www.cs88893.vip Open in urlscan Pro
172.65.176.239 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cs127.cc/
Effective URL:
https://www.cs88893.vip:30050/register?i_code=7642670
Submission Tags: falconsandbox
Submission: On July 26 via api (July 26th 2024, 2:05:46 pm UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 58 HTTP transactions. The main IP is 172.65.176.239, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cs88893.vip.
TLS certificate: Issued by R10 on June 15th 2024. Valid for: 3 months.

This is the only time www.cs88893.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	65.181.133.170 65.181.133.170	134729 (JPTL-AS-A...) (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED)
55	172.65.176.239 172.65.176.239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	128.1.77.227 128.1.77.227	21859 (ZEN-ECN) (ZEN-ECN)
58	3

2 65.181.133.170 (United States) 2 redirects

ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK)

cs127.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 172.65.176.239 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cs88893.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 128.1.77.227 (Paris, France)

ASN21859 (ZEN-ECN, US)

ktpbds.aratalife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	cs88893.vip www.cs88893.vip	2 MB
3	aratalife.com ktpbds.aratalife.com — Cisco Umbrella Rank: 972928	11 KB
2	cs127.cc 2 redirects cs127.cc	646 B
58	3

	Domain	Requested by
55	www.cs88893.vip	www.cs88893.vip
3	ktpbds.aratalife.com
2	cs127.cc	2 redirects
58	3

This site contains no links.

Subject Issuer	Validity	Valid
www.cs88893.vip R10	`2024-06-15` - `2024-09-13`	3 months	crt.sh
ktpbds.aratalife.com Certum Domain Validation CA SHA2	`2024-04-30` - `2025-04-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.cs88893.vip:30050/register?i_code=7642670
Frame ID: F2E14B1179A333C0AB1B43260223A1BF
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

财神官网

Page URL History Show full URLs

http://cs127.cc/ HTTP 307
https://cs127.cc/ HTTP 302
https://www.cs88893.vip:30050/register?i_code=7642670 HTTP 307
http://cs127.cc/ HTTP 307
https://cs127.cc/ HTTP 302
https://www.cs88893.vip:30050/register?i_code=7642670 Page URL

Page Statistics

58
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2207 kB
Transfer

4604 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cs127.cc/ HTTP 307
https://cs127.cc/ HTTP 302
https://www.cs88893.vip:30050/register?i_code=7642670 HTTP 307
http://cs127.cc/ HTTP 307
https://cs127.cc/ HTTP 302
https://www.cs88893.vip:30050/register?i_code=7642670 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request register Show response
www.cs88893.vip/
Redirect Chain

http://cs127.cc/
https://cs127.cc/
https://www.cs88893.vip:30050/register?i_code=7642670
http://cs127.cc/
https://cs127.cc/
https://www.cs88893.vip:30050/register?i_code=7642670

3 KB
2 KB

287ms
286ms

Document
text/html

172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/register?i_code=7642670

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

af485889cbff0e88d666630fb99e38aa1f1f1ccc462694d21b60416faef7fb7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 26 Jul 2024 14:05:38 GMT
jckl: yUpMfEYkflVt4rLE0kR8QaTjV5QTlZnfNEh+f3fFgGDLFPGGvPQB+U7aPVyHHvZB8ljzJbMN8//lzGCo4goMwA==
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-request-id: 18f3c19b85b8f5ea4bc96ab48abe673f
x-xss-protection: 1

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 26 Jul 2024 14:05:38 GMT
jckl: sZgQiOOUBIhEMsUmw4/a8VFpMXiHInw7bA2XJtJcvinmNdUJhpcGgq+BrKXYfHamu3uifNe5UUhUztE/ikukPA==
location: https://www.cs88893.vip:30050/register?i_code=7642670
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
x-content-type-options: nosniff
x-request-id: 190871dd347d92127d02021d071b29c7
x-xss-protection: 1

