ed-edit.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2cd5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ed-edit.pages.dev/
Effective URL:
https://ed-edit.pages.dev/
Submission: On October 13 via api (October 13th 2024, 10:09:54 pm UTC) from CZ — Scanned from DE

Summary HTTP 52 Redirects Links 93 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 52 HTTP transactions. The main IP is 2606:4700:310c::ac42:2cd5, located in United States and belongs to CLOUDFLARENET, US. The main domain is ed-edit.pages.dev.
TLS certificate: Issued by WE1 on September 9th 2024. Valid for: 3 months.

This is the only time ed-edit.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 25	2606:4700:310... 2606:4700:310c::ac42:2cd5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2408:8719:300... 2408:8719:3000:31::1f	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	14.215.183.79 14.215.183.79	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	2409:8c38:80:... 2409:8c38:80:20d:3::3e6	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
9	2606:4700:310... 2606:4700:310c::ac42:2d04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	240d:c000:201... 240d:c000:2010:1807:0:9aca:1a5a:cd35	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
52	7

25 2606:4700:310c::ac42:2cd5 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ed-edit.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2408:8719:3000:31::1f (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

user.guancha.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 14.215.183.79 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2409:8c38:80:20d:3::3e6 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

s95.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:310c::ac42:2d04 (United States)

ASN13335 (CLOUDFLARENET, US)

user.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 240d:c000:2010:1807:0:9aca:1a5a:cd35 (Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

turing.captcha.qcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	pages.dev 2 redirects ed-edit.pages.dev user.pages.dev	117 KB
2	qcloud.com turing.captcha.qcloud.com — Cisco Umbrella Rank: 114665	20 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 13307	12 KB
1	cnzz.com s95.cnzz.com — Cisco Umbrella Rank: 325879	316 B
1	guancha.cn i.guancha.cn Failed user.guancha.cn — Cisco Umbrella Rank: 482437	2 KB
0	gtimg.com Failed turing.captcha.gtimg.com Failed
0	admaster.com.cn Failed v.admaster.com.cn Failed
52	7

	Domain	Requested by
25	ed-edit.pages.dev	2 redirects ed-edit.pages.dev
9	user.pages.dev	user.guancha.cn
2	turing.captcha.qcloud.com	user.guancha.cn turing.captcha.qcloud.com
2	hm.baidu.com	ed-edit.pages.dev
1	s95.cnzz.com	ed-edit.pages.dev
1	user.guancha.cn	ed-edit.pages.dev
0	turing.captcha.gtimg.com Failed	turing.captcha.qcloud.com
0	v.admaster.com.cn Failed	ed-edit.pages.dev
0	i.guancha.cn Failed	ed-edit.pages.dev
52	9

This site contains links to these domains. Also see Links.

Domain
user.guancha.cn
m.guancha.cn
weibo.com
member.guancha.cn
www.idcpc.org.cn
www.chinapeace.gov.cn
www.fmprc.gov.cn
www.gwytb.gov.cn
www.21bcr.com
navy.81.cn
rdcy-sf.ruc.edu.cn
www.jwview.com
www.cac.gov.cn
www.sass.org.cn
www.guancha.cn
www.shjbzx.cn
beian.miit.gov.cn
www.beian.gov.cn
www.12377.cn

Subject Issuer	Validity	Valid
ed-edit.pages.dev WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
*.guancha.cn TrustAsia RSA DV TLS CA G2	`2024-04-10` - `2025-05-10`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-02-17` - `2025-03-20`	a year	crt.sh
user.pages.dev WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.turing.captcha.qcloud.com DigiCert Secure Site CN CA G3	`2024-03-27` - `2025-04-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ed-edit.pages.dev/
Frame ID: 1E6E24A22836E60D5EC8833C8D4F0D34
Requests: 51 HTTP requests in this frame

Frame: https://v.admaster.com.cn/i/a120083,b3097467,c4721,i0,m202,8a1,8b3,h
Frame ID: 1CA03C09BCDE468D669A461D6B7893BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

观察者网

Page URL History Show full URLs

http://ed-edit.pages.dev/ HTTP 307
https://ed-edit.pages.dev/ Page URL
https://ed-edit.pages.dev/cdn-cgi/phish-bypass?atok=upfUpL.9Pm1UiHhPgKuVB_kgD9TiQ2yNQFhd4yXx2u0-172885... HTTP 301
https://ed-edit.pages.dev/ Page URL

Detected technologies

Tencent Waterproof Wall (Hosting panels) Expand

Overall confidence: 100%
Detected patterns

/TCaptcha\.js

CNZZ (Analytics) Expand

Overall confidence: 100%
Detected patterns

//[^./]+\.cnzz\.com/(?:z_stat.php|core)\?

Sensors Data (Analytics) Expand

Overall confidence: 100%
Detected patterns

sensorsdata

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

71 %
HTTPS

83 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

150 kB
Transfer

543 kB
Size

8
Cookies

93 Outgoing links

These are links going to different origins than the main page.

URL: http://user.guancha.cn/?s=dhfengwen
Title: 风闻

Search URL Search Domain Scan URL

URL: http://m.guancha.cn/
Title: 手机版

Search URL Search Domain Scan URL

URL: http://weibo.com/newoutlook?topnav=1&wvr=4
Title: 观察者新浪微博

Search URL Search Domain Scan URL

URL: https://member.guancha.cn/gczedit/index.html
Title: 点击进入

Search URL Search Domain Scan URL

URL: https://user.guancha.cn/
Title: 前9月中国出口越南1050亿美元增32.5%，顺差614亿

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=218155
Title: 陈经

Search URL Search Domain Scan URL

URL: https://user.guancha.cn/#comment
Title: 评论 74

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314685
Title: 另一起“萝莉岛”案件？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=706877
Title: 有理儿有面

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314685#comment
Title: 评论 143

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314253
Title: 六小龄童，沉冤昭雪

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=575609
Title: 视觉志

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314253#comment
Title: 评论 111

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314249
Title: 台湾！台湾！台湾！

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=241836
Title: 星球研究所

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314249#comment
Title: 评论 49

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314238
Title: 黄磊扼住了内娱的食管

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=239380
Title: Sir电影

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314238#comment
Title: 评论 18

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314664
Title: 来了，又来了！美国在飓风中救出一只狗和一只猫

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=224018
Title: 后沙月光

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314664#comment
Title: 评论 228

