2025-05-10`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-02-17` - `2025-03-20`	a year	crt.sh
user.pages.dev WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
*.turing.captcha.qcloud.com DigiCert Secure Site CN CA G3	`2024-03-27` - `2025-04-27`	a year	crt.sh
*.turing.captcha.gtimg.com DigiCert Secure Site CN CA G3	`2024-02-20` - `2025-03-22`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://arming.pages.dev/
Frame ID: 6DB804585A6DE6DD302FF28AA1B4225A
Requests: 51 HTTP requests in this frame

Frame: https://v.admaster.com.cn/i/a120083,b3097467,c4721,i0,m202,8a1,8b3,h
Frame ID: 0CC94786C01397323295831B143185E3
Requests: 1 HTTP requests in this frame

Frame: https://turing.captcha.gtimg.com/1/template/drag_ele.html
Frame ID: CD8BA44C0FC963627F9CBFDD3DFC07A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

观察者网

Page URL History Show full URLs

http://arming.pages.dev/ HTTP 307
https://arming.pages.dev/ Page URL
https://arming.pages.dev/cdn-cgi/phish-bypass?atok=WH57tkWM.xEGI7zSvJ0.8G2l.7d_LXVI7VCijy5kq2w-172786... HTTP 301
https://arming.pages.dev/ Page URL

Detected technologies

Tencent Waterproof Wall (Hosting panels) Expand

Overall confidence: 100%
Detected patterns

/TCaptcha\.js

CNZZ (Analytics) Expand

Overall confidence: 100%
Detected patterns

//[^./]+\.cnzz\.com/(?:z_stat.php|core)\?

Sensors Data (Analytics) Expand

Overall confidence: 100%
Detected patterns

sensorsdata

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

72 %
HTTPS

57 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

161 kB
Transfer

641 kB
Size

11
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: http://user.guancha.cn/?s=dhfengwen
Title: 风闻

Search URL Search Domain Scan URL

URL: http://m.guancha.cn/
Title: 手机版

Search URL Search Domain Scan URL

URL: http://weibo.com/newoutlook?topnav=1&wvr=4
Title: 观察者新浪微博

Search URL Search Domain Scan URL

URL: https://member.guancha.cn/gczedit/index.html
Title: 点击进入

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1308601
Title: 庆国庆！20000元好礼等你来拿！

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1190218
Title: 观察员小助手

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1308601#comment
Title: 评论 1

Search URL Search Domain Scan URL

URL: https://user.guancha.cn/
Title: 假期不少家长带孩子打卡名校，名校周边成家长新宠，是激励还是压力？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=263141
Title: 乐乐呵呵的啊

Search URL Search Domain Scan URL

URL: https://user.guancha.cn/#comment
Title: 评论 10

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310360
Title: 200枚导弹齐发? 伊朗突然出手的深层逻辑

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=216569
Title: 文化纵横

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310360#comment
Title: 评论 8

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310269
Title: “中巴方案”闪现和平曙光，乌克兰为何坐不住了？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=706877
Title: 有理儿有面

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310269#comment
Title: 评论 27

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310261
Title: 吃完OpenAI的瓜，我发现奥特曼的口碑好像有点崩了

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=238729
Title: 差评XPIN

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310261#comment
Title: 评论 4

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=244122
Title: 晨枫

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310270
Title: 《流浪地球2》重映，我为什么建议你再看一遍？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=226869
Title: 酷玩实验室

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310270#comment
Title: 评论 8

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310282
Title: 陕西，何以一跃成为汽车大省？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1305303
Title: 读城记工作室

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310282#comment
Title: 评论 5

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310267
Title: 共和国七十五载，斗罢艰险又出发

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=237334
Title: 新潮沉思录

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310267#comment
Title: 评论 3

Search URL Search Domain Scan URL

URL: https://member.guancha.cn/guanxueyuan/content.html?id=4067
Title: 托马斯·卡萨斯、张军：多重转型是理解中国的最好方式

Search URL Search Domain Scan URL

URL: https://member.guancha.cn/guanxueyuan/content.html?id=4067#comment
Title: 评论 2

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309229
Title: 459一个的毛绒玩具被疯抢，卖货方式把我小脑看萎缩了……

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1356924
Title: 柴狗夫斯基

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309229#comment
Title: 评论 41

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310264
Title: 为何大蒜被视为美国国安威胁，而东风导弹是友谊的桥梁？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=224018
Title: 后沙月光

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310264#comment
Title: 评论 103

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310260
Title: NASA都被坑了？为啥美国人还坚持用这些奇怪的单位？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310260#comment
Title: 评论 35

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310207
Title: 珠海航展将会有新型战机曝光的6种猜测，你看对不对？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=229518
Title: 军武次位面

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310207#comment
Title: 评论 55

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310224
Title: 国庆档有好片吗？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=781252
Title: 电影杂志

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310224#comment
Title: 评论 29

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310227
Title: 她拿自己做实验，发现怀孕会让女性大脑萎缩

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=869099
Title: 医学界

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310227#comment
Title: 评论 97

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=218155
Title: 陈经

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310057
Title: 10年前的手机被解锁后，才发现时代的眼泪是我自己

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310057#comment
Title: 评论 28

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310068
Title: 《西游记》播出38年后，唐僧迎来一场“网暴”

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=575609
Title: 视觉志

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310068#comment
Title: 评论 75

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=212582
Title: 张仲麟

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1308106
Title: 赵华胜：最紧迫的任务是解决那些正在发生的冲突

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1364658
Title: 北京对话

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1308106#comment
Title: 评论 10

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310052
Title: 车上快淘汰的收音机，怎么中美两边都要加回来？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310052#comment
Title: 评论 179

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310060
Title: 内塔尼亚胡没有疯

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310060#comment
Title: 评论 50

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310062
Title: 这次，美国大选又会上演什么“十月惊奇”？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310062#comment
Title: 评论 8

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310051
Title: “我的身份证上有你的名字”，是纪念更是传承！

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=538602
Title: 钧正平工作室

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1310051#comment
Title: 评论 11

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309986
Title: 又一条时速350公里的高铁来了，这次是在西南

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=882745
Title: 城市进化论

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309986#comment
Title: 评论 9

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309979
Title: 已经对A股手痒难耐了？新手们最好先看看这个