GET
H2 200 WaveIcon.ttf
www.cs88893.vip/font/ 43 KB
43 KB 541ms
539ms Font
application/octet-stream 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/font/WaveIcon.ttf
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 5633e5a9438969bcf1d2d0a1bc1ce77193d3846e1d51049039b46484bee05c54

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
Origin: https://www.cs88893.vip:30050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:39 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:07:06 GMT
server: nginx
etag: "66a0e05a-aa10"
x-cache: MISS
content-type: application/octet-stream
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 43536
jckl: K17gDPSFX5TAswIn0Tt3MNgJ+rKLg7l1KzeMwYpz4/6bpnmRZyPhsKbBTc1E5UPiqdVS9rDwF+qtJ6EupzYpBQ==
x-request-id: 6e5e5ad064823a9175ce79239bf2067d

GET
H2 200 getNgServeTime Show response
www.cs88893.vip/diff/ 32 B
256 B 680ms
679ms Script
text/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/diff/getNgServeTime
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f839a8353a4058ae8d82ddb2e4abbddc50974492865f64fd073c1065e3102c8

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 14:05:39 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
jckl: FaEsoGRbaX9k/bPB9wBeQEYU2O2I7q/Ri5hB3iecGgbf5lJoa7kJfVBbbcm10NOEabbN/FTGiohkwJZONJmKXA==
x-request-id: af7d81fd45abee62c014de73ae9f26e0
expires: 0

GET
H2 200 main-e96e9bea.0536733f.css
www.cs88893.vip/css/ 78 KB
15 KB 365ms
364ms Stylesheet
text/css 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/css/main-e96e9bea.0536733f.css
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 88c9b0c3ee19611b8c2bad71eaf125374182369c00859e77d0d9bbc5de836c6d

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:39 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
cache-control: max-age=1800
alt_svc: clear
jckl: he26tdPmQwzVVbXcRBa6cRvzQVVFV0ZvQX9eMnNH0//A2oYeDEdMybNHeEAWTtcjKjko0DM84YNb3gVFXGb1+Q==
x-request-id: 7799d97df51d64bc8167fbdf2738cc0e

GET
H2 200 theme.config.js Show response
www.cs88893.vip/ 846 KB
261 KB 745ms
744ms Script
application/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/theme.config.js?240724190346

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

aabe04af1d3bad21cfd95361b00df774b422a8ab4ec61412a546f5691ee5e4d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
via: 1.1 google
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
x-xss-protection: 1
jckl: ZaQwD51rebnBR9nLFsGnPNcyti8YUsDJrp3f+/W1s8muRN7h9csWXq1bra3pQO2O/2NXUMcEqlb24jWsgtj5kg==
x-request-id: 3786c8798255d9ec479dd101fe477217

GET
H2 200 runtime.0719a37d.js Show response
www.cs88893.vip/js/ 12 KB
5 KB 514ms
511ms Script
application/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/runtime.0719a37d.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: bd2c1f4b6a801ede5a3d9a556201ee0cd6dcb29bb9c2415646d4379c96dd6bb9

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:39 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: hQimsIy6cH3dv9jC1vd08DMuXPM8ut+hQpUjrl5aYb1GcH1a1Oe4Yq5IH5jVHclMhZqhAQwXNET6YMRKksX90w==
x-request-id: 4477d4f383f72142ca5735cefa93b433

GET
H2 200 2265.583e74a4.js Show response
www.cs88893.vip/js/ 133 KB
43 KB 644ms
633ms Script
application/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/2265.583e74a4.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ad938eec1af8524b572ff09bd9f62eda9c1538464fa8f95ac16d26041e2e593

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:39 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: CPcw8NIG2fdOaVcCes3NTzHsRTtn3zE8g8sa4dzHqTIL53zl8xd0FnZpbuXHkn6tlD88skz5bnKalNf2O1rxPA==
x-request-id: fc4d61e5a2dde82847c9e78043e0d4d5

