www.cs88893.vip Open in urlscan Pro
2606:4700:90:0:278e:685b:5466:ce8e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cs211.cc/
Effective URL:
https://www.cs88893.vip:30050/register?i_code=7597443
Submission Tags: phishingrod
Submission: On August 21 via api (August 21st 2024, 2:45:41 am UTC) from DE — Scanned from DE

Summary HTTP 59 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 59 HTTP transactions. The main IP is 2606:4700:90:0:278e:685b:5466:ce8e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cs88893.vip.
TLS certificate: Issued by R10 on August 14th 2024. Valid for: 3 months.

This is the only time www.cs88893.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	38.47.158.193 38.47.158.193	147019 (HHLJ-AS-A...) (HHLJ-AS-AP jiii)
56	2606:4700:90:... 2606:4700:90:0:278e:685b:5466:ce8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	128.1.77.230 128.1.77.230	21859 (ZEN-ECN) (ZEN-ECN)
59	3

1 38.47.158.193 (United States) 1 redirects

ASN147019 (HHLJ-AS-AP jiii, HK)

cs211.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2606:4700:90:0:278e:685b:5466:ce8e (United States)

ASN13335 (CLOUDFLARENET, US)

www.cs88893.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 128.1.77.230 (Paris, France)

ASN21859 (ZEN-ECN, US)

ktpbds.aratalife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	cs88893.vip www.cs88893.vip	2 MB
3	aratalife.com ktpbds.aratalife.com — Cisco Umbrella Rank: 972928	11 KB
1	cs211.cc 1 redirects cs211.cc	495 B
59	3

	Domain	Requested by
56	www.cs88893.vip	www.cs88893.vip
3	ktpbds.aratalife.com
1	cs211.cc	1 redirects
59	3

This site contains no links.

Subject Issuer	Validity	Valid
www.cs88893.vip R10	`2024-08-14` - `2024-11-12`	3 months	crt.sh
ktpbds.aratalife.com Certum Domain Validation CA SHA2	`2024-04-30` - `2025-04-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.cs88893.vip:30050/register?i_code=7597443
Frame ID: 22A0DAB37F7AAC720A32DC7B99A2BB5A
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

财神官网

Page URL History Show full URLs

https://cs211.cc/ HTTP 302
https://www.cs88893.vip:30050/register?i_code=7597443 Page URL

Page Statistics

59
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2214 kB
Transfer

4620 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cs211.cc/ HTTP 302
https://www.cs88893.vip:30050/register?i_code=7597443 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request register Show response
www.cs88893.vip/
Redirect Chain

https://cs211.cc/
https://www.cs88893.vip:30050/register?i_code=7597443

3 KB
2 KB

900ms
293ms

Document
text/html

2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/register?i_code=7597443

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

a126ba87e5b8e61fcb2c87c37397ce46b2b7477b3c807dda1a1bc3f8cb4205e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 21 Aug 2024 02:45:33 GMT
jckl: TOJqfIR4R2tNzNOuRucMEO1HVsevfeoFPWWnCMSFYh1zqceJDvPEBkxIB8JzjION9Yu3qlQY9ZZcybfa3gFxyw==
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-request-id: a0bda0a8e7c44a11152343db7ef0a575
x-xss-protection: 1

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 21 Aug 2024 02:45:32 GMT
jckl: dDqVFM/q01nb33OfYDsNfLhA5dYAJHWmaH7RAenGiMNAWFsKUmS8BSQXbNxaKePJxnloW/aIflDKm+ocq+40vw==
location: https://www.cs88893.vip:30050/register?i_code=7597443
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
x-content-type-options: nosniff
x-request-id: 919cb7c5f10d8e5ef29b74ecb9aade69
x-xss-protection: 1

GET
H2 200 WaveIcon.ttf
www.cs88893.vip/font/ 43 KB
44 KB 409ms
408ms Font
application/octet-stream 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/font/WaveIcon.ttf
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c7b8e472873cf3ccd0b8138c3be2960b13cf1fde6a99896fee94305ba39a970

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
Origin: https://www.cs88893.vip:30050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:33 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:12:22 GMT
server: nginx
etag: "66c49636-adfc"
x-cache: EXPIRED
content-type: application/octet-stream
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 44540
jckl: MLtUD9PI5k3wm5qGiA3zhjBzb573jr91tPKDzj0oyllKEboIDZYsU0FBBMLqvlkMd2hvVuZfCzftI/FXBNB6NQ==
x-request-id: e4a6dab7d259a78c30487e8443f3c430

GET
H2 200 getNgServeTime Show response
www.cs88893.vip/diff/ 32 B
257 B 633ms
632ms Script
text/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/diff/getNgServeTime
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: b5afa29615fbda086790ff13baaccd912dd062976ea2e394c0e3f39a30820745

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 02:45:33 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
jckl: LEfBE+1izD/bVtNi7aTCeBJW5tfZI3vzelFUG4MbxNcKucJiqm2e9M7UVSMiP0dZubL0G46Pv0hCQWMhBxnNWQ==
x-request-id: bf44f3227fb1248d9089137f09019981
expires: 0

GET
H2 200 main-e96e9bea.66984443.css
www.cs88893.vip/css/ 80 KB
15 KB 707ms
706ms Stylesheet
text/css 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/css/main-e96e9bea.66984443.css
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b8075f84409d3848786722954f0bf283d43b1a1faa4515d11439d659ca0128c

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:33 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: text/css
cache-control: max-age=1800
alt_svc: clear
jckl: jIjrEL4l4LBlaL/6hi1C9TLLGZb8creu09o5uJ2a/gAc8KE9hbv8MC9mhnauTbVyMrPb4KEG962jaufr2BCUSg==
x-request-id: b1275c226731bf769383b2ce13970b05

GET
H2 200 theme.config.js Show response
www.cs88893.vip/ 851 KB
262 KB 798ms
797ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/theme.config.js?240820210908

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

48de59769ac83fbac586c2614f3fd3aaed6c78a4199f5f24c2bae9b992f2747a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:33 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
via: 1.1 google
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
x-xss-protection: 1
jckl: NBsZNJi0gqd2v4Y8mthflgmVAfBTbYSuq5jfInHUj+LN4paQFrL8dsJddYuVwcAzGuOWgDH3OfLGOmsBW0b6/g==
x-request-id: 5c10b133fc0fd20999b7ed4d3a740b5c

GET
H2 200 runtime.eff229cf.js Show response
www.cs88893.vip/js/ 12 KB
5 KB 707ms
700ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/runtime.eff229cf.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c6d3730ea70bd7fd4f1ea95c5e4e35e1675f6b9610dd1eb48cc999fe9a43b5e

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: KF0SV10svqmtWxw4J7pfr6qKhg7VZkUUs0bHpmcgZB3n3/40q01Q+OqH1HAkoHeAI4zbO6YPddTjpLt7+L9LvA==
x-request-id: fcad1499d85b28773dd93599af948ca4

GET
H2 200 2265.583e74a4.js Show response
www.cs88893.vip/js/ 133 KB
43 KB 709ms
703ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/2265.583e74a4.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ad938eec1af8524b572ff09bd9f62eda9c1538464fa8f95ac16d26041e2e593

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: jypq3uiQ0TiOp3SOx0ylOP8Pw7rJnepATJbiNdKvwHdF0CCxSypBpP0aNvG0vDvWwSr1W6g9AyWo+U6EDoGBTw==
x-request-id: d245c0b8e303ee6b9f733d9080288474

GET
H2 200 4437.465a9f61.js Show response
www.cs88893.vip/js/ 102 KB
31 KB 722ms
716ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/4437.465a9f61.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: ee7065bf2508c279d44535c26b866ad97f78cac14472d4c44772235bdd960c8f