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1045222
Title: 知危

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309979#comment
Title: 评论 28

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309972
Title: 数学不好也是病？这个新门诊一号难求

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309972#comment
Title: 评论 20

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309971
Title: 到底有啥用？191步枪最新型号，居然可以折叠！

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309971#comment
Title: 评论 32

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309970
Title: 中国彩虹-9曝光配套巨型导弹，是21型空射高超音速弹道导弹吗？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1364193
Title: 大伊万频道

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309970#comment
Title: 评论 22

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309983
Title: 2024最拥挤赛道，经济第一大省也要“凑热闹”？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309983#comment
Title: 评论 2

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1365975
Title: 查雯

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309863
Title: 约旦外长对以色列的抨击，有一句是很有道理的

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=209871
Title: 梅华龙

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309863#comment
Title: 评论 45

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309569
Title: 2024年了，网红城市还能红多久？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309569#comment
Title: 评论 10

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309932
Title: 泽连斯基“胜利计划”欠缺外部条件

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1373489
Title: 中美聚焦

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1309932#comment
Title: 评论 9

Search URL Search Domain Scan URL

URL: http://www.idcpc.org.cn/
Title: 中共中央对外联络部

Search URL Search Domain Scan URL

URL: http://www.chinapeace.gov.cn/
Title: 中国长安网

Search URL Search Domain Scan URL

URL: http://www.fmprc.gov.cn/web/
Title: 外交部

Search URL Search Domain Scan URL

URL: http://www.gwytb.gov.cn/
Title: 国台办

Search URL Search Domain Scan URL

URL: http://www.21bcr.com/
Title: 文化纵横

Search URL Search Domain Scan URL

URL: http://navy.81.cn/
Title: 中国海军网

Search URL Search Domain Scan URL

URL: http://rdcy-sf.ruc.edu.cn/index.php
Title: 人大重阳

Search URL Search Domain Scan URL

URL: http://www.jwview.com/
Title: 中新经纬

Search URL Search Domain Scan URL

URL: http://www.cac.gov.cn/
Title: 中国网信网

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://arming.pages.dev/ HTTP 307
https://arming.pages.dev/ Page URL
https://arming.pages.dev/cdn-cgi/phish-bypass?atok=WH57tkWM.xEGI7zSvJ0.8G2l.7d_LXVI7VCijy5kq2w-1727860703-0.0.1.1-%2F HTTP 301
https://arming.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://arming.pages.dev/ HTTP 307
https://arming.pages.dev/

Request Chain 21

https://arming.pages.dev/images/jubao-icon.png HTTP 307
https://arming.pages.dev/images/jubao-icon.png

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
arming.pages.dev/
Redirect Chain

http://arming.pages.dev/
https://arming.pages.dev/

4 KB
2 KB

216ms
114ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arming.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0fe5c2651c269074b1d17e955aabff6143f25b55e76643b07225fa2188a9c9c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-ray: 8cc39ad52e37b8bb-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 02 Oct 2024 09:18:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsFoX5U0tNNq8xt2jcpN3V1GrJ5aVouDpASKFMQBUKQ%2FgmMzscaJj5yePdKqwrE6vR%2BDVl%2BEiFrwqP5dpQ3HTmrkwB6pQUzvV%2BgRr1B3k%2BubzMghunI%2Bdw1ES3jcXVT6bB1q"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://arming.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H3 200 speculation
arming.pages.dev/cdn-cgi/ 2 B
401 B 81ms
81ms Other
application/speculationrules+json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arming.pages.dev/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://arming.pages.dev
Referer: https://arming.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IjeEoDmxRDOZa4QZVVUmRINgdhcUvxlGpNRvi814d%2BmQ23nDW1D2SViyMjiEzO2KwOKeFtCn%2BFtMRxbfqWWsyP5PmonNOHsCERIWWqlW1fKqvfJGQO6uUiZPG6wsYgdutWx4"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39ad5ff58b8bb-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2
date: Wed, 02 Oct 2024 09:18:23 GMT
content-type: application/speculationrules+json
vary: Accept-Encoding
server: cloudflare

GET
H3 200 cf.errors.css
arming.pages.dev/cdn-cgi/styles/ 23 KB
5 KB 75ms
74ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arming.pages.dev/cdn-cgi/styles/cf.errors.css

Requested by

Host: arming.pages.dev
URL: https://arming.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
content-encoding: gzip
etag: W/"66f525a7-5df3"
x-content-type-options: nosniff
cf-ray: 8cc39ad5ff5cb8bb-AMS
expires: Wed, 02 Oct 2024 11:18:23 GMT
date: Wed, 02 Oct 2024 09:18:23 GMT
content-type: text/css
last-modified: Thu, 26 Sep 2024 09:13:11 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 icon-exclamation.png
arming.pages.dev/cdn-cgi/images/ 452 B
634 B 22ms
22ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arming.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: arming.pages.dev
URL: https://arming.pages.dev/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/cdn-cgi/styles/cf.errors.css

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
etag: "66f525a7-1c4"
x-content-type-options: nosniff
cf-ray: 8cc39ad69857b8bb-AMS
expires: Wed, 02 Oct 2024 11:18:23 GMT
accept-ranges: bytes
content-length: 452
date: Wed, 02 Oct 2024 09:18:23 GMT
content-type: image/png
last-modified: Thu, 26 Sep 2024 09:13:11 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 favicon.ico
arming.pages.dev/ 5 KB
2 KB 1069ms
1068ms Other
image/vnd.microsoft.icon 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arming.pages.dev/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49bc57d6cdd3a969c1ec9bd8d0474e060c7e20da965bcf1b9feb78ba4d7ac7ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7JBVK7STtC5BQrZAjlbAueON6c5Z9Fw0Uy4dBag2HClEFZwAm85XkpEcm6rLqwmcfxVcMoEJ4hu591eKs3CHpoyQbtBbqpKumIYI7CZkIaiagmvgZs4iTTIx3nO5b91R374q"}],"group":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval' data: blob: ; report-uri https://reports.baidu.com/csp-report
cf-ray: 8cc39ad6d8a0b8bb-AMS
accept-ranges: bytes
content-length: 1601
date: Wed, 02 Oct 2024 09:18:24 GMT
public-key-pins-report-only: max-age=300;pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q=";pin-sha256="IQBnNBEiFuhj+8x6X8XLgh01V9Ic5/V3IRQLNFFc7v4=";report-uri="https://reports.baidu.com/pkp-report/"
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
server: cloudflare