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314660
Title: 美国连遭天灾，伤亡惨重

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=52153
Title: 地球知识局

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314660#comment
Title: 评论 51

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314674
Title: 被美国司法部蹲了4年，这次谷歌真要被拆了？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=238729
Title: 差评XPIN

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314674#comment
Title: 评论 10

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314683
Title: 禁区变景区，吃人热搜该停了

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314683#comment
Title: 评论 19

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314644
Title: 老外“谜之审美”：把牙整歪，人造巨臀

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=226869
Title: 酷玩实验室

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314644#comment
Title: 评论 37

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=244122
Title: 晨枫

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1295661
Title: 观察者网时政

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314376
Title: 《哈利·波特》全系列重映票房将冲4亿，“重映片”是好赛道吗？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=720279
Title: 娱乐独角兽

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314376#comment
Title: 评论 25

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314267
Title: 一日三餐馕相伴，新疆人到底多爱吃馕？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=958108
Title: 我从新疆来

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314267#comment
Title: 评论 75

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1361635
Title: 明叔杂谈

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314191
Title: 向联合国驻黎维和部队开火，以色列疯了？复国主义军队有什么阴谋？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1364193
Title: 大伊万频道

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314191#comment
Title: 评论 78

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314226
Title: “集中看空？那我说下周的股市开局就要拉阳线，你信不信？”

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1335827
Title: 闲庭信步wls

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314226#comment
Title: 评论 215

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314227
Title: 区区两百架自杀无人机，就想“重创解放军”？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=701429
Title: 大雾拦江

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314227#comment
Title: 评论 174

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314223
Title: 这次降低存量房贷利率，意义比想象中大

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1099268
Title: 北海湾拐角

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314223#comment
Title: 评论 39

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1313988
Title: 这9分国剧我希望更多人看到

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1313988#comment
Title: 评论 65

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314234
Title: 大港扩建潮来了，谁是中国第一强港？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=882745
Title: 城市进化论

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314234#comment
Title: 评论 23

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314231
Title: 飓风摇摆美国，救灾哪有党争重要？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=237334
Title: 新潮沉思录

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314231#comment
Title: 评论 9

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314229
Title: “未强先霸，印度教民族主义外交真能提升印影响力？”

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/user/personal-homepage?uid=1159
Title: 南亚研究通讯

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314229#comment
Title: 评论 42

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314186
Title: 马斯克真的在画饼吗？

Search URL Search Domain Scan URL

URL: http://user.guancha.cn/main/content?id=1314186#comment
Title: 评论 25

Search URL Search Domain Scan URL

URL: https://member.guancha.cn/guanxueyuan/content.html?id=4079
Title: 076型是“划时代的无人机航母”吗？

Search URL Search Domain Scan URL

URL: https://member.guancha.cn/guanxueyuan/content.html?id=4079#comment
Title: 评论 6

Search URL Search Domain Scan URL

URL: http://www.idcpc.org.cn/
Title: 中共中央对外联络部

Search URL Search Domain Scan URL

URL: http://www.chinapeace.gov.cn/
Title: 中国长安网

Search URL Search Domain Scan URL

URL: http://www.fmprc.gov.cn/web/
Title: 外交部

Search URL Search Domain Scan URL

URL: http://www.gwytb.gov.cn/
Title: 国台办

Search URL Search Domain Scan URL

URL: http://www.21bcr.com/
Title: 文化纵横

Search URL Search Domain Scan URL

URL: http://navy.81.cn/
Title: 中国海军网

Search URL Search Domain Scan URL

URL: http://rdcy-sf.ruc.edu.cn/index.php
Title: 人大重阳

Search URL Search Domain Scan URL

URL: http://www.jwview.com/
Title: 中新经纬

Search URL Search Domain Scan URL

URL: http://www.cac.gov.cn/
Title: 中国网信网

Search URL Search Domain Scan URL

URL: http://www.sass.org.cn/
Title: 上海社会科学院

Search URL Search Domain Scan URL

URL: https://www.guancha.cn/about/ManuscriptDelivery.shtml
Title: 联系我们

Search URL Search Domain Scan URL

URL: https://www.guancha.cn/about/about.shtml
Title: 关于我们

Search URL Search Domain Scan URL

URL: https://www.guancha.cn/about/Copyright.shtml
Title: 版权声明

Search URL Search Domain Scan URL

URL: https://www.guancha.cn/about/TermsOfService.shtml
Title: 服务条款

Search URL Search Domain Scan URL

URL: https://www.guancha.cn/about/Advertise.shtml
Title: 刊登广告

Search URL Search Domain Scan URL

URL: http://weibo.com/newoutlook
Title: 联系微博

Search URL Search Domain Scan URL

URL: https://www.guancha.cn/life/2012_09_05_74361.shtml
Title: 加入我们

Search URL Search Domain Scan URL

URL: https://www.guancha.cn/about/sitemap.shtml
Title: 网站地图

Search URL Search Domain Scan URL

URL: http://www.shjbzx.cn/
Title: 举报链接

Search URL Search Domain Scan URL

URL: https://www.guancha.cn/broken-news/2017_03_28_400912_3.shtml
Title: 举报制度规范

Search URL Search Domain Scan URL

URL: https://www.guancha.cn/life/2018_02_11_446706.shtml
Title: 《网站自律管理承诺书》

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/
Title: 沪ICP备10213822号-2

Search URL Search Domain Scan URL

URL: http://www.beian.gov.cn/portal/registerSystemInfo?recordcode=31010502000027
Title: 沪公网安备 31010502000027号

Search URL Search Domain Scan URL

URL: http://www.12377.cn/
Title: 中国互联网举报中心

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ed-edit.pages.dev/ HTTP 307
https://ed-edit.pages.dev/ Page URL
https://ed-edit.pages.dev/cdn-cgi/phish-bypass?atok=upfUpL.9Pm1UiHhPgKuVB_kgD9TiQ2yNQFhd4yXx2u0-1728857380-0.0.1.1-%2F HTTP 301
https://ed-edit.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ed-edit.pages.dev/ HTTP 307
https://ed-edit.pages.dev/

Request Chain 10

https://ed-edit.pages.dev/images/mian-logo.png HTTP 307
https://ed-edit.pages.dev/images/mian-logo.png