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: 3x5pl6iBvzyI9kbkYGbZBjq75z2AzlvxxiNplqhMZOWYFmGBWdnttSJKBif1rAgjsgXkzdj/D7+STJfXl1lYxA==
x-request-id: 5bf4cb9d4b2202dc80c343f041cd7fb5

GET
H2 200 8748.419840be.js Show response
www.cs88893.vip/js/ 168 KB
54 KB 746ms
740ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/8748.419840be.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 709fcdf922435bfdf9d7662e5b15555a7eab9567910847353cb7db88fe5f8513

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: Mjv9Or9C6FXflMMpn0oscK55IixBzC935x0iftmoyiC4wEWbR1LOH/GoDBP26CcXF7bziH2Ckhzskyk7FkDBDw==
x-request-id: 05ddf4a90e85272a2ff7bef7b2dba33b

GET
H2 200 519.c496cf5a.js Show response
www.cs88893.vip/js/ 228 KB
75 KB 780ms
775ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/519.c496cf5a.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: f2759c69c362dda622e87ee89b95fdc41d63acaa142f7a40ec834a4ded8f2698

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: AJ5WRuCW+uF7lLCKqtK/i0v3KigZNdSOTPZ3dNeQyZyxjpx8TQbp457KDsXtwtAqaGj7yTD2mMInchhVTF4eaA==
x-request-id: d4ccc23286b1df9b1941519bd65ed769

GET
H2 200 5266.a5e0fbd9.js Show response
www.cs88893.vip/js/ 276 KB
114 KB 932ms
927ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/5266.a5e0fbd9.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 56043e978547f8577004828892410c9cc9ca743dbb8d9761d42550ef615b7c16

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: qPYxyD8VPfxAupwhG4e81sWXAxEG0hfsuOsE9i2EK1yVvRzn/qpaqHXhe5/NyiEmAfdlc1SD2uViFPB7G+/Zwg==
x-request-id: 44bd6d5f944841ecd4408357440792f2

GET
H2 200 main-7aeafcb2.7aed4131.js Show response
www.cs88893.vip/js/ 122 KB
35 KB 803ms
799ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/main-7aeafcb2.7aed4131.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 593a1f7d28172a1972a0da2af1bf72e116d1a879b44b6d322662370b9cf2f556

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: xVfe726c1xXza3InSrAC8HLRuG2uD07p3/agL4uVy4A5n8sz+oINW5kttlg3ARaUI5oIhcW8Mx1mklH0nJdOwA==
x-request-id: 3ad51e48d079a78ef9f1aa014058b0a8

GET
H2 200 main-9bf88260.979ea0c0.js Show response
www.cs88893.vip/js/ 244 KB
43 KB 812ms
807ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/main-9bf88260.979ea0c0.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: d9ce8947e52c9a6e54db8638960adb5e0ed8306b0d668dd7261d459277d94d5d

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: AY+I6KxNPGxz5VNdY8JGH2oRsZORNQDZdNV9c8JtKxRg2nUalUbaJFdVhyko0bbrj3yjbgpMeMrp/BV3Id7KOQ==
x-request-id: bd5ca986b82f374760dab36dab8050a8

GET
H2 200 main-0a037d97.b889e8f0.js Show response
www.cs88893.vip/js/ 537 KB
163 KB 829ms
824ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/main-0a037d97.b889e8f0.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 48f1caedea5e461f0cf3f75d34efdeff81ca2e950aa68a34687e8360472ebb16

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: ov3iAzegiIVR4UPPE1+LvIzbrkSTlOVk9ls4H12FQc3q/ry8Jb2/XlTsPbRu58kyTGjUNGd52yO68F4rpnjlVA==
x-request-id: 629d09bb1930e9e5ec976e4274fbe957

GET
H2 200 main-7bd12dde.94ada609.js Show response
www.cs88893.vip/js/ 136 KB
34 KB 823ms
819ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/main-7bd12dde.94ada609.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: a49a8a6311795e4cafb668cbf160d694328892acb03ac06ba74527c7c179ff13

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: DMWHJnCsC3tBhQ6wUoWcuDWUWeZablvJnX8UrsSHSeEBrdsz//U9NZMlqFYthLve5vfdKWX8BAtQ1DwGDJLqNw==
x-request-id: ac75da1c87a9f461fb17407cf753da11

GET
H2 200 main-ef7d455c.7aae5c59.js Show response
www.cs88893.vip/js/ 243 KB
89 KB 1024ms
1021ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7597443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 4945eddc80b27831df895fbaf4ced7436445cd9a6ea5a32503d247ed01f54e36

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: KcJP2aqQ/pxH1mVMUD1eG8oUGCpWyOxMG5nO+7oDoymmqVtBxc9N8qZirYMn7ZcxX9nL6pVinoicfEcV8Lk3aQ==
x-request-id: 5555f66f90f1bf8d8d7174f3fb68bfee

GET
DATA 200
OK truncated
/ 56 KB
56 KB Other
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b2a56357dd060684534895ead31b8df2a8cc6aa9779e1bec986ff553a5b046e

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 favicon.ico
www.cs88893.vip/ 3 KB
1 KB 417ms
417ms Other
text/html 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

a126ba87e5b8e61fcb2c87c37397ce46b2b7477b3c807dda1a1bc3f8cb4205e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
via: 1.1 google
vary: Accept-Encoding
x-cache: EXPIRED
content-type: text/html
cache-control: max-age=1800
x-xss-protection: 1
jckl: aRHAMmfvkrISsLVlvfB/chHIHz9WYYap77Vgdtm8Gj6uSOGOHPuUz9aKSkM/JkdLIBkp0tYJ2xsmKvG6PyXZbA==
x-request-id: 57c9a3104d30d8d5da4942197b49a791

GET
H2 200 common_register.f2c2a8f9.css
www.cs88893.vip/css/ 31 KB
6 KB 303ms
302ms Stylesheet
text/css 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/css/common_register.f2c2a8f9.css
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/runtime.eff229cf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 203555ffec08c3e848a153ac668e70006a21c7882ba8dc81ebad78fa286281bb

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: text/css
cache-control: max-age=1800
alt_svc: clear
jckl: cjPIU7SAdDZU+IV32POW1+XBUVN8c3C8Z/gT/Fu74U/5Nztz7vuhmAxE683CVwuhHEc6ndPLbPPRtsxHHBLvLA==
x-request-id: ea1421429468da01df8da2cb95607740

GET
H2 200 common_register.f7d3968d.chunk.js Show response
www.cs88893.vip/js/ 117 KB
41 KB 382ms
382ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/common_register.f7d3968d.chunk.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/runtime.eff229cf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: bc82c3ea910986862b80ae31219631136eea7e707f394b178ffdb8f1a7958a6e

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: ydEQX/B41KPoPLlcLD8+LK71VqVPlx0FIn7O2vsZgCWqAd9HwZ/D/sZpx2WWxvshwdHnOAF4wArp9tltemXSAg==
x-request-id: 9fd1a11dd6b55afebb71b68457d6e983

POST
H2 200 1z5fdznmgq4ydluy2qob7q5bc8qxhhgv Show response
www.cs88893.vip/scytale/ 344 B
777 B 363ms
362ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/1z5fdznmgq4ydluy2qob7q5bc8qxhhgv