GET
H3

200

Primary Request / Show response
arming.pages.dev/
Redirect Chain

https://arming.pages.dev/cdn-cgi/phish-bypass?atok=WH57tkWM.xEGI7zSvJ0.8G2l.7d_LXVI7VCijy5kq2w-1727860703-0.0.1.1-%2F
https://arming.pages.dev/

336 KB
51 KB

1227ms
1224ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arming.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be8c1252f6d3148ca893ab5fbacac5fbfdc84d4eb4648eb012af95c3ec16ae7d

Request headers

Referer: https://arming.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 53
cache-control: max-age=60
cf-cache-status: DYNAMIC
cf-ray: 8cc39aeed83eb8bb-AMS
content-encoding: br
content-type: text/html
date: Wed, 02 Oct 2024 09:18:28 GMT
last-modified: Wed, 02 Oct 2024 09:15:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ixMe7aYYJNkxSvqZTdduGFtxCOlzUsvj7Vc8gXCptB%2Brnx%2F4BDj6NXR6EyEYtz7T7lGre2OszpNTlKDRn7soO6a7eSSlMqL05%2F20uP8%2B7OTXNLJdTtiOxOVxuYbJDYny8jJm"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-cache-lookup: Cache Hit
x-nws-log-uuid: 8519022807196365160

Redirect headers

cache-control: private, no-cache
cf-ray: 8cc39aeea807b8bb-AMS
content-length: 167
content-type: text/html
date: Wed, 02 Oct 2024 09:18:27 GMT
location: https://arming.pages.dev/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 speculation
arming.pages.dev/cdn-cgi/ 2 B
385 B 31ms
31ms Other
application/speculationrules+json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arming.pages.dev/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://arming.pages.dev
Referer: https://arming.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oPr5yXGRCsCw%2F9rjcOlGkjv0H4hvYS7VDy%2FmWVULJPTV2ktjsrr3%2BIZjK8%2FomO2m3R0wpOIQ5sbOxKlt6n6FZRGXoko4QIUdFJMQBmJCfSs5JuGYHa8hFR1Ia25CqXbqHQPe"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39af68b7bb8bb-AMS
content-length: 2
date: Wed, 02 Oct 2024 09:18:28 GMT
content-type: application/speculationrules+json
vary: Accept-Encoding
server: cloudflare

GET
H3 404 public.css
arming.pages.dev/css/ 0
0 1355ms
1354ms Stylesheet
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arming.pages.dev/css/public.css?20241625

Requested by

Host: arming.pages.dev
URL: https://arming.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

x-request-ip: 172.70.47.39
content-encoding: br
cf-cache-status: BYPASS
x-dsa-origin-status: 404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HOhWgQW7q5SH6bK3TI28n%2FbyoVVdQosCfnPFpBC0Djc7ublefLCBUOAprND2bZUVGl1CJXyUen9KE1jCJavRkmr958YdDoJ%2BNB%2Bg3uF%2FpJuz%2BQVJr5PDK9475uIUSQH4s5hF"}],"group":"cf-nel","max_age":604800}
server-timing: cdn-cache;desc=MISS, origin;dur=20, edge;dur=0
date: Wed, 02 Oct 2024 09:18:30 GMT
content-type: text/html
vary: Accept-Encoding
strict-transport-security: max-age=300
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
x-tt-trace-tag: id=5
via: n116-162-051-071.bdcdn-huncu.ToB
cf-ray: 8cc39af69b7eb8bb-AMS
x-dsa-trace-id: 1727860710aececdfe0ce7d7c2eedba1c79a730ca0
server: cloudflare

GET
H3 502 main.css
arming.pages.dev/css/ 0
0 2805ms
2803ms Stylesheet
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arming.pages.dev/css/main.css?20240726
Requested by: Host: arming.pages.dev
URL: https://arming.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-nws-log-uuid: 3123907976193050976
cf-cache-status: BYPASS
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8pXfWU1k%2Bgp7TtuRQshKHQE6bMfECjOYpCzXvkTtlQWMLe0SJrt6X085skCGGa1T%2B6nuue6boIcEDDKQAoG11QsC5zXzTJSThsseNVNsFG0KsGTWZzlbgndmgtE0VS8h3a%2BX"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39af69b83b8bb-AMS
server-timing: cdn-cache;desc=miss, edge;dur=1167, origin;dur=1360
date: Wed, 02 Oct 2024 09:18:31 GMT
x-cache-lookup: Cache Miss, Cache Miss, Cache Miss, Cache Miss
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3 521 olympics.css
arming.pages.dev/css/ 0
0 823ms
821ms Stylesheet
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arming.pages.dev/css/olympics.css?202407261511

Requested by

Host: arming.pages.dev
URL: https://arming.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F6aUj0BF%2FjuW98DOZWhrUqGv9%2F2YpW9JffqZpd%2BuUV9v8cyMRRZMHUW6d1VSeNoWzvo47UoDJLPwOAPTE9O0gnkh21foQVMxmRaY3PIwz4FtSuk25O%2Fux%2Fi%2FX0BL%2BWF6r8WB"}],"group":"cf-nel","max_age":604800}
referrer-policy: same-origin
cf-ray: 8cc39af69b89b8bb-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Wed, 02 Oct 2024 09:18:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 jquery-3.6.0.min.js
arming.pages.dev/js/ 0
0 928ms
927ms Script
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arming.pages.dev/js/jquery-3.6.0.min.js
Requested by: Host: arming.pages.dev
URL: https://arming.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5JQgOMX2ZXIiK0f5SoK25oRJWhJeUIzABDvsqDQx9Ql7IzM1L1wYkgX2%2FRy5nd%2B5N%2FQgBIYBdlJRjYl%2FpvqGU5KUjN%2BvR8li297%2BxOuW29tbAjvAnXHqNXmj%2BuHrUf9n0kHa"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39af69b8cb8bb-AMS
content-length: 40
date: Wed, 02 Oct 2024 09:18:29 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H3 403 mian-logo.png
arming.pages.dev/images/ 42 B
42 B 1008ms
1006ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arming.pages.dev/images/mian-logo.png
Requested by: Host: arming.pages.dev
URL: https://arming.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87f2f673eceb7d9f420e2acda06beb155958f4600811940d0a269e94b3e733c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d0Qrd%2BA3sgRNDZ6QhU8WMnIPq0Dmbjq3LBNJpj4VKvdsFlpR0xw897DH3cw9QuB0c0RX6x%2Bei5aBFj0mBPLEuigl%2BYqD34%2Feq1i%2FFNCOQPH54Qh5cQ1ltgoLviGYSBjs57Rs"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39af69b90b8bb-AMS
content-length: 42
date: Wed, 02 Oct 2024 09:18:29 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET vip-diamond.gif
i.guancha.cn/ 0
0