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
ed-edit.pages.dev/
Redirect Chain

http://ed-edit.pages.dev/
https://ed-edit.pages.dev/

4 KB
2 KB

76ms
31ms

Document
text/html

2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ed-edit.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e0997a0619042efba44767c32cf84281eda1bcb017fe53d2b08370b2f879507

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-ray: 8d22a7c48ba0d29e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Oct 2024 22:09:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LdnL1HzvnOpDpo8NqeDwGOaMxUC4OJsGYLLACwzxx%2ByKDTckeCC8uNsuMWiqm7PkrUpbKjeeaeznQxIbEbrNAn2ZjB6KzjZQDmGY4MbVoG10NWAjyscw2H1E4KdemRQNGqso4ObFf1vIzrX6GO50wg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://ed-edit.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H3 200 speculation
ed-edit.pages.dev/cdn-cgi/ 128 B
579 B 31ms
31ms Other
application/speculationrules+json 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ed-edit.pages.dev/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ed-edit.pages.dev
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zam3%2FA1Ap3h%2FKqRqo3JN%2BWVEGWyMi%2BFarUnJXjx4JXAL9quaGWMY2KNcJFoEtBUxCIya0nTD119xQIOrMv6do8s4ylKioAt885l%2FcOH8HGn0bsQQoZDOrIdyC7DJYrQDSX103smH9XPfWrHSXiWArQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7c4cc4bd29e-FRA
access-control-allow-origin: https://ed-edit.pages.dev
alt-svc: h3=":443"; ma=86400
content-length: 128
date: Sun, 13 Oct 2024 22:09:40 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 cf.errors.css
ed-edit.pages.dev/cdn-cgi/styles/ 23 KB
5 KB 30ms
30ms Stylesheet
text/css 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ed-edit.pages.dev/cdn-cgi/styles/cf.errors.css

Requested by

Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
content-encoding: gzip
etag: W/"67055fb5-5df3"
x-content-type-options: nosniff
cf-ray: 8d22a7c4cc4ed29e-FRA
expires: Mon, 14 Oct 2024 00:09:40 GMT
date: Sun, 13 Oct 2024 22:09:40 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 16:37:09 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 icon-exclamation.png
ed-edit.pages.dev/cdn-cgi/images/ 452 B
635 B 28ms
28ms Image
image/png 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ed-edit.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/cdn-cgi/styles/cf.errors.css

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
etag: "67055fb5-1c4"
x-content-type-options: nosniff
cf-ray: 8d22a7c50c96d29e-FRA
expires: Mon, 14 Oct 2024 00:09:40 GMT
accept-ranges: bytes
content-length: 452
date: Sun, 13 Oct 2024 22:09:40 GMT
content-type: image/png
last-modified: Tue, 08 Oct 2024 16:37:09 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 favicon.ico
ed-edit.pages.dev/ 4 KB
2 KB 32ms
32ms Other
text/html 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ed-edit.pages.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25c91f94d37a1682a15e9573dc361a4cde6caacd5ba3d63295daa5390f19e878

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o0MDDe943GXQ%2FqXjz9YOID36YAH%2BKMyV%2Frm%2Bn4MC4uxgoY%2BpJ9zbDaFZkwrXGMGxZ5GJfJd2MNznmOo8yhyhvxRdUlGPAhvQ8OKiswfnL4RjLMdiKcT%2BswUaXmeZxPrchoHGy8ZdPn1AU0rO5Gq3NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7c53d5fd29e-FRA
date: Sun, 13 Oct 2024 22:09:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3

200

Primary Request / Show response
ed-edit.pages.dev/
Redirect Chain

https://ed-edit.pages.dev/cdn-cgi/phish-bypass?atok=upfUpL.9Pm1UiHhPgKuVB_kgD9TiQ2yNQFhd4yXx2u0-1728857380-0.0.1.1-%2F
https://ed-edit.pages.dev/

338 KB
52 KB

1058ms
1058ms

Document
text/html

2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a6cce1964f2b129845ddef5fef6ded48e77c974406b0c89cb973280f9e1ebe

Request headers

Referer: https://ed-edit.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 36
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60
cf-cache-status: DYNAMIC
cf-ray: 8d22a7df0cd1d29e-FRA
content-encoding: br
content-type: text/html
date: Sun, 13 Oct 2024 22:09:45 GMT
last-modified: Sun, 13 Oct 2024 22:00:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h6fkEU2NyeGr0WkEsu7eM0C8k8m0bXGpNjlbUMgU6p9RGfB6518Ag%2B6gNj2lKrmd%2FwYYxjqJ29l1A%2FZGT2vofyM0tEOnMkx1wBDCqslNB0jWBcz7D%2Bhua8KaGnfdC1ZujddW5YAtDUNUJyPHo65vvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-cache-lookup: Cache Hit
x-nws-log-uuid: 15817113545345715248