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

fad5af7d408257bd5df2b9a020bbd2675585ea7bd3cff3214d8cb974e1504277

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7597443%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.361Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 344
x-xss-protection: 1; mode=block, 1
jckl: aQM2BTBvVjkQ+1+SnPDYxP/fMppVYvrURymz2Y3ACDXmFw8PEtuZUUNZ5hdL5mcFu4TiRSwLA52NRPe3r/4Pew==
x-request-id: a99ca362fd779a9636f725acf4552c97
sataw: XIH0CDkq9cR8qmXzOYofUoY7mgUUVktgvBbrREt0xm20mMxOhmd2OX9N3uIgtfBpgNlnjn8Ge7jliuf4U0nZrEZMRFYlmy0mntmGziUJMD1qGYT3S3tucXO6ykBiCv4Ourhj/DZ23BgVijXe4y8NLqZHlhVBBxBf0Zsz2mzLLUI=
server: nginx
hkmre: 1
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208333
access-control-allow-headers: *

POST
H2 200 dlffdz84azgkheg8zae1c5you8rrjy5n Show response
www.cs88893.vip/scytale/ 2 KB
2 KB 390ms
388ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/dlffdz84azgkheg8zae1c5you8rrjy5n

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

47d72aea7348cf1fe1ef61c2d14d1dea3322fd16d28cc86accd49bf1d998ac1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7597443%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.366Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: OB3ADk6TySxhYcbepb5DNTZpw5AS/5exo+cCCTJMq6jU+KqvxuLMS+P5Ybj5D7qGbLVWsmcEj2qiAFEsI2i8jQ==
x-request-id: 16df7396b68a7158b64ebd72635dc81b
sataw: Up68h6ZpMXrtTpVSWnzlo1ZBWGMyctRt9rqyxF0EaWNX04a7U/V5zHlOowe7jGrDKuv60LfiNuM2vb5iCmCUhjVRPnyqNyZtngr9PRTPyw+aSBCni87ZMYpxtSVda/CJbpsr82gZGUBdQseR4uutHBkKOph4wrUEW1aEp8e4auY=
server: nginx
hkmre: 1
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208333
access-control-allow-headers: *

POST
H2 200 qzffdz8yudeuygvg1m2amfw778d7424s Show response
www.cs88893.vip/scytale/ 2 KB
2 KB 394ms
393ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/qzffdz8yudeuygvg1m2amfw778d7424s

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

314a34e7192d9710ea7bb53c5105570fc0a0d61ed8403c1c44f2ae9f0b9573aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7597443%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.386Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: FqyICTpqTObX2svZTbVm6qUNIJGO1/m65sya4Gs2ZMjab328vipPEmLRl9WegEHP0B1PO4i8qQ4k+9loU1L/zg==
x-request-id: 894c90d1984c890ed2fa231dd9b61731
sataw: AJZyKPPecmddP5oFpOOxvSqzcCZGgkt+F50GTVsZ4v+0EKRQvmG7ef2oFz+6qRtAEF1Z9+yDd5gD6IEJSoZCKsUvy6eVFwBsdDlmyMfHPZGAOjXqnyb92wnJ336heH+H2wEZfOPH4fSqPivxMC47xemSxt96EL8jj+0AyT+TbeE=
server: nginx
hkmre: 1
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208333
access-control-allow-headers: *

POST
H2 200 naffdzneglfkvojbvvi775a7a2fja4uf Show response
www.cs88893.vip/scytale/ 1 KB
2 KB 372ms
371ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/naffdzneglfkvojbvvi775a7a2fja4uf

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

57b2392233d314ab53cfdfb7991fd5a27a364c0a00397bcc7d05d4bf5a9bc1f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7597443%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.387Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: gDVCwPHgLMPjz8XOeX6Xf7rtOm0slNW87AVxeQpq7j3n69Cd5xW3YzyscsFRHHJjX7tyrLthvjlb2gi2xcwBbQ==
x-request-id: 2daad7ef7109415a43a8cd16a98f6fbd
sataw: Icg72W/3niwTip24dvjLxw1Tp/HCpcgcKLi6fBv/6j85rgZKvpfiu+Ps0gogrd6bU55ge9UbzesTBVbErqNHZLEuSVarbN/Gr0tXKsau/2AiRBB52Rtmzvn01RC5RO7pVrgmSMkZQuKT10/XFVcZmCkFiMkCVyWAmrDyMDhg1B0=
server: nginx
hkmre: 1
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208333
access-control-allow-headers: *

POST
H2 200 rwffdzarrhfmlqh4k4hnwvppwosmcaez Show response
www.cs88893.vip/scytale/ 1 KB
1 KB 371ms
371ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/rwffdzarrhfmlqh4k4hnwvppwosmcaez

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

a4beb6ceee39937253befab07ca12d9f263e42e0f854090890fd10129b733e28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7597443%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.391Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: MiI2Dk/sHYR4e0TNyQsi+mCkeor69Xai2dN8d2FnEdPCzyjRoocigxRxxsmAyOTafJ35umWXLm4MmP38plUODg==
x-request-id: 3e23c781b8b85f4db837c869a4f9a6bf
sataw: aB+N3DUJ9sXF2TZjail/8OZbGZsvmTAawPeWI1XuxsIEXM6Uwjvxm68OzOKFghTrjd/QXPlGDfrOr2kReciMrBzc9Lu4yQBI5JYrv1j+AVbYTmrTBlJwy8iB4l7Wtrl5YhjPuiWLwUbwBy6jaXyaLdwXaqlXPSR2fUnGRutM5a8=
server: nginx
hkmre: 1
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208333
access-control-allow-headers: *

POST
H2 200 2wffdzn2ufzzt8o8h4vewqrahw7ifn7q Show response
www.cs88893.vip/scytale/ 272 B
573 B 365ms
365ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/2wffdzn2ufzzt8o8h4vewqrahw7ifn7q

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

320b56d6caa6cdf92d5ca2db140185045713161c5175b33676f8926cc38a8518

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7597443%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.393Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 272
x-xss-protection: 1; mode=block, 1
jckl: k5LjzofrCv0TR9jZn1OiuT6Nn7+BbBeASW3QFumhIqbjNJlzKmLzjKh3txI4Gy6qVFByeYFfiYVqW2iqKxw6+w==
x-request-id: 73073f5057e30ec5b89e2266b431a581
sataw: Vif92wFWG7Y4lJQJEhUiT9xishFChOO0lOSekdUOdUMVTfq07v01G+RaZCUhSe2AZ3g5a1zUWlThfiN7vwgJ1QRSDLAma5b2+bKLh95v3lOqenckkx/Nh52peC48T8ZURZ12YDRybJSFVWn5ch+T79b26wt/eodYfLzcJEkbbj8=
server: nginx
hkmre: 1
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208333
access-control-allow-headers: *

POST
H2 200 jwf5dznjcuhfuel8cpqxqfrd1klrqx1x Show response
www.cs88893.vip/scytale/ 608 B
1016 B 393ms
392ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/jwf5dznjcuhfuel8cpqxqfrd1klrqx1x

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

ddbac3bc51c99650cd8edbd02bd079d864934aac931cb7e9769587e0569ee53a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7597443%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.396Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 608
x-xss-protection: 1; mode=block, 1
jckl: Aa/bF2jilmFGYkkZu31LiWi2v8M3Q9NSJEF1/SCJFxWZN6UHcYTE5G8I4y6r06hFbM+8tzOg0icZ92mfUQvwhg==
x-request-id: 93190e4c5d77d8a9ae47f683d49c098f
sataw: Ctk+RLKV+jK9XuBaGVBa6MAKtzF/DbxCDATqcVlsHXPcl6Qe+BUgqxOCHP9g3G8vQMUbSqQYm3y4ndsNY7Cy+CQhGDGynZMmdJfni0tybP7NYQy64+Xr+w+k/vfuY4OhLjT5VMBrFoUnOfRih9Q8R6HC3FVDE+A+TxL6PRsylLk=
server: nginx
hkmre: 1
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208333
access-control-allow-headers: *