GET app-erweima.png
i.guancha.cn/ 0
0

GET xinhomepage.png
i.guancha.cn/ 0
0

GET 20241002144524183.jpg
i.guancha.cn/news/2024/10/02/ 0
0

GET left-gcy.jpg
i.guancha.cn/ 0
0

GET middle-top-frame.jpg
i.guancha.cn/ 0
0

GET yellowV.png
i.guancha.cn/ 0
0

GET noV.png
i.guancha.cn/ 0
0

GET blueV.png
i.guancha.cn/ 0
0

GET
H3 530 beian-icon.png
arming.pages.dev/images/ 6 KB
6 KB 71ms
68ms Image
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arming.pages.dev/images/beian-icon.png

Requested by

Host: arming.pages.dev
URL: https://arming.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5b6a341b6f68164509a8af73c40885e9654c0ba8cbdebcc4deb46096a30db1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2B22u%2FSobtkMmdnfylIXqSDXzG%2BVBIUOaOOWT9OEuoGNBhjPhTFtXsSSNHXR1XezrlpmXnD48KydYa2EjI1vubUsviExLBSn4FVVmtnwuTFcOlX3fCZ%2BUKgDSEODUZxcFl88"}],"group":"cf-nel","max_age":604800}
referrer-policy: same-origin
cf-ray: 8cc39b082a6eb8bb-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Wed, 02 Oct 2024 09:18:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3

403

jubao-icon.png
arming.pages.dev/images/
Redirect Chain

https://arming.pages.dev/images/jubao-icon.png
https://arming.pages.dev/images/jubao-icon.png

47 B
47 B

104ms
104ms

Image
text/plain

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arming.pages.dev/images/jubao-icon.png
Requested by: Host: arming.pages.dev
URL: https://arming.pages.dev/
Protocol: H3
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db161d7c3c56efa12f9194f228d8345baec3a9cedb77e8165ef423cfad50c685

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B6B2WsI0WQX9c9h9hNDEqV6nwWRBS2r8Ox1yUijQRUuZUJv0Msmwmob1488mBFVvBk6dZlMBUoGSNnHKI7b4g3g%2F1L%2FbNV4oI8S1K4B7ANThjly10m49DF0va0Bq4RQ4eYQq"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39b0ce895b8bb-AMS
content-length: 47
date: Wed, 02 Oct 2024 09:18:32 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: no-cache, no-store
location: /images/jubao-icon.png
cf-cache-status: BYPASS
pragma: no-cache
speculation-rules: "/cdn-cgi/speculation"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rfxa3Y34utTDBuSE3ddOjdRHCNi5VC4BrEYeUVqsBBPDtboDwr7ear3yktNNxmw65orHutKybq3mewAnGwos26NLGBPW8Mksp8t8usc1zLBNDHRojm%2F6YCDQWqhnb9LGblF9"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39b082a73b8bb-AMS
date: Wed, 02 Oct 2024 09:18:32 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3 403 wangxinban_jubao.png
arming.pages.dev/images/ 43 B
43 B 1618ms
1614ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arming.pages.dev/images/wangxinban_jubao.png
Requested by: Host: arming.pages.dev
URL: https://arming.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d55b37c646e6bb26e27154aeb5fd15edc1601465a033973b9d1ca107a49e120

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9K8%2FDPhl3Z6asGd98q5vXKeyK0vh1mfLsuTW1Iog7O909SytM1ysyjrI5I9KFvF5EcTXSIaZJLgaz2ysMt4FCvdKqyOFWQxZPbF20f95F8iZhuvuzLGuNhqSy6Xn2jAbo0ju"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39b082a77b8bb-AMS
content-length: 43
date: Wed, 02 Oct 2024 09:18:33 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H3 530 gotop.png
arming.pages.dev/images/ 6 KB
6 KB 4061ms
4057ms Image
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arming.pages.dev/images/gotop.png

Requested by

Host: arming.pages.dev
URL: https://arming.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98d94cf209a734bc42a0ac9c8b430a39e8dea7c6e1cdf480a9a0a040ff2f7bb4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ITmkVNf6VKd0ggcPbryjuv4ZFBFD604AXb8eF81VPdKGJ0lratZLZWV4o8vI75CO2O1DzSiPt2AtnwncLHoQVh7e0v7aE2jCXZuuh1yCU%2BeYtca8%2Be27E%2Fud2%2F8et99jVqLY"}],"group":"cf-nel","max_age":604800}
referrer-policy: same-origin
cf-ray: 8cc39b082a79b8bb-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Wed, 02 Oct 2024 09:18:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 sensorsdata.min.js
arming.pages.dev/js/ 0
0 369ms
369ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arming.pages.dev/js/sensorsdata.min.js
Requested by: Host: arming.pages.dev
URL: https://arming.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