GET
H2 200 5387.9375b2dd.js Show response
www.cs88893.vip/js/ 266 KB
83 KB 611ms
601ms Script
application/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/5387.9375b2dd.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e28d9ad432984c09a517fc86d20fe65f9733446647d7ce0394a4f077bd5b6fe

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:39 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: QscyV1FgxzY/qW+bRclDRfedL/54tK2ONLs2VP4ZY6hxYMrnb7NQnVlKDHsxt6z6VOv2zMuYskb+SkheON2t3A==
x-request-id: 9a4c3cb76e0c1013649c4c9ab92dd91d

GET
H2 200 519.c496cf5a.js Show response
www.cs88893.vip/js/ 228 KB
75 KB 573ms
564ms Script
application/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/519.c496cf5a.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: f2759c69c362dda622e87ee89b95fdc41d63acaa142f7a40ec834a4ded8f2698

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:39 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: yR1ukE/0jFDhkD2J/QFZSr3gwLFCp7GJtoqnClgk5EzHSgVMBfAVhRVQkpBMM6Z+2AazMKAXzKZkKWIWZfmxFA==
x-request-id: 9f4ae649a2937cb9ac8b8cdba77b280f

GET
H2 200 5266.e5a21b9d.js Show response
www.cs88893.vip/js/ 276 KB
114 KB 517ms
509ms Script
application/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/5266.e5a21b9d.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: ca777c73e2eb3dae51c1108197e612fea550cb29316a098763aedb3323fac410

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:39 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: n1k8wvHj4hmbRxKi4IfClxr5JNU0KUvX4ezZRdh/+kxMSo3Bu2XvU669K6HD0nVa5ZcpM7PQkWAI8PEhNh+ELQ==
x-request-id: 51df1aa8fc73ab7fe57dd13a565f876b

GET
H2 200 main-7aeafcb2.829475ac.js Show response
www.cs88893.vip/js/ 119 KB
34 KB 677ms
670ms Script
application/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/main-7aeafcb2.829475ac.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 10fed109b2d9128d8a8a0c87d54883995e0646e776992f6050ba91e2a84b1fa8

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:39 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: MgCaO+xrUHb1gBtW9r1bKGGxeDNICR95pMWGZ4oxmFyJ1OIID4f61n7uie3doY7ZxMgCkD9Yq+e5njTr8wtfxA==
x-request-id: 9df93e5f15c7c8d746e95c502aeca950

GET
H2 200 main-9bf88260.46322b5a.js Show response
www.cs88893.vip/js/ 244 KB
42 KB 700ms
693ms Script
application/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/main-9bf88260.46322b5a.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 3cd942f7971a53f8cb4504752d089ce5beca9759baa4c81cef6dbef2679e333b

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:39 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: PXa2v8o7j04XwGcRfYmjqGVHiJ0dEJio7YjDJ7WjJftKmEs7W7as3ZZbV62sVEGF5PYjeZcWvUqly6YJghpK8g==
x-request-id: d2d580876df5fdfdba143e33cc8b0f5f

GET
H2 200 main-0a037d97.a7b43e4a.js Show response
www.cs88893.vip/js/ 533 KB
162 KB 728ms
723ms Script
application/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/main-0a037d97.a7b43e4a.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 30461348ef42e64e298495b4a6ead22cc76577ccaafa594bced7367390fc28db

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:39 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: c2UUawzZ/42N64S/IsbSRtaoaT9CHjWQxjHb/z461anmGQu7n9FwZCnXnnsMJLwtLKeWh4/KEDqJ6l2yTbMnVQ==
x-request-id: 635db74e90a585da44dbcbba8b3ed0d2

GET
H2 200 main-7bd12dde.4005e706.js Show response
www.cs88893.vip/js/ 136 KB
34 KB 625ms
621ms Script
application/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/main-7bd12dde.4005e706.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6dc31db1b6306b910b2346a0c16184d47b5b77e33f8589e13042978b05b998a5