POST
H2 200 lfffdzquntyh1oafmopchnlbh2j7rmj5 Show response
www.cs88893.vip/scytale/ 312 B
617 B 380ms
379ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/lfffdzquntyh1oafmopchnlbh2j7rmj5

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

b2264508cba2460daa689ddd40cabcf24697db41e22ad4a9e28d1aacaf94e18d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7597443%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.398Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 312
x-xss-protection: 1; mode=block, 1
jckl: bdZs9ip8ti84WskxByx2PYhpIWW6f9jJaQtEzYkv4Hy16GqPZiqXJEZgK3Y2SGSVeN94L8nITVYIfhuLHZ/NNg==
x-request-id: e6685fb29a6a1caa03d94b1cf668c467
sataw: YECLED8rUwLOX+rWjK7cTHikdu8fFJhCEsHvrr87lebi0MOO5w8uDECveFfI5xPcthFbt1G0wplabcFsZ+OMVw47wHiwSuwioqQELxJSMd9Ik0d4meiEJKNkezuCS8h1otrZ8PPyHLMszq0nNzo4+jGV1J1h2IWhxNmbXIL91CE=
server: nginx
hkmre: 1
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208333
access-control-allow-headers: *

POST
H2 200 gcffdzabmi2g82ymwpceqzzlw8dclfms Show response
www.cs88893.vip/scytale/ 160 B
467 B 381ms
381ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/gcffdzabmi2g82ymwpceqzzlw8dclfms

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

65e75b75a462ec8892d3e6669233d0396fbaa3630f0b4728cbe83e3c7fa7783b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7597443%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.399Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 160
x-xss-protection: 1; mode=block, 1
jckl: Mfuu/vAUuEBkutskRcCnhLfwpqEkwHkm3rROSOs6gLnRfMal8Fwo3iw/SIp78FTiv7j0eZoKVEnqpz1XpH+RaA==
x-request-id: 730771fda4d55b5a5cafa8f29690d710
sataw: RkK498dFoTG0YQx/cdxSCyV7QwsUD2bAJa7HK/EXXfZaN4n6Q+tWiG0D5qZ3fP+xsQHIj9/1OI5TEttZ8CADxPLGZy+2beylcdwH2LPb5zCjOdnl/uaswELP1xu+TotMuS0tHjgBEmEzzH8lEQwZmkQ61FYV9pcgz+kX/Pnmi0I=
server: nginx
hkmre: 1
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208333
access-control-allow-headers: *

POST
H2 200 paffdzjv4lxu4wvkik7gsjrp2t2adghq Show response
www.cs88893.vip/scytale/ 848 B
1 KB 371ms
369ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/paffdzjv4lxu4wvkik7gsjrp2t2adghq

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

e85b52551e94fa3498752ed82571eb489eb62effab07face9337bd8192896005

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7597443%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.384Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 848
x-xss-protection: 1; mode=block, 1
jckl: FdEUn9/jMrdWG4Um8s5sEj7FbFH7gjHjWqZq4gitsaWeo4wzzgMq61OdBw5Pb4xpZPCJxx/RZeC4yDEbrRj6Sg==
x-request-id: 8232145e649fea3ec3c96a3792ab8f4e
sataw: QizPTU73w1KOLNm3v9RnO6ZyOoNOdUDkqa+yuGETTgof1kwWN051HZmwM2WyKlXAKOl14tfs/Z+kYZRnAq6vsp1FsuBnxLy/tTwDpF5n8+2XNJJI8Y2C3CLjpkpzun0oh6ADgM6d6EoYRqwYTAigAFI4FC4ABONDdbE/l2+S+o0=
server: nginx
hkmre: 1
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208333
access-control-allow-headers: *

POST
H2 200 iaffdzr7sfr5too1jaxm5rysh8cx7m4f Show response
www.cs88893.vip/scytale/ 656 B
961 B 371ms
370ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/iaffdzr7sfr5too1jaxm5rysh8cx7m4f

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

4fb930c6530c1a8676eb862b9b5f80601ec1e4668a7fb1cb37009848d9d7c076

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7597443%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.389Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 656
x-xss-protection: 1; mode=block, 1
jckl: ZAUiv7qmXnHjP4TCrME+4V/2zcDv4DjxyY7Wj910LbFbr3ftU0hF93xZ0ZdDmvkBQvozlTdPxRhrWi5at1kE1w==
x-request-id: 2fcaaa67d34c21c1f8fb990f90330a8c
sataw: IejJ8rW3iIr3BnGtFJf7+3ckD0NgyeNz5ccMRxyqsPGOPRkW7QNZ9fpNZTOzaQLdO3ttJWbz7UAvOgwlqHEL1KYU1NF+SFkrA2t8zcwvJx23UL7YPJX0ccwUCtJXWLPpEfcCMiQ4nmMlnUjte6DOtA7cjpOppLP/pEVggjV2ddg=
server: nginx
hkmre: 1
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208333
access-control-allow-headers: *

POST
H2 200 faffdzriffazgwoktydqmnehbnjx45da Show response
www.cs88893.vip/scytale/ 9 KB
9 KB 392ms
391ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/faffdzriffazgwoktydqmnehbnjx45da

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

4516ba105bfc3e3bb0dece3632a756dac6426a91ccd7263c191375cb58c113d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7597443%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.390Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: LJ4kt6F7GBagnqEC6ustKT8rPrx3Qr0w4KPgD/PzFNjt9tm5j+wR6hf05KL90O1R8IomaluroJVGb/GvtBpo6g==
x-request-id: 07f35b6b76db9a3516f9711b4594ce41
sataw: e9FScoK6TDrkpT0h9Ck1TkZPvpEbcncwdbw1PascifGlihjB0wzv4Elg9havluboP3vlNsRu/zgKjf+ZTkmSQCCDVD9anNdn7a2nTjiU2SkRriiSCysafGbvUftkIEqtPANQIRbyP7XBp2mcUPa0G75ERzJ0wc6lZrJ3LXvF2Fk=
server: nginx
hkmre: 1
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208333
access-control-allow-headers: *
opt_uuid: 5464d2d8-9134-4fd0-9435-5ee58c3eb61d

POST
H2 200 fwffdz8fuquzqwi1kbghbqd8kwmhmzfv Show response
www.cs88893.vip/scytale/ 5 KB
5 KB 486ms
484ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/fwffdz8fuquzqwi1kbghbqd8kwmhmzfv

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

2024c3ace7de5e84c3d283cd97d6422ea18c7f64e5cbeea44497cb20383f23d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7597443%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.400Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: JltjYH8pRDUh18l2flk6+oqFZhSQ4Ap61Hz5X10K+QMkAYlEzbmrbgBpBAkQ6xonAOWY+A0iMw1l7xXsqldW3g==
x-request-id: eb727dc99708b261bdf019312ba07c00
sataw: Ry97kkXih+uttMBL6t6wSIFlsvI8Yo9w9JUPy3uFC/lZF3tyZsUF3UOhCVMiH2FzGplYgICte12IIjqKgNiMgKN4R0F0bv0t9EOQwQc5KBmCodp4JD9icT8b2E8adrbukUfkA0xaApQ2yO15z/vMRBdf0W4c+bsC1o1R7zrjT7w=
server: nginx
hkmre: 1
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208333
access-control-allow-headers: *

GET
H2 200 411ac57fd44b48efa23895d0a60a94f7.png
ktpbds.aratalife.com/clientManage/ 2 KB
2 KB 188ms
63ms Other
image/png 128.1.77.230
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://ktpbds.aratalife.com/clientManage/411ac57fd44b48efa23895d0a60a94f7.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.77.230 Paris, France, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: nginx /
Resource Hash: ad70f9ea295ae9a516aec36dd38c950f959e967641dfc07240c75088debc8a33