eo-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: BYPASS
speculation-rules: "/cdn-cgi/speculation"
eo-log-uuid: 14962007668074569598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4thGx7UfEgedPJ5Ely5wK5RYPk7ETaoyoMvmhd34U9NOl1lbonmmqGX3Dmb%2Bqx2eKiBIPXMrTL2mdv%2F%2B1O8gXH2VWyzjtvb97sH2b2%2FebuSjpUkAAKAnSOzs5mnW4OArcNqq"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39b07b9c4b8bb-AMS
date: Wed, 02 Oct 2024 09:18:31 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3 404 sensor.js
arming.pages.dev/js/ 0
0 1072ms
1072ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arming.pages.dev/js/sensor.js?20211230
Requested by: Host: arming.pages.dev
URL: https://arming.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=teag1rozh56UVEe7PMJsJx5BgSw7dhIGa97XoVLiANykhf%2FJn0oprdFJnAXdj07vLg%2F5j9KVFp%2BQLgFcxD9OaAI2xtY7nq2fY7iIobxTa49QUe8wDWkZJcq1s1rw35hM2KID"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39b07b9c5b8bb-AMS
date: Wed, 02 Oct 2024 09:18:32 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK comments-plugin-cms.js Show response
user.guancha.cn/static/js/ 3 KB
2 KB 2314ms
277ms Script
application/javascript 2408:8748:c110:302::3f
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Requested by: Host: arming.pages.dev
URL: https://arming.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2408:8748:c110:302::3f , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 7babbc9915bcce727bce6e60885d50429e3ab9a09523431da38741bf51e36d8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

X-NWS-LOG-UUID: 11275156960964563150
Content-Encoding: gzip
Etag: "65ae1955-d0e"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1196
Date: Sat, 24 Aug 2024 18:32:36 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Mon, 22 Jan 2024 07:29:25 GMT
Content-Type: application/javascript; charset=utf-8
Server: nginx

GET
H3 403 jquery.lazyload.js
arming.pages.dev/js/ 0
0 1141ms
1139ms Script
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arming.pages.dev/js/jquery.lazyload.js
Requested by: Host: arming.pages.dev
URL: https://arming.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l2DbmejxgQzK5rvBtJTSna7dkfZ1V6faS4rxcEAnweJLxU9keTiA280lTtPVN%2B%2BxuBWTz3SOgoBZnkSlHeuCArAckHLxvizf%2BTMbiwDNKJ%2B55eff5oeX3DNNyn3RI2%2B4K4r1"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39b082a5eb8bb-AMS
content-length: 39
date: Wed, 02 Oct 2024 09:18:32 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H3 404 base.js
arming.pages.dev/js/ 0
0 1235ms
1233ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arming.pages.dev/js/base.js
Requested by: Host: arming.pages.dev
URL: https://arming.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: BYPASS
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RBWtW40q2ohKEJwhWog1JwpSJ%2B0orn445mAs5JAkUUy4SLUn0uZ8%2BWlEGmgIr21fGEwEBruTlUS2SNGBHP3kK7qdRaGjzMP%2Bf7zrpgL2%2BNfuU%2Br1rSFi%2BTUBKmia7a1mDof5"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39b082a63b8bb-AMS
date: Wed, 02 Oct 2024 09:18:32 GMT
content-type: text/html
vary: Accept-Encoding
x-powered-by: ASP.NET
server: cloudflare

GET
H3 404 jquery.SuperSlide.js
arming.pages.dev/js/ 0
0 938ms
936ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arming.pages.dev/js/jquery.SuperSlide.js?20240726
Requested by: Host: arming.pages.dev
URL: https://arming.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws-request-id: 66fd0fe7_PShlamstdAMS1vj92_41771-25509
content-encoding: br
cf-cache-status: MISS
x-via: 1.1 PS-IAD-01kGb234:4 (Cdn Cache Server V2.0), 1.1 kf160:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:13 (Cdn Cache Server V2.0)
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LRqv6%2FZhagn1FRedNfPzWAIfIVnwCJAZD%2FFvJWQxXf2M40nJtqNUbpwyO5Vn25zbWR00zGm%2BDmCirnXqz7i51BerieEc2C6uW%2FQD66WkS1ZL9nKtS%2B6OiXxfhfI4GBmfuYhP"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39b082a65b8bb-AMS
date: Wed, 02 Oct 2024 09:18:32 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3 403 olympics.js
arming.pages.dev/js/ 0
0 108ms
106ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arming.pages.dev/js/olympics.js?20240726

Requested by

Host: arming.pages.dev
URL: https://arming.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws-request-id: 66fd0fe7_PS-LHR-04sJI43_29231-52497
content-encoding: br
cf-cache-status: BYPASS
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wVwSf5leTEMIs%2BL%2BirKGNEAUKNX7KpAYsMwPWJgj4d6NmBHk9NB0Zo0IQEgADU8Cdjp772jYLQsuFgh7RmaEL6xup%2F5yWErZTaakzfQxxYuWYKTWUhF1yT8KGnarSRgPJ2Pb"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cc39b082a6bb8bb-AMS
date: Wed, 02 Oct 2024 09:18:31 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 404 main.js
arming.pages.dev/js/ 0
0 1351ms
1349ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arming.pages.dev/js/main.js?20240726
Requested by: Host: arming.pages.dev
URL: https://arming.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

content-encoding: br
cf-cache-status: BYPASS
x-error-info: Origin
ohc-cache-hit: als3un58 [1], suzix182 [1]
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZnBtz8uDwC46J3U59zDVVLO%2BBPMN9udFhGNmk6vzDdzzNIIePfzApAMgPvpvkfAAquWZRbgSlLjy0w7zLVowPhRV9vDIEKF7C4%2BektQw6eHuY9pJkU%2BUUsGC6Kwl4T0%2BJPN5"}],"group":"cf-nel","max_age":604800}
date: Wed, 02 Oct 2024 09:18:33 GMT
content-type: text/html; charset=gb2312
vary: Accept-Encoding
ohc-file-size: 7534
x-cache-status: MISS
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 8cc39b082a6db8bb-AMS
origin-agent-cluster: ?0
server: cloudflare

GET yellowV.png
i.guancha.cn/ 0
0

GET blueV.png
i.guancha.cn/ 0
0

GET noV.png
i.guancha.cn/ 0
0

GET
H/1.1 200
OK h.js Show response
hm.baidu.com/ 30 KB
12 KB 1135ms
424ms Script
application/javascript 111.45.11.83
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/h.js?8ab18ec6e3ee89210917ef2c8572b30e