Redirect headers

cache-control: private, no-cache
cf-ray: 8d22a7dedc59d29e-FRA
content-length: 167
content-type: text/html
date: Sun, 13 Oct 2024 22:09:44 GMT
location: https://ed-edit.pages.dev/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 speculation
ed-edit.pages.dev/cdn-cgi/ 128 B
573 B 33ms
33ms Other
application/speculationrules+json 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ed-edit.pages.dev/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ed-edit.pages.dev
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pk6sfNsjxHlXzEFma%2BzFHW8wnRgADjsNDC3sQOAgxTUxX1zMrFvZKZkpslX4I6ihriE8OeZslEQbtTNPH3Uldgdiro0oLJ5FLEgyyvim6WAuCfKjDv2fCQRCxhs10RMXqTCpdRhHiTmH1JIB7cic2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7e5aa28d29e-FRA
access-control-allow-origin: https://ed-edit.pages.dev
alt-svc: h3=":443"; ma=86400
content-length: 128
date: Sun, 13 Oct 2024 22:09:45 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 403 public.css
ed-edit.pages.dev/css/ 0
0 66ms
66ms Stylesheet
text/plain 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ed-edit.pages.dev/css/public.css?20241625
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hTXMGzlgii5zvPPdsciQKs%2FAm4lAye3SoeGJOrqTGVTK65lk0wdO%2FczAMyu8W6V0bGFOs3%2BAxfP7mSUIS1IMdda0ypIwEI%2FvXCs5271ru6mDbIqdi1QnxyF2Zavcq9N9j3Ufz4DIvNbUfhGt2qnUwA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7e5aa2bd29e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 41
date: Sun, 13 Oct 2024 22:09:45 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H3 404 main.css
ed-edit.pages.dev/css/ 0
0 986ms
986ms Stylesheet
text/html 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ed-edit.pages.dev/css/main.css?20240726
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: BYPASS
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4pShnS7svr7mCMt1XZ9jZwgwrQRTCO%2FJFLPzOYUj2SnGxi9hngk9AdWNDAqtY93xYONwFOHTNUApMZ1dUewGiKroagi7lmHoZ4zKmutGcM15AJKSRUqU1IKCGZcN8gDa1mDOFXdfJUOEJVZN%2BiFKiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7e5aa2dd29e-FRA
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:09:46 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3 404 olympics.css
ed-edit.pages.dev/css/ 0
0 1116ms
1115ms Stylesheet
text/html 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ed-edit.pages.dev/css/olympics.css?202407261511
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dH5SjWsq7WUaY2yuKgkvef%2FB48vK9M18Lk2cY8ASiCsXaS3p0y45cokfs9pUZ7s6umNnLZSo8UFgpIOIuJJAiUIK3PXid6X%2FY1%2FEPZTTOiz%2BPW8yQmyFQ8nx1ZAKBjKcBSf%2Ff9M3u5WQrQsrd%2FN5aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
eagleeye-traceid: 0bf8fdc717288573868666178e8da6
cf-ray: 8d22a7e5aa2fd29e-FRA
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:09:46 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3 404 jquery-3.6.0.min.js
ed-edit.pages.dev/js/ 0
0 1484ms
1484ms Script
text/html 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ed-edit.pages.dev/js/jquery-3.6.0.min.js
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mCGxNXtdvbAHHAvqgSYj06iqz%2FJUEvLkdbAvbWDUIMbdoILFOTjkr%2Bt%2FsjMKMoxZFAeV%2F%2BWWUrqSzpzmmDuPyqYqe4cmCma4oDptcxo1zThL0AcrIuf7uwGveE7BfUYrpbc7VNoC60tN%2B1wuOvApbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 13 Oct 2024 22:10:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:09:47 GMT
content-type: text/html; charset=gbk
last-modified: Sun, 13 Oct 2024 22:09:46 GMT
vary: Accept-Encoding
cache-control: max-age=60, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
speculation-rules: "/cdn-cgi/speculation"
via: http/1.1 zats (zats1-2 [cSsSfU])
cf-ray: 8d22a7e5aa32d29e-FRA
x-download-options: noopen
server: cloudflare

GET
H3

521

mian-logo.png
ed-edit.pages.dev/images/
Redirect Chain

https://ed-edit.pages.dev/images/mian-logo.png
https://ed-edit.pages.dev/images/mian-logo.png

7 KB
7 KB

984ms
984ms

Image
text/html

2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ed-edit.pages.dev/images/mian-logo.png

Requested by

Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/

Protocol

Server

2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7748eabd2c168ccddebee6915d814ddc0be11f6b664ef9c09f08700fd88b1470

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x6dQYUbKvvCFXPdiw0UaFhpwOksYdW6DtE67sp5WYzWPHOvnhTBhvOvsfSdFQ2TItEVIwqXfj3ZOQp7AVrfkZwfQ3q4WGxiSufO%2FF%2B4dehzFAQDvuwtPh3MQGQEOeYSX6JSYMd%2BakJ2QvBJm6Y21TA%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: same-origin
cf-ray: 8d22a7e969c0d29e-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:09:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: no-cache, no-store
location: /images/mian-logo.png
cf-cache-status: BYPASS
pragma: no-cache
speculation-rules: "/cdn-cgi/speculation"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09eNEG6u9U%2Fk6eqEuSR9EWcNPcZjOOxBZJ4L83mXaaZOfK1MlwCCCo6oiHIAJeORD1PxT9LI1w3JW7i9T6k1T5QBFPRWDO77Ak2amToOZbzzb2eFo3gxKH5A4D7FXfl6esdYGGYJAm%2BpFECim5QmGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7e5aa35d29e-FRA
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:09:46 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET vip-diamond.gif
i.guancha.cn/ 0
0

GET app-erweima.png
i.guancha.cn/ 0
0

GET xinhomepage.png
i.guancha.cn/ 0
0

GET 20241013221517865.jpg
i.guancha.cn/news/2024/10/13/ 0
0

GET left-gcy.jpg
i.guancha.cn/ 0
0

GET middle-top-frame.jpg
i.guancha.cn/ 0
0

GET blueV.png
i.guancha.cn/ 0
0

GET yellowV.png
i.guancha.cn/ 0
0

GET noV.png
i.guancha.cn/ 0
0

GET
H3 404 beian-icon.png
ed-edit.pages.dev/images/ 6 KB
6 KB 1306ms
1305ms Image
text/html 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ed-edit.pages.dev/images/beian-icon.png
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3d04b0089cdbdb40505f9da89795be99630f99bb8cee8a313df3555ba782b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
speculation-rules: "/cdn-cgi/speculation"
x-cdn-pop: DE
x-cdn-cache: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2WU59UFTiaxUmSD4KE0um1XBp3YjX6HAegSPYkKopGo37mVwP1Vkc5O8YONYF8hk6FTw%2BWBntU4SQM0mD7aFAySThxRWWowGperE2HoEo19lqAUDOvwKjUDxKhW0H%2Foqs5%2F9PgaFl6yPFi%2F3bcCKlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7eefe3fd29e-FRA
c-via: akamai
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:09:48 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
unique-request-id: 8ed74bff
server: cloudflare

GET
H3 403 jubao-icon.png
ed-edit.pages.dev/images/ 40 B
40 B 1605ms
1604ms Image
text/plain 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ed-edit.pages.dev/images/jubao-icon.png
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b2edb8876eb80f62d6a6dff46552e871290f95a4a4a095125acedea95aab878