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:39 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: l6pOs3Npx85a1tcLBZ2sq1qMv1ljUzEw9NGfvaifT51CldUN7Mt64ridPPhkulMwtDYwO2PIMxMONlYNgwcjLw==
x-request-id: 66fcd8543c042f6b499dbee4b7080c93

GET
H2 200 main-ef7d455c.7f81cb1f.js Show response
www.cs88893.vip/js/ 242 KB
89 KB 705ms
702ms Script
application/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/register?i_code=7642670
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 0300e21ae42f546ef9e94f8503bbde3605b0ee270e6ec4296fdfc375205d16b4

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:39 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: VimCm+AmEoFljw+Kf4a0Jx79a1whihxjmyYE5gbNHZ6mdWxAa5cbGVePYpd5DMmOxRBT8h4cexeqjuOfI8eu7w==
x-request-id: 229c50786b493d856e2e9988164dc8be

GET
DATA 200
OK truncated
/ 56 KB
56 KB Other
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b2a56357dd060684534895ead31b8df2a8cc6aa9779e1bec986ff553a5b046e

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 favicon.ico
www.cs88893.vip/ 3 KB
1 KB 289ms
289ms Other
text/html 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

af485889cbff0e88d666630fb99e38aa1f1f1ccc462694d21b60416faef7fb7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
via: 1.1 google
vary: Accept-Encoding
x-cache: MISS
content-type: text/html
cache-control: max-age=1800
x-xss-protection: 1
jckl: iZ/g+CN0Q7sRiHGXAphjdLJQliPhrXRPgWnFv1kK6AZ4EGktVXmB0+kRzazHh1IWiQbZItLOzd/HTNV1CCpgVA==
x-request-id: 7559496c7c6ef109f75e1a72a0f45194

GET
H2 200 common_register.f2c2a8f9.css
www.cs88893.vip/css/ 31 KB
6 KB 296ms
296ms Stylesheet
text/css 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/css/common_register.f2c2a8f9.css
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/runtime.0719a37d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 203555ffec08c3e848a153ac668e70006a21c7882ba8dc81ebad78fa286281bb

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
cache-control: max-age=1800
alt_svc: clear
jckl: cjIl3Iq0swIdSVonvSVR6e2URmne30JWcLu5E83KFs8Ws5WXDp2byrm1gTPLe4sNGn/PEOUyWuC4mqRnyCteuw==
x-request-id: 000a231dea89a86e65030d89cb27309c

GET
H2 200 common_register.f2cfbff7.chunk.js Show response
www.cs88893.vip/js/ 117 KB
41 KB 312ms
312ms Script
application/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/common_register.f2cfbff7.chunk.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/runtime.0719a37d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e20e8c4aa29bfea5baa10090d4b905b9aa175fb6314adf0253417a5cf987a0f

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: vL/GfVF4d57E4dj1E78RfMQIZeX2KKDtEQJO+FWobJSUmbEU/reFGxEDyx3rIwsU6a8YVcGSCzBTC2ZnW0Bw7A==
x-request-id: 987de58f5934022ca8f3ade75527b0dd

POST
H2 200 rw5fdza5t7czu4zt2fggtwhao8jnwvhl Show response
www.cs88893.vip/scytale/ 336 B
486 B 317ms
316ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/rw5fdza5t7czu4zt2fggtwhao8jnwvhl

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

efcb3b7205a25b2b0c7432861519205679b4987d5fcaa18af57ef2d11331b7fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7642670%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A40.771Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *
content-length: 336
x-xss-protection: 1; mode=block, 1
jckl: OcRjHD1ptFeOF5+k530Cg42WN6q0knT8oYuaHM+G/ywYJ3pjZyy5zqDuWX++K2l8SgDULvuILA/6FyB086V7sA==
x-request-id: a59648d6336d7a928e0c7f4c1ce09095

POST
H2 200 lzffdzjk5jtvdsrqdupo4dvrcrvpdcgh Show response
www.cs88893.vip/scytale/ 2 KB
2 KB 309ms
308ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/lzffdzjk5jtvdsrqdupo4dvrcrvpdcgh