Requested by

Host: arming.pages.dev
URL: https://arming.pages.dev/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.11.83 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

d1b25dbee2a3abb94e878431f454493795a3b5f9e6f6a53cee09645b2230f948

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://arming.pages.dev/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Etag: 95c9a875fa9dc8409540fdfca3b74b9d
Content-Length: 11648
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Wed, 02 Oct 2024 09:18:32 GMT
Content-Type: application/javascript
Server: apache

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 1340ms
1339ms Image
image/gif 111.45.11.83
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=AE8D92F7409B9DE4&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=nl-nl&lo=0&rnd=1829221187&si=8ab18ec6e3ee89210917ef2c8572b30e&su=https%3A%2F%2Farming.pages.dev%2F&v=1.3.2&lv=1&sn=30438&r=0&ww=1600&u=https%3A%2F%2Farming.pages.dev%2F&tt=%E8%A7%82%E5%AF%9F%E8%80%85%E7%BD%91

Requested by

Host: arming.pages.dev
URL: https://arming.pages.dev/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.11.83 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: private, max-age=0, no-cache
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Wed, 02 Oct 2024 09:18:34 GMT
Content-Type: image/gif
Server: apache

GET
H2 200 z_stat.php Show response
s95.cnzz.com/ 0
311 B 964ms
321ms Script
text/plain 240e:954:0:41:3::7e2
CHINANET-SHAANXI-...

General

Check archive.org

Show headers Download Go to

Full URL: https://s95.cnzz.com/z_stat.php?id=1254137364
Requested by: Host: arming.pages.dev
URL: https://arming.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 240e:954:0:41:3::7e2 , China, ASN134768 (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://arming.pages.dev/

Response headers

cache-control: public, max-age=90
x-swift-cachetime: 90
timing-allow-origin: *
age: 88
via: cache36.l2cn3155[94,93,200-0,M], cache46.l2cn3155[95,0], cache21.cn7154[0,0,200-0,H], cache18.cn7154[0,0]
ali-swift-global-savetime: 1727860626
x-swift-savetime: Wed, 02 Oct 2024 09:17:06 GMT
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
content-length: 0
date: Wed, 02 Oct 2024 09:17:05 GMT
eagleid: 7517319e17278607140968356e
server: Tengine

GET a120083,b3097467,c4721,i0,m202,8a1,8b3,h
v.admaster.com.cn/i/ Frame 0CC9 0
0

GET
H3 404 iconfont.css
user.pages.dev/static/font/ 0
0 115ms
69ms Stylesheet
text/plain 172.66.46.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/font/iconfont.css?20171216
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.46.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SpUFN5MdmdBLcXZs6k%2FEf1COj9u0RgLFAFRSslBEsVOXNmm3GKdY8vpeWcxLUixXlAY%2BFX2awgrpvLWVcJyl1io0vnj57NU5FmPfT4mV2jr7Ex6oXqn%2Bu7djGY2s1ZUXsw%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cc39b187826775d-AMS
access-control-allow-origin: *
content-length: 0
date: Wed, 02 Oct 2024 09:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 usernav.css
user.pages.dev/static/css/ 0
0 116ms
70ms Stylesheet
text/plain 172.66.46.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/css/usernav.css?20171216
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.46.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yfcbe71ToO91XtwuUncbPvwFivhmroOTZroL3hV7H5pmsUOx0D2QRX0fl9PsYoyKb%2BmjdDQVsDXmkt37yREZK3GJeWmx8CZVnQxNZxIpXJNKPfyB9Ss0hq%2BX0kU0szZu9w%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cc39b187829775d-AMS
access-control-allow-origin: *
content-length: 0
date: Wed, 02 Oct 2024 09:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 new-comments.css
user.pages.dev/static/css/ 0
0 147ms
101ms Stylesheet
text/plain 172.66.46.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/css/new-comments.css?20230122
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.46.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2BnGUCvxXjGadZnS%2BDWkh7MkQqhw%2FsxttlgI%2BVywr82kxbcHjOga0bThgfuRVm%2BkzhIQZQkpQ3tFTTK7RorpfXdYqGpjv3p42jPEGgy8VgZ%2Fnio%2BOoCgO3PLS5rAIpRTQg%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cc39b187828775d-AMS
access-control-allow-origin: *
content-length: 0
date: Wed, 02 Oct 2024 09:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 login.css
user.pages.dev/static/css/ 0
0 96ms
50ms Stylesheet
text/plain 172.66.46.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/css/login.css?202220922
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.46.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2BwDKdT98DZ8HHxp9MU9NfE5QA9tpu4WRrhKuiWA%2BHiwqE%2FWhz%2Fb6yjn98oTvZi84NVghpgwvV%2FThpgVXEU4KZBMkNnGECoZMf1VNULQ7Ek4apaF2BQaYwpK9Yxj4en2Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cc39b187827775d-AMS
access-control-allow-origin: *
content-length: 0
date: Wed, 02 Oct 2024 09:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 jquery.sinaEmotion.css
user.pages.dev/static/plugins/sinaEmotion/ 0
0 124ms
78ms Stylesheet
text/plain 172.66.46.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/plugins/sinaEmotion/jquery.sinaEmotion.css?20221031
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.46.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=38MFXUAhP7cz%2BOr%2B5ZMHsg42VcqDg2%2FPQlbvhiY%2BlXO63wdshCF17Fp3BIfRxm7PGxINNfgiW6BSy6tq4dlEBPnydp5fsStkzMBMhWj8zzFkyM2nEUMBMhqkoce3f%2BXTkw%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cc39b18782e775d-AMS
access-control-allow-origin: *
content-length: 0
date: Wed, 02 Oct 2024 09:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 umeditor.css
user.pages.dev/static/um/themes/comment/css/ 0
0 117ms
71ms Stylesheet
text/plain 172.66.46.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/um/themes/comment/css/umeditor.css?20221202
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.46.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q%2FZq7Ns5cCTJEZjh6tXxYmYsaqN62W%2FB6Ox%2FG%2FeUi1IcxqhkKEtr0ow7aR8SOrw4sgvNHPndLHdq4BQTSsC0mUIpkS0XifuOpkjz2D9M0jS5xGMFBs6MhDTJGvbfZZNwLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cc39b187830775d-AMS
access-control-allow-origin: *
content-length: 0
date: Wed, 02 Oct 2024 09:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 umeditor.css
user.pages.dev/static/um/themes/default/css/ 0
0 117ms
72ms Stylesheet
text/plain 172.66.46.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/um/themes/default/css/umeditor.css?20221202
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.46.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DfZCnYe9cMxKuiIuhDDHjg%2FGdkXDTc1HhiWC2IHIvGBswhl35HuElwElJtMlqtzaiB5n01XhfFGFODrRmcibRbRf%2FFRab2ILPmwQSNngyTCk9hyYbhwTKzTebuYw5XNEEg%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cc39b187835775d-AMS
access-control-allow-origin: *
content-length: 0
date: Wed, 02 Oct 2024 09:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 fatie.css
user.pages.dev/static/css/ 0
0 112ms
67ms Stylesheet
text/plain 172.66.46.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/css/fatie.css?20221206
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.46.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P1I7zH5MRMABqqViGmwJkt47MYA8MJYVPLOekr4YFO2lJhdCIJwGBYqhGYzlIJ5Q%2F3X480GPNYLE%2FO0eubxyB9WGAPFW9nan4Mn%2FJBfAdoHaI2H2OfPPdyjtE1vSz6z4Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cc39b187832775d-AMS
access-control-allow-origin: *
content-length: 0
date: Wed, 02 Oct 2024 09:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 common.js
user.pages.dev/dist/js/ 0
0 106ms
106ms Script
text/plain 172.66.46.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/dist/js/common.js?202310135
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.46.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QQCkeSapZosxC4oRwVavdlih4Ks%2BzqJ91BOHkl4JQaE9jMtsPJMF5TZPw6zsPF%2BBpxjwcpnpFaPcuonj8XTVxwSZyKED2pBeVfMeDfAJUUmWuQndQ5olJSlQ2%2FhM2wGuFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cc39b18e892775d-AMS
access-control-allow-origin: *
content-length: 0
date: Wed, 02 Oct 2024 09:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK TCaptcha.js Show response
turing.captcha.qcloud.com/ 54 KB
20 KB 2119ms
327ms Script
text/javascript 240d:c000:2010:1807:0:9aca:1a5a:cd35
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://turing.captcha.qcloud.com/TCaptcha.js?20191213
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240d:c000:2010:1807:0:9aca:1a5a:cd35 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Trpc httpd, tencent http server /
Resource Hash: 148c8b6bcab09b992f39ec722ecd9f6b51ce5f78ea68a6dff2b920537024742f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=600
Content-Encoding: gzip
Connection: keep-alive
P3P: CP=CAO PSA OUR
Date: Wed, 02 Oct 2024 09:18:36 GMT
Content-Type: text/javascript
Server: Trpc httpd, tencent http server