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AONprV%2BYDmXKKoD%2BKer1VSGjfd8xBArGMYfA8ZFfpryh3fBUiPxzIWXkB72ws6FYABfAJK9tPr1KA%2FLqwt9QsvsOT5RZZU95tPEA%2FkWjFVTmnTrnXLLQGrYGiBE%2BM6oaE2Yr0xXMdKV%2BYa5KSFpiFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7eefe40d29e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 40
date: Sun, 13 Oct 2024 22:09:48 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 wangxinban_jubao.png
ed-edit.pages.dev/images/ 30 KB
30 KB 553ms
553ms Image
text/html 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ed-edit.pages.dev/images/wangxinban_jubao.png
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

content-encoding: br
cf-cache-status: MISS
nginx-hit: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5quM27NLxR8VIvAP%2BOjSq47m%2F3ZsieWV8qqbPYnO%2BVG23b4AUBIET6cZjHMze9yyL3U1DgaUzoVColfiY%2BmQ1y6KmFtDHsiMs4rMo58%2FVHSRO6YXDFZVueqTujTYHMdmC0cMv0sVBG2jFGvwNmZRcg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-ccdn-req-id-46b1: dce04c8757f8da1a45201b38a17ed5da
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:09:47 GMT
content-type: text/html
last-modified: Fri, 27 Sep 2024 02:29:01 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
x-ccdn-cachettl: 2592000
x-ccdn-expires: 2015329
x-hcs-proxy-type: 1
via: CHN-HElangfang-AREACUCC2-CACHE2[5],CHN-HElangfang-AREACUCC2-CACHE33[0,TCP_HIT,2],CHN-HElangfang-GLOBAL6-CACHE74[23],CHN-HElangfang-GLOBAL6-CACHE89[0,TCP_HIT,19]
cf-ray: 8d22a7eefe43d29e-FRA
server: cloudflare

GET
H3 404 gotop.png
ed-edit.pages.dev/images/ 3 KB
3 KB 1783ms
1782ms Image
text/html 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ed-edit.pages.dev/images/gotop.png
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7ea8397175f395b3db2bdbcab31c6852292c4b778a20e3e8cc1e160d4aa8404

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: BYPASS
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AA9exQPnWJf2O2qZcDXe%2FETZkIwcrC9VbH1nzged9vFvwejEZPzW7yt3tc%2FN7WcwKtpcAF%2FFUQWY1nqvnyzXUWzXLZcUgmxLPSB%2BdBojkxu3mq7Fa3%2B5ga2vYv8MMS9PseURxHAbcdjAhAy1qUxlmg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7eefe44d29e-FRA
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:09:49 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3 403 sensorsdata.min.js
ed-edit.pages.dev/js/ 0
0 1622ms
1620ms Script
text/plain 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ed-edit.pages.dev/js/sensorsdata.min.js
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ppW2bRMWlC%2FXKjYLLN6ElSQoyf3up%2Ffd%2BMH5mKC%2Fymk6dA1P%2Fof%2BYWKQWkWwfGnCw%2FqxjHwLi7yHXTFazs1MehwWPguAeRMKv5YJPf5rtCQH9tMsAxgvKTES7idwvPpXH%2BN4%2BPl4Mwmzy%2B4zy%2Bkow%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7eefe30d29e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Sun, 13 Oct 2024 22:09:48 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H3 403 sensor.js
ed-edit.pages.dev/js/ 0
0 1445ms
1443ms Script
text/plain 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ed-edit.pages.dev/js/sensor.js?20211230
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vi3PPOH%2Fu9w8CF7FwqvfTujy8BsRtgXgBj6cj8FHntG7Ci2RalsQ0uH%2BoC3DpNW2U2WZKrqa5S75VAKPdXpJu5W8Gkk2%2FovT%2BuB2untyqA3GOqt1M%2BFYF2NyIqiHg%2BE79iNbBqQGpdyR6wNTQCnsUA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7eefe35d29e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Sun, 13 Oct 2024 22:09:48 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK comments-plugin-cms.js Show response
user.guancha.cn/static/js/ 3 KB
2 KB 2265ms
244ms Script
application/javascript 2408:8719:3000:31::1f
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2408:8719:3000:31::1f , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 7babbc9915bcce727bce6e60885d50429e3ab9a09523431da38741bf51e36d8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

X-NWS-LOG-UUID: 9427866148156687466
Content-Encoding: gzip
Etag: "65ae1954-d0e"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1196
Date: Thu, 08 Aug 2024 10:53:34 GMT
X-Cache-Lookup: Cache Hit
Last-Modified: Mon, 22 Jan 2024 07:29:24 GMT
Content-Type: application/javascript; charset=utf-8
Server: nginx

GET
H3 403 jquery.lazyload.js
ed-edit.pages.dev/js/ 0
0 706ms
705ms Script
text/plain 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ed-edit.pages.dev/js/jquery.lazyload.js
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RVD2DbAHLqwFocx057Inbuu9nNg%2FupQ97jB4os1JiEuugXYp5nPK%2Bgyz7cewhh%2ByVg5nFubEviowr78q9zYoFOtAcMs%2BNzwSuF1lcV4bmH0jNjbqWgC8SNl%2BkSKpARXhM849TOl55YdfJzUjVOo04w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7eefe36d29e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 42
date: Sun, 13 Oct 2024 22:09:48 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H3 202 base.js Show response
ed-edit.pages.dev/js/ 209 B
810 B 1527ms
1526ms Script
text/html 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ed-edit.pages.dev/js/base.js

Requested by

Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb7851e716fe40aab682229a1b10530262264f2f958ef12d13a662ca2d198aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