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

945864e51ed6f6c18020bf72e906cd2bef1ff8ff2da4ba92ff3a582a531af3f9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7642670%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A40.775Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: 3pyxD0HETKs7SqLzTFLl72vtDfqCqIWCwGAIsMM9eQfMN5zZ4N8SNmcbygXs6UjhVI1PL2kdbiZMzBS4zfh4Pg==
x-request-id: 33d3500410d252aa3ecd3180982a17c2
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *

POST
H2 200 dfffdzalbzpcfxjkcb54alq1y45wk4fr Show response
www.cs88893.vip/scytale/ 2 KB
2 KB 333ms
332ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/dfffdzalbzpcfxjkcb54alq1y45wk4fr

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

a328cbb6fe773c5f2fead8b9f0a16d946e0442611d53f4a59dac4d605bd9ff41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7642670%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A40.779Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: cmHgZw1X7rZDWecVf3Wqgj7wzEuQjt7x9tYUUFyHTBc8rSDfx91dPaK+8lohGA/lHRYWSdO7jVOhqmWmYzCyhA==
x-request-id: 945616b9b0bcbe54703ce6826c52db42
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *

POST
H2 200 atffdz8caalblchln11ezxbgncejhjrv Show response
www.cs88893.vip/scytale/ 1 KB
1 KB 315ms
313ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/atffdz8caalblchln11ezxbgncejhjrv

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

d3cc58dee3bc90d8bdf7708ae09bf4bede7da5a5572299021c4609b84a0cde10

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7642670%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A40.781Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: M3l5zkbDufTDxQx8yF4gpLu68iH5S+Z4peERwWpWCCdnUUhopAUr8YmA0O8yupLs4grm/JYutXZHgIRmDc3VNw==
x-request-id: c59819a71faa419924b459c476511e44
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *

POST
H2 200 jcffdz8e4md5yb1gyxotcde5xt5ete2i Show response
www.cs88893.vip/scytale/ 1 KB
1 KB 306ms
305ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/jcffdz8e4md5yb1gyxotcde5xt5ete2i

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

dc2929ecc40c8505b8b88b2e93b85864942d6d6f407cbb18690dc36e497cdf9e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7642670%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A40.783Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: M3rFKPYOi05RKGQBdtrO3izjrn3HqpRneYyMSBc0z20+i3sVLEen6K+a4jveTDh8yaCZc54la0qRT+JR+bo/GQ==
x-request-id: 47d4e594bf2b53378718c574a748f440
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *

POST
H2 200 j5ffdznxxahbmn7gspjnwhh2cawsz4j8 Show response
www.cs88893.vip/scytale/ 272 B
420 B 302ms
301ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/j5ffdznxxahbmn7gspjnwhh2cawsz4j8

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

65290ed85e77065a4923527505d05a63796a7066feeb9bcb2ad41a1a27042cd8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7642670%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A40.784Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *
content-length: 272
x-xss-protection: 1; mode=block, 1
jckl: dg5VagZJEdOSKDElKdyXqBJVm0uJX9zOH4oKukZrKwiWIn4OvLFBGbSnC/uhaie/wfiYoPSxrYFPCHtVi6G6zA==
x-request-id: 73e8fd93f9b24e3667d110c49c1dc71c

POST
H2 200 4af5dzchut4wrnaaclzbjuxcvpgkjthq Show response
www.cs88893.vip/scytale/ 608 B
765 B 313ms
312ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/4af5dzchut4wrnaaclzbjuxcvpgkjthq

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

47709c9787f68f4816bc0ae7f7325810b7969e09b22ed15fe42d8bef94f1f304

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7642670%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A40.786Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *
content-length: 608
x-xss-protection: 1; mode=block, 1
jckl: 15qRa809u+oWSl5jI8c1PaOAaJ2V2JtM3uRi1fZgOXe5YGmJqgN/gOzRHoD+xQgQEhElolOb6wMqBeSFf/Eo3g==
x-request-id: 24cd67fd2d8aa06c71fdaffc53c0217a