GET tcaptcha-frame.5e0f125a.js
turing.captcha.gtimg.com/1/ 0
0

GET
H/1.1 200
OK tcaptcha-frame.5e0f125a.js Show response
turing.captcha.qcloud.com/ 172 KB
54 KB 357ms
357ms Script
text/javascript 240d:c000:2010:1807:0:9aca:1a5a:cd35
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://turing.captcha.qcloud.com/tcaptcha-frame.5e0f125a.js
Requested by: Host: turing.captcha.qcloud.com
URL: https://turing.captcha.qcloud.com/TCaptcha.js?20191213
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240d:c000:2010:1807:0:9aca:1a5a:cd35 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Trpc httpd, tencent http server /
Resource Hash: e69d801c4149d3d8c326aabb3bc8fec4d2498e696a14abb195b789978b55fc39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arming.pages.dev/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=600
Content-Encoding: gzip
Connection: keep-alive
P3P: CP=CAO PSA OUR
Date: Wed, 02 Oct 2024 09:18:38 GMT
Content-Type: text/javascript
Server: Trpc httpd, tencent http server

GET
H2 200 drag_ele.html
turing.captcha.gtimg.com/1/template/ Frame CD8B 0
0 794ms
265ms Document
text/html 2408:8752:e00:81::3c

General

Check archive.org

Show headers Download Go to

Full URL: https://turing.captcha.gtimg.com/1/template/drag_ele.html
Requested by: Host: turing.captcha.qcloud.com
URL: https://turing.captcha.qcloud.com/tcaptcha-frame.5e0f125a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2408:8752:e00:81::3c -, , ASN (),
Reverse DNS
Software: Trpc httpd tencent http server /
Resource Hash

Request headers

Referer: https://arming.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
content-encoding: gzip
content-length: 22698
content-type: text/html
date: Sun, 22 Sep 2024 09:41:36 GMT
p3p: CP=CAO PSA OUR
pragma: No-cache
server: Trpc httpd tencent http server
x-cache-lookup: Cache Hit
x-nws-log-uuid: 7518530127945597299

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.guancha.cn
URL: https://i.guancha.cn/vip-diamond.gif

Domain: i.guancha.cn
URL: https://i.guancha.cn/app-erweima.png?20190610

Domain: i.guancha.cn
URL: https://i.guancha.cn/xinhomepage.png?20181101

Domain: i.guancha.cn
URL: https://i.guancha.cn/news/2024/10/02/20241002144524183.jpg

Domain: i.guancha.cn
URL: https://i.guancha.cn/left-gcy.jpg?20211103

Domain: i.guancha.cn
URL: https://i.guancha.cn/middle-top-frame.jpg?20211103

Domain: i.guancha.cn
URL: https://i.guancha.cn/yellowV.png?20200320

Domain: i.guancha.cn
URL: https://i.guancha.cn/noV.png

Domain: i.guancha.cn
URL: https://i.guancha.cn/blueV.png?20200320

Domain: i.guancha.cn
URL: https://i.guancha.cn/yellowV.png?20200320

Domain: i.guancha.cn
URL: https://i.guancha.cn/blueV.png?20200320

Domain: i.guancha.cn
URL: https://i.guancha.cn/noV.png

Domain: v.admaster.com.cn
URL: https://v.admaster.com.cn/i/a120083,b3097467,c4721,i0,m202,8a1,8b3,h