strict-transport-security: max-age=31536000;
cache-control: no-store
x-nws-log-uuid: 16533984261044264616
cf-cache-status: BYPASS
pragma: no-cache
speculation-rules: "/cdn-cgi/speculation"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQQQAYgtkBmziuCydIrwcPCXDtkyjN2NnxuX3Pi4E2BI9sKCHEH6Zj%2Fwo83hkYkx%2Bq81B0SXJrscpjuqMM0LFVvKtwuogUuSDv6%2FhRggNp9BdVG1553BITxRHpJNJfAPuzpeiSs5%2FUU0ri1kZjknJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7eefe39d29e-FRA
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:09:48 GMT
x-cache-lookup: Cache Miss
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 404 jquery.SuperSlide.js
ed-edit.pages.dev/js/ 0
0 1447ms
1446ms Script
text/html 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ed-edit.pages.dev/js/jquery.SuperSlide.js?20240726
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws-request-id: 670c452b_PS-FRA-01seK96_28886-48696
content-encoding: br
cf-cache-status: MISS
x-via: 1.1 PS-FRA-01IuY95:15 (Cdn Cache Server V2.0)
x-via-s: FR-h032
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=boWIxVQBROyKEXBG5H8Nm0YPw7a8mA2p4TLDVHzBc99rP1Va%2FqzZy8wjWU52O%2F2o8Ucm2R09NxNicD3HteAtzw4l5lL2DNgZIZsmXgmkdgDIsSB8kGwGWRSVsOdmC9JLTLiM2V3SAp6ydq5q653FdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7eefe3bd29e-FRA
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:09:48 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3 404 olympics.js
ed-edit.pages.dev/js/ 0
0 1370ms
1369ms Script
text/html 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ed-edit.pages.dev/js/olympics.js?20240726
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws-request-id: 670c452b_PS-FRA-01seK96_29305-46160
content-encoding: br
cf-cache-status: MISS
x-via: 1.1 PS-FRA-01IuY95:15 (Cdn Cache Server V2.0)
x-via-s: FR-h032
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2yDeoRPFj%2FVeH%2BI575BviO1GC1uGelKr2mvka9FQhQKN9voiK1CBPrCuk6TBjmMIVyAf4yxKK4pt8zOpHFr2IKEStvYIwnwpf4nvEHVqmJpi9v9Db1YdkLKwORvaGcltzdlTrydbqg%2B91gnADZj8nw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7eefe3cd29e-FRA
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:09:48 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3 200 main.js Show response
ed-edit.pages.dev/js/ 20 KB
7 KB 1034ms
1033ms Script
text/html 2606:4700:310c::ac42:2cd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ed-edit.pages.dev/js/main.js?20240726
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2cd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 20a62971585ba0c07e7ca1cdf638fc1634e6524530f232f92bac2d51290b3a9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
x-ssr-info: node/v11.9.0 express/4.16.4 vue-server-renderer/2.5.22 project/0.9.0
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V0c1f3O264MbfSXz%2FKfN1MShgRHk2TMxUugPZFGpK2xGce8e1au7sf1%2B7Sf3ov8RZ1qCSOslbN4WnDe%2Bdl4DrUBBeG2TygskiCH3UGlIQ0P%2F%2BSQ9n9KqSBeZC03C8Jzcp2ZmsM8LqDANL4cjSFKRPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22a7eefe3dd29e-FRA
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:09:48 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
server: cloudflare

GET blueV.png
i.guancha.cn/ 0
0

GET yellowV.png
i.guancha.cn/ 0
0

GET noV.png
i.guancha.cn/ 0
0

GET
H/1.1 200
OK h.js Show response
hm.baidu.com/ 30 KB
12 KB 1499ms
423ms Script
application/javascript 14.215.183.79
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/h.js?8ab18ec6e3ee89210917ef2c8572b30e

Requested by

Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

5e6657132021fc530a23a781e7e76f26d1abbca469c1921ab39cd5b1c32fb138

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://ed-edit.pages.dev/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Etag: 919f9a66d771fbe3f7b5d05a1cf2efdb
Content-Length: 11648
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Sun, 13 Oct 2024 22:09:48 GMT
Content-Type: application/javascript
Server: apache

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 400ms
400ms Image
image/gif 14.215.183.79
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=B4BC55B12620DAF6&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1115616951&si=8ab18ec6e3ee89210917ef2c8572b30e&su=https%3A%2F%2Fed-edit.pages.dev%2F&v=1.3.2&lv=1&sn=44089&r=0&ww=1600&u=https%3A%2F%2Fed-edit.pages.dev%2F&tt=%E8%A7%82%E5%AF%9F%E8%80%85%E7%BD%91

Requested by

Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: private, max-age=0, no-cache
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Sun, 13 Oct 2024 22:09:49 GMT
Content-Type: image/gif
Server: apache

GET
H2 200 z_stat.php Show response
s95.cnzz.com/ 0
316 B 1531ms
294ms Script
text/plain 2409:8c38:80:20d:3::3e6
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL: https://s95.cnzz.com/z_stat.php?id=1254137364
Requested by: Host: ed-edit.pages.dev
URL: https://ed-edit.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c38:80:20d:3::3e6 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://ed-edit.pages.dev/

Response headers

cache-control: public, max-age=90
x-swift-cachetime: 57
timing-allow-origin: *
age: 33
via: cache26.l2cn3160[0,0,200-0,H], cache16.l2cn3160[1,0], cache6.cn6953[59,58,200-0,M], cache4.cn6953[60,0]
ali-swift-global-savetime: 1728857357
x-swift-savetime: Sun, 13 Oct 2024 22:09:50 GMT
x-cache: MISS TCP_REFRESH_MISS dirn:-2:-2
content-length: 0
date: Sun, 13 Oct 2024 22:09:17 GMT
eagleid: 75a3379817288573904212138e
server: Tengine