POST
H2 200 qtffdzcsljhjp1olgg2ijqkdhfzv1els Show response
www.cs88893.vip/scytale/ 304 B
461 B 314ms
313ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/qtffdzcsljhjp1olgg2ijqkdhfzv1els

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

3a4a42ddbdb0fff63f07473409c5178f39246057a141a506261c84a5e1724ab4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7642670%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A40.788Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *
content-length: 304
x-xss-protection: 1; mode=block, 1
jckl: dNxhJvabEHgUMPLRhUr8I7VVzIG+KaS0W1wMqrXMCeGuu7Hy0Nraix/nd1+j9Bp6reWMiKHcdZBkmVJpcB+2Fg==
x-request-id: fee2ce7b8aca10c5e40314078f8121f2

POST
H2 200 25ffdzroxvcq5esnop8eu1iev7fdijmn Show response
www.cs88893.vip/scytale/ 160 B
317 B 321ms
319ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/25ffdzroxvcq5esnop8eu1iev7fdijmn

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

b7e24335d857ccf890ad63166b661a256e60339b79d656ce64d56f1f65999851

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7642670%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A40.789Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *
content-length: 160
x-xss-protection: 1; mode=block, 1
jckl: Wfn+uY4fiYdsmZIeCyt13JlrxrD5Vs4cNrDnX8WQ0oGpQmmKVIQ7qPTin6zNUGjaOX0zoE+bK2yVrDKVeM9PIg==
x-request-id: 7d24ada28f1959e726f3734f0dc175e3

POST
H2 200 blffdz4yxfhgmoegm8zsyrfpg1m4ow4v Show response
www.cs88893.vip/scytale/ 856 B
1014 B 315ms
314ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/blffdz4yxfhgmoegm8zsyrfpg1m4ow4v

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

a51a19a932c307ee0fb795ca9018601d9325a7b301141c651375e710508abb7b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7642670%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A40.777Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *
content-length: 856
x-xss-protection: 1; mode=block, 1
jckl: WsMHqgjwpWb8ljbKQWictlW1V99Au/JjcTBuNKnFt+a4WBzw+tQNeklOAkkFl/3BWQem4A8W+jJhVjlYEn5FOQ==
x-request-id: a9d47e5efe369c260fadf722d124398b

POST
H2 200 45ffdzjr7e27qgicecajpg5e1irvddsl Show response
www.cs88893.vip/scytale/ 664 B
822 B 317ms
316ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/45ffdzjr7e27qgicecajpg5e1irvddsl

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

e3790f98e4954e0100c59bd37e924399342a9df78f6f4350704558c7e4cf8ee4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7642670%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A40.782Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *
content-length: 664
x-xss-protection: 1; mode=block, 1
jckl: 4YLMjrN1dQOkq6LICCW094NBGVZzktMeeyvZCqJyTE6g7MSBQKdzPit8bsOR0Qn73n4GpThhrKqqjopZW+UaYw==
x-request-id: 5d20a4a6b810d4ef01cede7e3914e0ed

POST
H2 200 qfffdzcwvp5wyc7mas887ski7ay7haok Show response
www.cs88893.vip/scytale/ 11 KB
11 KB 365ms
364ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/qfffdzcwvp5wyc7mas887ski7ay7haok

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

a5e162c1ed4782c0de381095857272c33d85d2d8708343a857d1e3bbdc26a2fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7642670%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A40.783Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: KWI9OArhG2G1LnM4jg76wrNchHgpT+gCadWs+Sij96wPFSpTZcpA5Jjyk6vJTk5YYCTUeKU/AS/wJwDYKTJFOg==
x-request-id: 6859ae9f920bb694249b8c9aa296f47b
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *
opt_uuid: 7bffd275-8197-4e4a-8931-46cb4504a979

POST
H2 200 qtffdza7psyhu1eyo8wsx71hi5dv7dos Show response
www.cs88893.vip/scytale/ 5 KB
5 KB 321ms
320ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/qtffdza7psyhu1eyo8wsx71hi5dv7dos