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7597443
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
last-modified: Sun, 14 Jan 2024 06:07:57 GMT
server: nginx
ips-gateway-cache: HIT
etag: "65a37a3d-6de"
ips-server-id: 0
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1758
x-ser: BC36_US-Michigan-chieago-1-cache-1, BC232_FR-Paris-Paris-3-cache-1

POST
H2 200 q5afdzry5ynz8jjd8rmexkyixegekpcw Show response
www.cs88893.vip/scytale/ 2 KB
2 KB 372ms
344ms XHR
image/jpeg 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/q5afdzry5ynz8jjd8rmexkyixegekpcw

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

43c0c96e44823810894e72c1d7b509bfb2e802f9daa4ea7b1144197733442248

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.867Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 2146
x-xss-protection: 1; mode=block, 1
jckl: XFHaowxLzU6Q85nwsUaaMEtQ8GiEttF3r0tzOjXfWQF3aEJechwP2Ean4SoD2QYPRgEwjcnVM7Cr/kYLQ/zBBA==
x-request-id: ee15d3b04c358b37beac25ea66359f90
pragma: no-cache
server: nginx
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 common_Entry.6fb0f968.css
www.cs88893.vip/css/ 59 KB
11 KB 302ms
298ms Stylesheet
text/css 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/css/common_Entry.6fb0f968.css
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/runtime.eff229cf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: cfcb360e64bb9479d29692a7f2617d50530386b698759447c726ebec8b20e39b

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: text/css
cache-control: max-age=1800
alt_svc: clear
jckl: xRD1P4ymYT264LDeiCMVt+HGrRKTuRe3bfrfbCXMEVyqLejTy10+tnI0Y7YBzBgH1pUBLILDYLrnD8aTWfqvpA==
x-request-id: 65161cb4e555e4d23495cbbffaec5025

GET
H2 200 common_Entry.e10fe6c3.chunk.js Show response
www.cs88893.vip/js/ 141 KB
47 KB 318ms
293ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/common_Entry.e10fe6c3.chunk.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/runtime.eff229cf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 40af33b59f506bdd28c3183f5ee0e978c8796cc1f51538743e8e054986fc9f74

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: qgFaerhLpVOFG04UNYMPAxUiIUUCR0Zmb+yhMUvvTCqE+gP3+m/sqX8vmDBQofQN7XLK9ahd+82O8FSVG0fAwA==
x-request-id: 5ad240d071b90cf4aad4db6ac3baaa3b

GET
H2 200 login_bg.6b769804579d3f1e7f0411f8dea37746.webp
www.cs88893.vip/assets/commons/images/logoEntry/ 62 KB
63 KB 334ms
313ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/commons/images/logoEntry/login_bg.6b769804579d3f1e7f0411f8dea37746.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e592a3b50a944af8840239582a05f8ecbd24a3dea7b1e37858e81eca123c24b

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:39 GMT
server: nginx
etag: "66c4960b-f98a"
x-cache: EXPIRED
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 63882
jckl: 1xN8B6yeP4QuT69/mDJ6wncgX230v1HxUxU8gsw1Th5rfEYi9jIi56lFPOPsO9Ra3ADjwiyOoxiY01g71YisJw==
x-request-id: 6a38023398dfe49b8b3ba3e6088bd57d

GET
H2 200 icon_sms_code.9bc72747b7541ead2f1472623d54de5f.webp
www.cs88893.vip/assets/commons/images/logoEntry/ 524 B
696 B 332ms
316ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/commons/images/logoEntry/icon_sms_code.9bc72747b7541ead2f1472623d54de5f.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 150dde236a6b01b81701896d40b431dcc64ddf5ce651bed69fd316af968da9d0

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:39 GMT
server: nginx
etag: "66c4960b-20c"
x-cache: EXPIRED
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 524
jckl: O+CGz+r5S1ZUS7XwejWbWkS5I9xE1DSar/j9NalZGiAOsPh8x+kKfTKgIINpDHXnnZw6WqtAxmzSr6rkDKivsw==
x-request-id: 7813f5d37c27bd918b7a4fbff4147976

GET
H2 200 login_icon_fastverification.4a9726458b0226bac917598d45fff4dc.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 1 KB
2 KB 331ms
316ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_icon_fastverification.4a9726458b0226bac917598d45fff4dc.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 61f455e6e737926398d4a92aa6f535998a0637f5e1eff502ab8ddd194e7cc9ca

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:39 GMT
server: nginx
etag: "66c4960b-57c"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 1404
jckl: N+fYIG9zP9mfA3RWoZRKPsjqMl4y8nlAdfppmRVQJqXPzGmDfYRVJDtnycR8lU642ESQyLttIlzy5bXqMiESPA==
x-request-id: 445e521684f27943c870bb260a9f69dc

GET
H2 200 411ac57fd44b48efa23895d0a60a94f7.png
ktpbds.aratalife.com/clientManage/ 2 KB
0 57ms
57ms Other
image/png 128.1.77.230
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://ktpbds.aratalife.com/clientManage/411ac57fd44b48efa23895d0a60a94f7.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.77.230 Paris, France, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: nginx /
Resource Hash: ad70f9ea295ae9a516aec36dd38c950f959e967641dfc07240c75088debc8a33

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:35 GMT
last-modified: Sun, 14 Jan 2024 06:07:57 GMT
server: nginx
ips-gateway-cache: HIT
etag: "65a37a3d-6de"
ips-server-id: 0
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1758
x-ser: BC36_US-Michigan-chieago-1-cache-1, BC232_FR-Paris-Paris-3-cache-1

POST
H2 200 5c8fdzqp2cz5wjm4jlpxod5ckk4rwzdk Show response
www.cs88893.vip/scytale/ 144 B
305 B 349ms
346ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/5c8fdzqp2cz5wjm4jlpxod5ckk4rwzdk

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

7d02c73c726993ba982b64705959568a72c07845203eda5b4bb991caee49219a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
scytale: 6;OQEK1M%(.d!pU5^Cb@G7Y@A3\1O)7f3-d;%f=*>>(Cjf/CpYpz]$S1##&rpfh(/Yr/A32*G~C.=O{+pf^W&\3]C9GOY_A}7[,n=(C2n!x
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 144
jckl: j422TIGp5/bwJn225HYxJ+tXB9KoQm4wbilHDInArxsG83LjZNXEXwcl08J4HVLIbxDaTfstXOB/J3AzROew2A==
x-xss-protection: 1
x-request-id: cd9f1acf011e1418a095421eb345b1c3

POST
H2 200 ntafdzaetqqcn5awe8af4pmvvhhptoem Show response
www.cs88893.vip/scytale/ 336 B
680 B 353ms
352ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/ntafdzaetqqcn5awe8af4pmvvhhptoem

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

c3fdc90b444de2a18e134eebf853519521b57158cf4490fab7bf75afc28bf4f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.859Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 336
x-xss-protection: 1; mode=block, 1
jckl: A6N/SSxqxO4phl9Y9JcfZyAcitLKN9VFhzGblySHzbLqt6php+07OuSij9e3PvcA4g9fDV+hBKiERh5pOIAC3Q==
x-request-id: 26d121701473dd8d648315d0fd8a5e7d
sataw: kylmw1HMP4hhTyU9Yjg0ks+3sahk11tsmq2nF6u7WwP/Kkhla65lqYJlor0/LjJLJ+UInXQ32D+G8q2iHHNeAVTTwP97uI9i5KBWWfXldcR7ujoxFg2xpaIrsXWQ9vI1T/dKmsSJGxmNhkD6ZNYmpoqByNGxG3jZzCWRB0V3WIU=
server: nginx
hkmre: 1
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208334
access-control-allow-headers: *