GET a120083,b3097467,c4721,i0,m202,8a1,8b3,h
v.admaster.com.cn/i/ Frame 1CA0 0
0

GET
H3 404 iconfont.css
user.pages.dev/static/font/ 0
0 207ms
67ms Stylesheet
text/plain 2606:4700:310c::ac42:2d04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/font/iconfont.css?20171216
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2d04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buWQ0p8Islybq1RWPlkdv60LDf65KkEeimv26zlgpvIxziEp1mM9kJMmnct4nQ0JneZEKkrf3v28bgaWoM9XCkxLuGBIhtxyhdpAsRGuXwnolxCjaZR%2FMKjcwe60LWPX1OZcjTGq3WjHu2KVZg%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22a80428083685-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 22:09:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 usernav.css
user.pages.dev/static/css/ 0
0 205ms
66ms Stylesheet
text/plain 2606:4700:310c::ac42:2d04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/css/usernav.css?20171216
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2d04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m2XpJFpaySOs2dLc6BeIynra%2F1fooh07iLLUdtV5M%2FoQzuYQqP%2F87GyHRlq6qh0ubgzlP2pTvrU1maHmfT5D9ZiijPrelTzjkshV7Ze%2BejNbCxc0YaqpEGO8OmKUaYK16PNHvKdPzmYbAQrynw%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22a80428043685-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 22:09:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 new-comments.css
user.pages.dev/static/css/ 0
0 202ms
62ms Stylesheet
text/plain 2606:4700:310c::ac42:2d04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/css/new-comments.css?20230122
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2d04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zytbENWNyNzNR%2B7LUh0vdmMSdTaWMpItAd6FQ01h659c1Yq2UflO0JW7d4HDmmdzQV9Ei8acVWSGz8kcsUb6uUH0YSzC1JSVxjKtCLcatEzagBt2QEBPqTcq7ec8B2sc%2FBC3u8lnlShnk25dcw%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22a80428093685-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 22:09:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 login.css
user.pages.dev/static/css/ 0
0 202ms
63ms Stylesheet
text/plain 2606:4700:310c::ac42:2d04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/css/login.css?202220922
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2d04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D8nfjsOANQvpvExm78t7PcbvNxlweeK4j671NpxNyQyE2dGbiY%2BCnux0Lsdv94xpOziCEHJV%2FGK2lcFVDD46C3ML4x05morESh12XWKhIKQUmKJr3OHDYWBot%2BJmozhm%2F8txhFsZki5CkfcRPw%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22a80428033685-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 22:09:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 jquery.sinaEmotion.css
user.pages.dev/static/plugins/sinaEmotion/ 0
0 203ms
64ms Stylesheet
text/plain 2606:4700:310c::ac42:2d04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/plugins/sinaEmotion/jquery.sinaEmotion.css?20221031
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2d04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7hiiiVZs3B%2Bkkpl1JItQf6c%2F89rHjEUlDCVzdyXnAJTFGDwLU0skdlyuv4zK3YilrCxhOjCwv883T5PAqYVk%2Fa6Fh9ZLIc6PofaJgp3UidhMi%2Bj8bbrpmESHD4335emYthboy5oKWlYBVhGEg%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22a80428073685-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 22:09:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 umeditor.css
user.pages.dev/static/um/themes/comment/css/ 0
0 205ms
66ms Stylesheet
text/plain 2606:4700:310c::ac42:2d04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/um/themes/comment/css/umeditor.css?20221202
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2d04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qOcm%2FmWgf8Nrjgqrh8byJ0syxVKqQi1HJ%2F21A8fP69AuYnbD8LrXAfyw7dPkNndlKmv6dmyNm0DYXObSejHe7KNjqstJAVmrglRMExeCWbYHz%2Ba%2B%2Bv1BZ%2B1ROrAqoAnfAhU8q%2BjKbxXWJYQPhA%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22a80428063685-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 22:09:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 umeditor.css
user.pages.dev/static/um/themes/default/css/ 0
0 203ms
64ms Stylesheet
text/plain 2606:4700:310c::ac42:2d04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/um/themes/default/css/umeditor.css?20221202
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2d04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2Fo0wrFmMtWdRmi14bDGqTIvliokzMefJ6IsqIxHatoIYUPyu1sW%2BQV03xi0qJf6ZN4CbM7bEVOj9JU6%2B2AEa%2B%2BijgPupSpmD61ZZWgDDlwJq5khe7CEx49mzxdi%2BfM%2Bu9b5kriU%2FY%2Fvx3uZZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22a80428003685-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 22:09:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 fatie.css
user.pages.dev/static/css/ 0
0 208ms
69ms Stylesheet
text/plain 2606:4700:310c::ac42:2d04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/static/css/fatie.css?20221206
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2d04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9HK4uBOtR2oWLFTou%2FOq%2FAuHmgXrq2bgvfMeAurgeaps55Ui6IxGEEcSplliauOen6XgUYx%2BM5VXefXLeyTk21SraW7cdBP1SIE9ylxHcvgZ00O5nMPLIxccCJj4empgXkbccDhLcwxym9GsLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22a8042ffe3685-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 22:09:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 404 common.js
user.pages.dev/dist/js/ 0
0 58ms
58ms Script
text/plain 2606:4700:310c::ac42:2d04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user.pages.dev/dist/js/common.js?202310135
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2d04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5IOzP5Vc8BQdgBeBRZr8ahiFs9u%2FgtE7pN7gwmoQH0ePAR2EsQHlK3MXezuhWOdZaG0ozdgaD15dvKU%2FLyL4rINQWCAzhZLzVodYdoQu9sV4eCGJI%2FW4jbNaTeGiqzDExIIAfGdup7Irg31sw%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22a80488673685-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 22:09:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK TCaptcha.js Show response
turing.captcha.qcloud.com/ 54 KB
20 KB 1701ms
231ms Script
text/javascript 240d:c000:2010:1807:0:9aca:1a5a:cd35
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://turing.captcha.qcloud.com/TCaptcha.js?20191213
Requested by: Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240d:c000:2010:1807:0:9aca:1a5a:cd35 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Trpc httpd, tencent http server /
Resource Hash: 148c8b6bcab09b992f39ec722ecd9f6b51ce5f78ea68a6dff2b920537024742f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=600
Content-Encoding: gzip
Connection: keep-alive
P3P: CP=CAO PSA OUR
Date: Sun, 13 Oct 2024 22:09:52 GMT
Content-Type: text/javascript
Server: Trpc httpd, tencent http server

GET tcaptcha-frame.5e0f125a.js
turing.captcha.gtimg.com/1/ 0
0

GET
H/1.1 200
OK tcaptcha-frame.5e0f125a.js
turing.captcha.qcloud.com/ 20 KB
0 231ms
231ms Script
text/javascript 240d:c000:2010:1807:0:9aca:1a5a:cd35
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://turing.captcha.qcloud.com/tcaptcha-frame.5e0f125a.js
Requested by: Host: turing.captcha.qcloud.com
URL: https://turing.captcha.qcloud.com/TCaptcha.js?20191213
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240d:c000:2010:1807:0:9aca:1a5a:cd35 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Trpc httpd, tencent http server /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ed-edit.pages.dev/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=600
Content-Encoding: gzip
Connection: keep-alive
P3P: CP=CAO PSA OUR
Date: Sun, 13 Oct 2024 22:09:54 GMT
Content-Type: text/javascript
Server: Trpc httpd, tencent http server

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.guancha.cn
URL: https://i.guancha.cn/vip-diamond.gif

Domain: i.guancha.cn
URL: https://i.guancha.cn/app-erweima.png?20190610

Domain: i.guancha.cn
URL: https://i.guancha.cn/xinhomepage.png?20181101

Domain: i.guancha.cn
URL: https://i.guancha.cn/news/2024/10/13/20241013221517865.jpg