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

610b394668201ed51a9e53fd7af6e0ae487f4b0ed387eb8fff6de4efb4b0019e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fregister%3Fi_code%3D7642670%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A40.790Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: aVGE+fic7yg6d2UARJy/x+lSu74D+e3GJHUO39VOcqKUspX3ucKPQ7eTMB1GIBTNGq83qlv4yxH5YfUq+JFtdQ==
x-request-id: 5c579ede5d6d52c2e8636687f8e7c1f3
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *

GET
H2 200 411ac57fd44b48efa23895d0a60a94f7.png
ktpbds.aratalife.com/clientManage/ 2 KB
2 KB 117ms
18ms Other
image/png 128.1.77.227
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://ktpbds.aratalife.com/clientManage/411ac57fd44b48efa23895d0a60a94f7.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.77.227 Paris, France, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: nginx /
Resource Hash: ad70f9ea295ae9a516aec36dd38c950f959e967641dfc07240c75088debc8a33

Request headers

Referer: https://www.cs88893.vip:30050/register?i_code=7642670
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
last-modified: Sun, 14 Jan 2024 06:07:57 GMT
server: nginx
ips-gateway-cache: HIT
etag: "65a37a3d-6de"
ips-server-id: 0
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1758
x-ser: BC114_US-Washington-seattle-1-cache-6, BC232_FR-Paris-Paris-3-cache-1

POST
H2 200 l5afdznn8yzg8nqtjbcsxthhfbv41gjl Show response
www.cs88893.vip/scytale/ 2 KB
2 KB 310ms
309ms XHR
image/jpeg 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/l5afdznn8yzg8nqtjbcsxthhfbv41gjl

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

158c6365c61615cd8ef353bdabfa294eb2b4f8cf5523f5b5ef984ab56182a539

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A41.214Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 2003
x-xss-protection: 1; mode=block, 1
jckl: QtHtnNXVmSdSizvQktnDuFPKGolQ0r20+hA16kKpktLx5yZ7LtQAxYZiPLiPDD3mFHSX4Q46tbDPzQRaHUBkgw==
x-request-id: 308248c49b9811f503eb1274469f3913
pragma: no-cache
server: nginx
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 common_Entry.7c05e446.css
www.cs88893.vip/css/ 59 KB
11 KB 307ms
307ms Stylesheet
text/css 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/css/common_Entry.7c05e446.css
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/runtime.0719a37d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 8159be6f2546ec08a0a52d28ce7f209df6863db2a276d73d30e2a16a92718fad

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
cache-control: max-age=1800
alt_svc: clear
jckl: XAyTOuQ70WpONuiGPwtJgYCaVMRu3mfHctc7AtLvIAkDAdMk2IiV/tY5x6MqwXSW/kBOcEeeZTMGo2A3Lvfbbg==
x-request-id: 6e80df6cdc6e6de4e16de1a94849edec

GET
H2 200 common_Entry.f97ed464.chunk.js Show response
www.cs88893.vip/js/ 141 KB
47 KB 292ms
292ms Script
application/javascript 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/js/common_Entry.f97ed464.chunk.js
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/runtime.0719a37d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e4dbe4b1d887df8bd081f46ac32dd9fa982c5b6fec2ef1abab839589bb77d40

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: JvD0bTqBSXEPtLP8Rrr0jP5krpMqWSSi9q/Im3kwUo3gPKiPegq+FV9IqWO0SmF2OKbkGU1qoHXL3bYNwfLSvA==
x-request-id: 4b9e3ef72683a632f309c10898eb8938

GET
H2 200 login_bg.6b769804579d3f1e7f0411f8dea37746.webp
www.cs88893.vip/assets/commons/images/logoEntry/ 62 KB
63 KB 298ms
297ms Image
image/webp 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/commons/images/logoEntry/login_bg.6b769804579d3f1e7f0411f8dea37746.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e592a3b50a944af8840239582a05f8ecbd24a3dea7b1e37858e81eca123c24b