POST
H2 200 aaafdzjgv1u28zicriga87y1k74wr5oe Show response
www.cs88893.vip/scytale/ 288 B
591 B 361ms
350ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/aaafdzjgv1u28zicriga87y1k74wr5oe

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

636a937ebc93a815ea782fbfbea7c91511461101cabdc5b615fc36fd88e72d17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A35.860Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 288
x-xss-protection: 1; mode=block, 1
jckl: 3XMnI9D2SxnwT8ASrNS6UMs6reURRmNZvkz/lvASvrA0xFSrtDo4dJJf9cgK3Z4ExykjW3SDib9oxplveOZXGA==
x-request-id: bf468a8bb7c38682b17c10c0d8f952e0
sataw: guUU2ta71GC4TrjEk+6qCwCclyOqRBOp3HQtkXF42L53baM9un9DKBoj8PCtJnh0Jz380x8CXVGyZNkNy50F45w5Av6twGu/hP18uKiNSuHuNZPOqvaDdeYH/o+0nnFCuYljD5eCMqG7FsxnVF1MO8MaS5mqd0+mntOM/Npamtc=
server: nginx
hkmre: 1
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208334
access-control-allow-headers: *

GET
H2 200 login_icon_username.85cc6929135be70e3f7a9a5ac5c7332b.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 1 KB
1 KB 291ms
290ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_icon_username.85cc6929135be70e3f7a9a5ac5c7332b.webp
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/css/common_Entry.6fb0f968.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 02823bdab5bfe29d049fe39d47f80a5da001ef4bc69ab47781d66606a2d404ea

Request headers

Referer: https://www.cs88893.vip:30050/css/common_Entry.6fb0f968.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:39 GMT
server: nginx
etag: "66c4960b-458"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 1112
jckl: tl6Oi7xuX4IfiHxoe4QRdh9pLRpRk4xvAwo7QZnSCLzy4EZL1YIGJSIttIPzyk7bNtr/6O0fPwJCafrbwr7yng==
x-request-id: cb83f93f6f6412a3675e6b3035b9d7eb

GET
H2 200 login_userpassword_icon.63fcffa657bba9aaafd2d599c3c7ae78.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 1 KB
1 KB 293ms
292ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_userpassword_icon.63fcffa657bba9aaafd2d599c3c7ae78.webp
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/css/common_Entry.6fb0f968.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: b98bb3be5e7f26c8f63b9be071790237e0d7602db03c55e0d9415ea5c800ae25

Request headers

Referer: https://www.cs88893.vip:30050/css/common_Entry.6fb0f968.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:39 GMT
server: nginx
etag: "66c4960b-490"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 1168
jckl: lP/Z635s8mPHTlNNCum9aNhn5qlTKk+pVobGxy3qOfzMmtPEsrGPZigRPGLJI+McBmxosVmavWYHC6nKCSyV4A==
x-request-id: 6be6164c02c0ce6745d30b68da201f43

GET
H2 200 login_icon_checkbox_select.3cc75b6c459ca2ecf362681d6aa54b13.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 312 B
480 B 295ms
295ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_icon_checkbox_select.3cc75b6c459ca2ecf362681d6aa54b13.webp
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/css/common_Entry.6fb0f968.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ef8eaa121b0e7ebac863bfbd2fceebcabd090f76ac2cffc2e7fc828b5b29a9c

Request headers

Referer: https://www.cs88893.vip:30050/css/common_Entry.6fb0f968.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:39 GMT
server: nginx
etag: "66c4960b-138"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 312
jckl: rObmXoQP09qLSglhtW+x9JFMjZgtlckP/NvhsRpMN8Iw9RXKVS6KYDnE/gwr/CdjNBRgdn2q7lX12XYR3UIuvA==
x-request-id: ac9259ef00652c178f45c39c570cb276

GET
H2 200 entry_submit_bg.5d1eb1ec99c8ac75983e4696baf9f121.webp
www.cs88893.vip/assets/frostedPurple2/colorSystem/purple/logoEntry/ 2 KB
2 KB 294ms
294ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/colorSystem/purple/logoEntry/entry_submit_bg.5d1eb1ec99c8ac75983e4696baf9f121.webp
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/css/common_Entry.6fb0f968.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f687fd3366f6b6d9054fa2c6dbc147d13df541d7cc30bfee041bb8bbc468cc4

Request headers

Referer: https://www.cs88893.vip:30050/css/common_Entry.6fb0f968.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:38 GMT
server: nginx
etag: "66c4960a-7b8"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 1976
jckl: rdxtdp6YO3tUoVvgpHhoPYDHzAN0TSEjUNcJUa+LwhHFE+uIwCX7JlLoQXoVWcW0lhCqIIvPaleQGjlStQpxJg==
x-request-id: 6c95ed6e7f10949e13a1a3235fa2ddc6

GET
H2 200 DINPro-Medium.otf
www.cs88893.vip/font/ 138 KB
138 KB 321ms
321ms Font
application/octet-stream 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/font/DINPro-Medium.otf
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/css/main-e96e9bea.66984443.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 67f71fdc0019df2b77da656b6eb4fbae4d30dfbdeac0c6c71e87449754fe4caf

Request headers

Referer: https://www.cs88893.vip:30050/css/main-e96e9bea.66984443.css
Origin: https://www.cs88893.vip:30050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:12:22 GMT
server: nginx
etag: "66c49636-22610"
content-type: application/octet-stream
cache-control: max-age=0,no-cache,no-store
alt_svc: clear
accept-ranges: bytes
content-length: 140816
jckl: gVWnsOLzjEZl5CqnE53y7oeCA9v/4gduNijDtvydfT35AAHnw5A+Gqx8iF1Gl5n7FclXfJlmsEEPN1cjGmhbEQ==
x-request-id: 3ffbd16ba50b4e56cc956ea0a5df2fac

POST
H2 200 owafdzjvc5gapnometeglb2ixivqda8k Show response
www.cs88893.vip/scytale/ 2 KB
2 KB 480ms
476ms XHR
image/jpeg 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/owafdzjvc5gapnometeglb2ixivqda8k

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

8ede0774e05b3443770de2f91c2365f6ce4513c02c80bbac7d687fd3a20c2617

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A36.283Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 2100
x-xss-protection: 1; mode=block, 1
jckl: DQIDwkt/wz4WTimf8EdwPG+qe+ZCHbZGFQWiGv8440UbSjNchD7NLXRasirO0qQ7IoslfXtH2ZPx3yB/BGQErg==
x-request-id: 9d9f5670dfe3dd3cef08df2ce9f67e57
pragma: no-cache
server: nginx
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 login_bg_webp-ignore.3d4a9378e950727b663a1b3df3f6adb0.png
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 783 KB
784 KB 306ms
304ms Image
image/png 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_bg_webp-ignore.3d4a9378e950727b663a1b3df3f6adb0.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 723db99edebfb69633d97bc64a2da1fb8b60275676547b5ab9b44753fa2b2436

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:39 GMT
server: nginx
etag: "66c4960b-c3b13"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 801555
jckl: OJ2iarXZaRn9eHVASpwzWnF6WxFmZGi07su0940uDLuQGZkbaYcYbg45lMwEp1EpxdjN6pSoBLABBOpb1uoHtA==
x-request-id: 8e737cb40f63714cf2c931e2cedf00c8

GET
H2 200 login_icon_loginRegis.4f695a5ee539f9a4c4341168c4de628e.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 908 B
1 KB 294ms
292ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_icon_loginRegis.4f695a5ee539f9a4c4341168c4de628e.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: d58dd15b6caadcdbb4649a02ff4228bbee7c8c1e5862773d8ee0b7941ae6da0c