Domain: i.guancha.cn
URL: https://i.guancha.cn/left-gcy.jpg?20211103

Domain: i.guancha.cn
URL: https://i.guancha.cn/middle-top-frame.jpg?20211103

Domain: i.guancha.cn
URL: https://i.guancha.cn/blueV.png?20200320

Domain: i.guancha.cn
URL: https://i.guancha.cn/yellowV.png?20200320

Domain: i.guancha.cn
URL: https://i.guancha.cn/noV.png

Domain: i.guancha.cn
URL: https://i.guancha.cn/blueV.png?20200320

Domain: i.guancha.cn
URL: https://i.guancha.cn/yellowV.png?20200320

Domain: i.guancha.cn
URL: https://i.guancha.cn/noV.png

Domain: v.admaster.com.cn
URL: https://v.admaster.com.cn/i/a120083,b3097467,c4721,i0,m202,8a1,8b3,h

Domain: turing.captcha.gtimg.com
URL: https://turing.captcha.gtimg.com/1/tcaptcha-frame.5e0f125a.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ed-edit.pages.dev/	1970-01-21 00:15:43	Name: __cf_mw_byp Value: upfUpL.9Pm1UiHhPgKuVB_kgD9TiQ2yNQFhd4yXx2u0-1728857380-0.0.1.1-/
ed-edit.pages.dev/	1970-01-21 00:14:19	Name: acw_sc__v2 Value: 670c452aeb776c5d3048d2a0b5ce2cd42eaf4e31
ed-edit.pages.dev/	1970-01-21 00:14:19	Name: acw_tc Value: 2760829017288573866925955edc2e327bd511b7c87fe7bbeb36e952025bb8
.hm.baidu.com/	1970-01-21 09:50:17	Name: HMACCOUNT_BFESS Value: B4BC55B12620DAF6
ed-edit.pages.dev/	1970-01-21 00:14:17	Name: x-waf-captcha-referer Value: https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dedtunnel
.ed-edit.pages.dev/	1970-01-21 08:59:53	Name: Hm_lvt_8ab18ec6e3ee89210917ef2c8572b30e Value: 1728857389
.ed-edit.pages.dev/	1969-12-31 23:59:59	Name: Hm_lpvt_8ab18ec6e3ee89210917ef2c8572b30e Value: 1728857389
.ed-edit.pages.dev/	1969-12-31 23:59:59	Name: HMACCOUNT Value: B4BC55B12620DAF6

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://ed-edit.pages.dev/ Message: Mixed Content: The page at 'https://ed-edit.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://i.guancha.cn/xinhomepage.png?20181101'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://ed-edit.pages.dev/css/public.css?20241625 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ed-edit.pages.dev/css/main.css?20240726 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ed-edit.pages.dev/css/olympics.css?202407261511 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ed-edit.pages.dev/js/jquery-3.6.0.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://ed-edit.pages.dev/(Line 2311) Message: Mixed Content: The page at 'https://ed-edit.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://i.guancha.cn/xinhomepage.png?20181101'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://ed-edit.pages.dev/(Line 3388) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://hm.baidu.com/h.js?8ab18ec6e3ee89210917ef2c8572b30e, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ed-edit.pages.dev/(Line 3388) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://hm.baidu.com/h.js?8ab18ec6e3ee89210917ef2c8572b30e, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://ed-edit.pages.dev/images/mian-logo.png Message: Failed to load resource: the server responded with a status of 521 ()
network	error	URL: https://ed-edit.pages.dev/js/jquery.lazyload.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ed-edit.pages.dev/images/beian-icon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ed-edit.pages.dev/js/olympics.js?20240726 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ed-edit.pages.dev/js/sensor.js?20211230 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ed-edit.pages.dev/js/jquery.SuperSlide.js?20240726 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ed-edit.pages.dev/images/jubao-icon.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ed-edit.pages.dev/js/sensorsdata.min.js Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://ed-edit.pages.dev/(Line 3390) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s95.cnzz.com/z_stat.php?id=1254137364, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ed-edit.pages.dev/(Line 3390) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s95.cnzz.com/z_stat.php?id=1254137364, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://ed-edit.pages.dev/images/gotop.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/css/new-comments.css?20230122 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/css/login.css?202220922 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/um/themes/default/css/umeditor.css?20221202 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/plugins/sinaEmotion/jquery.sinaEmotion.css?20221031 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/css/usernav.css?20171216 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/um/themes/comment/css/umeditor.css?20221202 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/font/iconfont.css?20171216 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/static/css/fatie.css?20221206 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://user.pages.dev/dist/js/common.js?202310135 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ed-edit.pages.dev
hm.baidu.com
i.guancha.cn
s95.cnzz.com
turing.captcha.gtimg.com
turing.captcha.qcloud.com
user.guancha.cn
user.pages.dev
v.admaster.com.cn
i.guancha.cn
turing.captcha.gtimg.com
v.admaster.com.cn
14.215.183.79
2408:8719:3000:31::1f
2409:8c38:80:20d:3::3e6
240d:c000:2010:1807:0:9aca:1a5a:cd35
2606:4700:310c::ac42:2cd5
2606:4700:310c::ac42:2d04
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
148c8b6bcab09b992f39ec722ecd9f6b51ce5f78ea68a6dff2b920537024742f
1b2edb8876eb80f62d6a6dff46552e871290f95a4a4a095125acedea95aab878
20a62971585ba0c07e7ca1cdf638fc1634e6524530f232f92bac2d51290b3a9f
25c91f94d37a1682a15e9573dc361a4cde6caacd5ba3d63295daa5390f19e878
2e0997a0619042efba44767c32cf84281eda1bcb017fe53d2b08370b2f879507
30a6cce1964f2b129845ddef5fef6ded48e77c974406b0c89cb973280f9e1ebe
5e6657132021fc530a23a781e7e76f26d1abbca469c1921ab39cd5b1c32fb138
7748eabd2c168ccddebee6915d814ddc0be11f6b664ef9c09f08700fd88b1470
7babbc9915bcce727bce6e60885d50429e3ab9a09523431da38741bf51e36d8a
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
c7ea8397175f395b3db2bdbcab31c6852292c4b778a20e3e8cc1e160d4aa8404
cb7851e716fe40aab682229a1b10530262264f2f958ef12d13a662ca2d198aa7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
df3d04b0089cdbdb40505f9da89795be99630f99bb8cee8a313df3555ba782b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

ed-edit.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2cd5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

71 %HTTPS

83 %IPv6

7 Domains

9 Subdomains

7 IPs

3 Countries

150 kBTransfer

543 kBSize

8 Cookies

93 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ed-edit.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2cd5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

71 %
HTTPS

83 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

150 kB
Transfer

543 kB
Size

8
Cookies

52 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!