Domain: turing.captcha.gtimg.com
URL: https://turing.captcha.gtimg.com/1/tcaptcha-frame.5e0f125a.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
arming.pages.dev/css	1970-01-20 23:58:23	Name: tradeLdc Value: NJYH
arming.pages.dev/js	1969-12-31 23:59:59	Name: Value: HttpOnly
.arming.pages.dev/	1970-01-20 23:59:07	Name: __cf_mw_byp Value: WH57tkWM.xEGI7zSvJ0.8G2l.7d_LXVI7VCijy5kq2w-1727860703-0.0.1.1-/
arming.pages.dev/	1970-01-20 23:57:42	Name: acw_sc__v2 Value: 66fd0fe84e484af96f374b9597e032afb2c3a92b
arming.pages.dev/	1970-01-20 23:57:42	Name: acw_tc Value: 1a0c660617278607123486914e004bcf9240189d7cb1a66d3ef575c4a22e2e
arming.pages.dev/	1969-12-31 23:59:59	Name: eng_k55_id Value: 015103
.hm.baidu.com/	1970-01-21 09:33:40	Name: HMACCOUNT_BFESS Value: AE8D92F7409B9DE4
arming.pages.dev/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: rt5ps3hctrsp3xmowqr20jx4
.arming.pages.dev/	1970-01-21 08:43:16	Name: Hm_lvt_8ab18ec6e3ee89210917ef2c8572b30e Value: 1727860713
.arming.pages.dev/	1969-12-31 23:59:59	Name: Hm_lpvt_8ab18ec6e3ee89210917ef2c8572b30e Value: 1727860713
.arming.pages.dev/	1969-12-31 23:59:59	Name: HMACCOUNT Value: AE8D92F7409B9DE4

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://arming.pages.dev/ Message: Mixed Content: The page at 'https://arming.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://i.guancha.cn/xinhomepage.png?20181101'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://arming.pages.dev/css/olympics.css?202407261511 Message: Failed to load resource: the server responded with a status of 521 ()
network	error	URL: https://arming.pages.dev/js/jquery-3.6.0.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://arming.pages.dev/images/mian-logo.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://arming.pages.dev/css/public.css?20241625 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://arming.pages.dev/css/main.css?20240726 Message: Failed to load resource: the server responded with a status of 502 ()
security	warning	URL: https://arming.pages.dev/(Line 2240) Message: Mixed Content: The page at 'https://arming.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://i.guancha.cn/xinhomepage.png?20181101'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://arming.pages.dev/images/beian-icon.png Message: Failed to load resource: the server responded with a status of 530 ()
javascript	warning	URL: https://arming.pages.dev/(Line 3389) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://hm.baidu.com/h.js?8ab18ec6e3ee89210917ef2c8572b30e, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://arming.pages.dev/(Line 3389) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://hm.baidu.com/h.js?8ab18ec6e3ee89210917ef2c8572b30e, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://arming.pages.dev/js/olympics.js?20240726 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://arming.pages.dev/js/sensorsdata.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://arming.pages.dev/images/jubao-icon.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://arming.pages.dev/js/jquery.SuperSlide.js?20240726 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://arming.pages.dev/js/sensor.js?20211230 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://arming.pages.dev/js/jquery.lazyload.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://arming.pages.dev/js/base.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://arming.pages.dev/js/main.js?20240726 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://arming.pages.dev/(Line 3391) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s95.cnzz.com/z_stat.php?id=1254137364, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://arming.pages.dev/(Line 3391) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s95.cnzz.com/z_stat.php?id=1254137364, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://arming.pages.dev/images/wangxinban_jubao.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://user.pages.dev/static/css/login.css?202220922 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/css/fatie.css?20221206 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/font/iconfont.css?20171216 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/css/usernav.css?20171216 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/um/themes/comment/css/umeditor.css?20221202 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/um/themes/default/css/umeditor.css?20221202 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/plugins/sinaEmotion/jquery.sinaEmotion.css?20221031 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/css/new-comments.css?20230122 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/dist/js/common.js?202310135 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://arming.pages.dev/images/gotop.png Message: Failed to load resource: the server responded with a status of 530 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arming.pages.dev
hm.baidu.com
i.guancha.cn
s95.cnzz.com
turing.captcha.gtimg.com
turing.captcha.qcloud.com
user.guancha.cn
user.pages.dev
v.admaster.com.cn
i.guancha.cn
turing.captcha.gtimg.com
v.admaster.com.cn
111.45.11.83
172.66.46.252
188.114.97.3
2408:8748:c110:302::3f
2408:8752:e00:81::3c
240d:c000:2010:1807:0:9aca:1a5a:cd35
240e:954:0:41:3::7e2
148c8b6bcab09b992f39ec722ecd9f6b51ce5f78ea68a6dff2b920537024742f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49bc57d6cdd3a969c1ec9bd8d0474e060c7e20da965bcf1b9feb78ba4d7ac7ef
7babbc9915bcce727bce6e60885d50429e3ab9a09523431da38741bf51e36d8a
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
87f2f673eceb7d9f420e2acda06beb155958f4600811940d0a269e94b3e733c0
98d94cf209a734bc42a0ac9c8b430a39e8dea7c6e1cdf480a9a0a040ff2f7bb4
9d55b37c646e6bb26e27154aeb5fd15edc1601465a033973b9d1ca107a49e120
be5b6a341b6f68164509a8af73c40885e9654c0ba8cbdebcc4deb46096a30db1
be8c1252f6d3148ca893ab5fbacac5fbfdc84d4eb4648eb012af95c3ec16ae7d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1b25dbee2a3abb94e878431f454493795a3b5f9e6f6a53cee09645b2230f948
db161d7c3c56efa12f9194f228d8345baec3a9cedb77e8165ef423cfad50c685
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69d801c4149d3d8c326aabb3bc8fec4d2498e696a14abb195b789978b55fc39
f0fe5c2651c269074b1d17e955aabff6143f25b55e76643b07225fa2188a9c9c
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

arming.pages.dev Open in urlscan Pro 188.114.97.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

72 %HTTPS

57 %IPv6

7 Domains

9 Subdomains

8 IPs

4 Countries

161 kBTransfer

641 kBSize

11 Cookies

100 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

arming.pages.dev Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

72 %
HTTPS

57 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

161 kB
Transfer

641 kB
Size

11
Cookies

53 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!