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:39 GMT
server: nginx
etag: "66c4960b-38c"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 908
jckl: XLxuse+92XGW/fu141arbICMRVfCbdYr61r5yy00LGqWVGD4Ke25cVPPAFuu4Mu/cmfjwic8eLMgXn7AtaZKAg==
x-request-id: 4de0b2864d13034eb521819ffd6f3d7d

GET
H2 200 login_icon_guest.a448f513227c6a5223e83b7d01800e16.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 726 B
901 B 303ms
301ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_icon_guest.a448f513227c6a5223e83b7d01800e16.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: d542938b04c27ab5e23d45f9c22fa620a5ea1c54adae3d6c2ce8b37c966cf895

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:39 GMT
server: nginx
etag: "66c4960b-2d6"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 726
jckl: JPYsmeJb9KWID7qcqznzm921wdmRC7aA085r8VcJOOqjhOy302Gb4yeUlKVs+RC+y4OuohPB1e2junvFOnSSCg==
x-request-id: e85212f5d586779d3bd898e1ae83ee0a

GET
H2 200 login_icon_service_while.4f2c6901631b63d18dba27ce7ddcb5ae.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 768 B
942 B 304ms
302ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_icon_service_while.4f2c6901631b63d18dba27ce7ddcb5ae.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 15eb607baa9a4b2ef861e1243e39e0c586662993c23b771cace28b1fbff4a6c6

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:39 GMT
server: nginx
etag: "66c4960b-300"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 768
jckl: ARU9mPPKVGe6lFZ+JTTRPUKatMy9nSLMH5+MSnzRaH9BqOmysS8dahJr8ML3mrau2svCP2WqVzBdo1JVrYy9nw==
x-request-id: b0242ecb30627b3472fad1467607efe8

GET
H2 200 icon_phone.1b4034eb56c45c6154722098dfd7d9ea.webp
www.cs88893.vip/assets/commons/images/logoEntry/ 422 B
597 B 321ms
319ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/commons/images/logoEntry/icon_phone.1b4034eb56c45c6154722098dfd7d9ea.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aef37bfecf224bf0fdf186d3240e8f9bf62782ff4c4cbf3659e1f9196675320

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:39 GMT
server: nginx
etag: "66c4960b-1a6"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 422
jckl: yYk/ficC2312p7ZKJHLNu9qwDJhgZDf7tuMc1pbZ/FaFhCJwEkJs+xsrtrTWg57gvf5LsxRqEIUbcomgzFtPxQ==
x-request-id: adc29172b7eaff147b6e900ce5993819

GET
H2 200 icon_sms_code.d7ae69737c162c2878bdaac0b57100e6.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 968 B
1 KB 304ms
303ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/icon_sms_code.d7ae69737c162c2878bdaac0b57100e6.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bfbc9f45626512fa80e3e04416ff89e2ed5bfacf553162b7660748ea314b546

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:39 GMT
server: nginx
etag: "66c4960b-3c8"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 968
jckl: ocQNlLr3lJ0sQAVU9cEu/a0DN+wsXD23K21GE3A+ERHxrs5PJjOuTd4xQ1d7LZN/AO7vDvgAa9xdav5z7KDzxw==
x-request-id: cd0ba5dc06d30c9db8c7614318299823

GET
H2 200 login_icon_service_black.37a97d80c43dfec385b079089654d860.webp
www.cs88893.vip/assets/commons/images/logoEntry/ 444 B
620 B 323ms
322ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/commons/images/logoEntry/login_icon_service_black.37a97d80c43dfec385b079089654d860.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 188d90ad58d8c4a0969583fe14d10be202321a6f96c071c8295afbe80d30386f

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
via: 1.1 google
last-modified: Tue, 20 Aug 2024 13:11:39 GMT
server: nginx
etag: "66c4960b-1bc"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 444
jckl: WjXrc1eJKQ1ipSKaKSBW1DhHvzYVSuUkrM+AD5WhmRy70KLQDSEl9w3Ybi87xWqWeYimGa+LkDsTYyCisrjQcA==
x-request-id: c0d99859be3833a7a0bc4d908509d99e

GET
H2 200 4e7d2d5657aa462d9c63c0c065c54a05.png
ktpbds.aratalife.com/clientManage/ 9 KB
9 KB 50ms
49ms Image
image/png 128.1.77.230
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktpbds.aratalife.com/clientManage/4e7d2d5657aa462d9c63c0c065c54a05.png?x-oss-process=image/format,webp/quality,q_90
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.77.230 Paris, France, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7258556df9f822332791e4efcba6808c4d909b631c9a5d81d41615acd6597e49

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
ips-gateway: TRUE
server: nginx
ips-server-id: 0
access-control-allow-origin: *
content-type: image/png
content-length: 9306
x-ser: BC36_US-Michigan-chieago-1-cache-1, BC227_FR-Paris-Paris-3-cache-1

POST
H2 200 a5afdzqz1avitq2mkisxnhyar14nzj8i Show response
www.cs88893.vip/scytale/ 336 B
665 B 437ms
436ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/a5afdzqz1avitq2mkisxnhyar14nzj8i

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

fa196c8adf8468fa7d06d8c2046f350456ea3ccf1385cecccd3cfa974a21868a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A36.276Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 336
x-xss-protection: 1; mode=block, 1
jckl: GwEhlPDnIHlrlqcjsbuMVFBEjd7+8uO0izfXjiQ18z1c2+DXSSvO+nVTg0FXRBBlBPL64gXVjZj1PH88oBSOSQ==
x-request-id: cf7b3a2aa83b726905a97118d0ee31a0
sataw: bqiSh5CQKbs33lPBDzU01fjAy7+HCaPz747JPU7SE0K4RbFEHic3/ALiY4AmILhWamDuYwCt7X8jxCY+6iItLWQgZFSuLIFvG3OnjlIBjILpAUpcawsSZK7uZ5Fs/jwr7mpAkv55cnRPhBv5sSTJQATQo7EhNUZVZgXGqLlWqbE=
server: nginx
hkmre: 1
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208334
access-control-allow-headers: *

POST
H2 200 1fafdzjox8k2dah8u5mqffy5mzgrkuvi Show response
www.cs88893.vip/scytale/ 288 B
613 B 451ms
451ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/1fafdzjox8k2dah8u5mqffy5mzgrkuvi

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7aae5c59.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

3f480cff0b317f5023a9971c9ab3850a8fd44d7c7efec35808f3cb4a95bfb239

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F8%2F20%2021%3A09%3A28%EF%BC%8Cbranch%3A%20version%2F240821%2C%20commitId%3A2341963800683bedc46750fe3911238fb6236e8d%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-08-21T02%3A45%3A36.278Z%22%2C%22slt%22%3A%222024-08-21T02%3A45%3A35.272Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FAug%2F2024%3A04%3A45%3A33%20%2B0200%22%2C%22timestamp%22%3A1724208333%7D%2C%22diff%22%3A-2272%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Wed, 21 Aug 2024 02:45:36 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 288
x-xss-protection: 1; mode=block, 1
jckl: Ib9nbteQtQA8HrkJOCMN0zCH8aKLym/HBPPKlj6oohPE41ImNedZWYZKykL8VfH9hy1mlqhLywu/3vgc6fW2uQ==
x-request-id: 7ad434189179bdd367bdd93453681c18
sataw: nNLmGVmor7JyToreK6mTGKP4JzHBNBLsYrS/Cjnpo4LFUr/rWSxFteqBeRF4t8RZmFLx7or0KuAXKD52ins51LXnpw2e30dIzRsLOUs1FiqJ4W1n9ZHjZt40FWEKc11fal0oER1ekvRlaTLt6+AHgc8B32u+p7Bu7YfWRbKB8zY=
server: nginx
hkmre: 1
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1724208334
access-control-allow-headers: *

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cs211.cc/	1969-12-31 23:59:59	Name: https_waf_cookie Value: 66da5548-a1ed-473020842d0707112d775b3084537b8b86a7
cs211.cc/	1970-01-20 22:56:50	Name: acw_tc Value: ac11000117242083322116827e008a65f0d52b9c7c5b048659a5ee654def3e
www.cs88893.vip/	1969-12-31 23:59:59	Name: https_waf_cookie Value: c12539e7-8717-4abc4b75c74aa9e04c2db5a7b505f2445e4d
www.cs88893.vip/	1970-01-20 22:56:50	Name: acw_tc Value: ac11000117242083331621535e0086db435df76f686d06810b01ff4b1a9e5b

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.cs88893.vip:30050/entry/register Message: [DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://www.cs88893.vip:30050/entry/register Message: [DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cs211.cc
ktpbds.aratalife.com
www.cs88893.vip
128.1.77.230
2606:4700:90:0:278e:685b:5466:ce8e
38.47.158.193
02823bdab5bfe29d049fe39d47f80a5da001ef4bc69ab47781d66606a2d404ea
150dde236a6b01b81701896d40b431dcc64ddf5ce651bed69fd316af968da9d0
15eb607baa9a4b2ef861e1243e39e0c586662993c23b771cace28b1fbff4a6c6
188d90ad58d8c4a0969583fe14d10be202321a6f96c071c8295afbe80d30386f
2024c3ace7de5e84c3d283cd97d6422ea18c7f64e5cbeea44497cb20383f23d1
203555ffec08c3e848a153ac668e70006a21c7882ba8dc81ebad78fa286281bb
314a34e7192d9710ea7bb53c5105570fc0a0d61ed8403c1c44f2ae9f0b9573aa
320b56d6caa6cdf92d5ca2db140185045713161c5175b33676f8926cc38a8518
3f480cff0b317f5023a9971c9ab3850a8fd44d7c7efec35808f3cb4a95bfb239
40af33b59f506bdd28c3183f5ee0e978c8796cc1f51538743e8e054986fc9f74
43c0c96e44823810894e72c1d7b509bfb2e802f9daa4ea7b1144197733442248
4516ba105bfc3e3bb0dece3632a756dac6426a91ccd7263c191375cb58c113d7
47d72aea7348cf1fe1ef61c2d14d1dea3322fd16d28cc86accd49bf1d998ac1b
48de59769ac83fbac586c2614f3fd3aaed6c78a4199f5f24c2bae9b992f2747a
48f1caedea5e461f0cf3f75d34efdeff81ca2e950aa68a34687e8360472ebb16
4945eddc80b27831df895fbaf4ced7436445cd9a6ea5a32503d247ed01f54e36
4b2a56357dd060684534895ead31b8df2a8cc6aa9779e1bec986ff553a5b046e
4fb930c6530c1a8676eb862b9b5f80601ec1e4668a7fb1cb37009848d9d7c076
56043e978547f8577004828892410c9cc9ca743dbb8d9761d42550ef615b7c16
57b2392233d314ab53cfdfb7991fd5a27a364c0a00397bcc7d05d4bf5a9bc1f3
593a1f7d28172a1972a0da2af1bf72e116d1a879b44b6d322662370b9cf2f556
5ef8eaa121b0e7ebac863bfbd2fceebcabd090f76ac2cffc2e7fc828b5b29a9c
61f455e6e737926398d4a92aa6f535998a0637f5e1eff502ab8ddd194e7cc9ca
636a937ebc93a815ea782fbfbea7c91511461101cabdc5b615fc36fd88e72d17
65e75b75a462ec8892d3e6669233d0396fbaa3630f0b4728cbe83e3c7fa7783b
67f71fdc0019df2b77da656b6eb4fbae4d30dfbdeac0c6c71e87449754fe4caf
6ad938eec1af8524b572ff09bd9f62eda9c1538464fa8f95ac16d26041e2e593
6aef37bfecf224bf0fdf186d3240e8f9bf62782ff4c4cbf3659e1f9196675320
6b8075f84409d3848786722954f0bf283d43b1a1faa4515d11439d659ca0128c
6c7b8e472873cf3ccd0b8138c3be2960b13cf1fde6a99896fee94305ba39a970
6e592a3b50a944af8840239582a05f8ecbd24a3dea7b1e37858e81eca123c24b
709fcdf922435bfdf9d7662e5b15555a7eab9567910847353cb7db88fe5f8513
723db99edebfb69633d97bc64a2da1fb8b60275676547b5ab9b44753fa2b2436
7258556df9f822332791e4efcba6808c4d909b631c9a5d81d41615acd6597e49
7bfbc9f45626512fa80e3e04416ff89e2ed5bfacf553162b7660748ea314b546
7d02c73c726993ba982b64705959568a72c07845203eda5b4bb991caee49219a
8c6d3730ea70bd7fd4f1ea95c5e4e35e1675f6b9610dd1eb48cc999fe9a43b5e
8ede0774e05b3443770de2f91c2365f6ce4513c02c80bbac7d687fd3a20c2617
8f687fd3366f6b6d9054fa2c6dbc147d13df541d7cc30bfee041bb8bbc468cc4
a126ba87e5b8e61fcb2c87c37397ce46b2b7477b3c807dda1a1bc3f8cb4205e9
a49a8a6311795e4cafb668cbf160d694328892acb03ac06ba74527c7c179ff13
a4beb6ceee39937253befab07ca12d9f263e42e0f854090890fd10129b733e28
ad70f9ea295ae9a516aec36dd38c950f959e967641dfc07240c75088debc8a33
b2264508cba2460daa689ddd40cabcf24697db41e22ad4a9e28d1aacaf94e18d
b5afa29615fbda086790ff13baaccd912dd062976ea2e394c0e3f39a30820745
b98bb3be5e7f26c8f63b9be071790237e0d7602db03c55e0d9415ea5c800ae25
bc82c3ea910986862b80ae31219631136eea7e707f394b178ffdb8f1a7958a6e
c3fdc90b444de2a18e134eebf853519521b57158cf4490fab7bf75afc28bf4f4
cfcb360e64bb9479d29692a7f2617d50530386b698759447c726ebec8b20e39b
d542938b04c27ab5e23d45f9c22fa620a5ea1c54adae3d6c2ce8b37c966cf895
d58dd15b6caadcdbb4649a02ff4228bbee7c8c1e5862773d8ee0b7941ae6da0c
d9ce8947e52c9a6e54db8638960adb5e0ed8306b0d668dd7261d459277d94d5d
ddbac3bc51c99650cd8edbd02bd079d864934aac931cb7e9769587e0569ee53a
e85b52551e94fa3498752ed82571eb489eb62effab07face9337bd8192896005
ee7065bf2508c279d44535c26b866ad97f78cac14472d4c44772235bdd960c8f
f2759c69c362dda622e87ee89b95fdc41d63acaa142f7a40ec834a4ded8f2698
fa196c8adf8468fa7d06d8c2046f350456ea3ccf1385cecccd3cfa974a21868a
fad5af7d408257bd5df2b9a020bbd2675585ea7bd3cff3214d8cb974e1504277

www.cs88893.vip Open in urlscan Pro 2606:4700:90:0:278e:685b:5466:ce8e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

59 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

2214 kBTransfer

4620 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cs88893.vip Open in urlscan Pro
2606:4700:90:0:278e:685b:5466:ce8e Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2214 kB
Transfer

4620 kB
Size

4
Cookies

59 HTTP transactions
1 data transactions