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:19 GMT
server: nginx
etag: "66a0e02b-f98a"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 63882
jckl: fKjvfdfNnQJJHGgvvRbndoHOKuOKCGE3Nf0s2YN9X7NSl50MzEkXBj8jb6xQOTaPCiFW38oLOeLwSN2MftjZXQ==
x-request-id: 29689b4a4662e56e64d2407a024d8bac

GET
H2 200 icon_sms_code.9bc72747b7541ead2f1472623d54de5f.webp
www.cs88893.vip/assets/commons/images/logoEntry/ 524 B
696 B 295ms
295ms Image
image/webp 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/commons/images/logoEntry/icon_sms_code.9bc72747b7541ead2f1472623d54de5f.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 150dde236a6b01b81701896d40b431dcc64ddf5ce651bed69fd316af968da9d0

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:19 GMT
server: nginx
etag: "66a0e02b-20c"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 524
jckl: iYmFh1lx4ruHcoVQtT/WixTjpEbzZFP0GYCzf1UvOPh82eQk1LUEhYzK/INc0DlSpQqiAcUrXDlWGs75SE10nw==
x-request-id: 86e71dcb731e36f7ae59f7ffac1b4e92

GET
H2 200 login_icon_fastverification.4a9726458b0226bac917598d45fff4dc.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 1 KB
2 KB 292ms
292ms Image
image/webp 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_icon_fastverification.4a9726458b0226bac917598d45fff4dc.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 61f455e6e737926398d4a92aa6f535998a0637f5e1eff502ab8ddd194e7cc9ca

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:19 GMT
server: nginx
etag: "66a0e02b-57c"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 1404
jckl: 1KfREGEuAQW6x5oDvp9d+iFjQ3xfXXu3E6PkmI09+TA/Xhob+OJ6A2NypbgFcM/EJqwe5cY9I6gTmSsv/Mi6Cg==
x-request-id: 3e877034b1a0fee07fc7293b96a0d589

GET
H2 200 411ac57fd44b48efa23895d0a60a94f7.png
ktpbds.aratalife.com/clientManage/ 2 KB
0 74ms
74ms Other
image/png 128.1.77.227
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://ktpbds.aratalife.com/clientManage/411ac57fd44b48efa23895d0a60a94f7.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.77.227 Paris, France, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: nginx /
Resource Hash: ad70f9ea295ae9a516aec36dd38c950f959e967641dfc07240c75088debc8a33

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
last-modified: Sun, 14 Jan 2024 06:07:57 GMT
server: nginx
ips-gateway-cache: HIT
etag: "65a37a3d-6de"
ips-server-id: 0
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1758
x-ser: BC114_US-Washington-seattle-1-cache-6, BC232_FR-Paris-Paris-3-cache-1

POST
H2 200 jtafdzqcwpz58wmw1741ptluwbjhof5f Show response
www.cs88893.vip/scytale/ 336 B
493 B 307ms
306ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/jtafdzqcwpz58wmw1741ptluwbjhof5f

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

17cd1ec140e88f3009b771c8b104389fb0b5bdf0acf80fe7acc5013c291a74de

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A41.212Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *
content-length: 336
x-xss-protection: 1; mode=block, 1
jckl: iFzsDGl5FQnvZBxaAZfqSRGTPjzyFh3F9mj333y+soxo7CS57+KMCqE1GShaujTN9qFQoomOTLo4za+DoW8hxQ==
x-request-id: 28d1b6f282bf33c2d30727de67f92bac

POST
H2 200 j5afdzc2rbvelcetbx1l1m5lz4fsyetx Show response
www.cs88893.vip/scytale/ 288 B
446 B 306ms
304ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/j5afdzc2rbvelcetbx1l1m5lz4fsyetx

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

0881778b2d509976c592bb3333964192a460518ee7ed67f1ff2d1cfa9e9792a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A41.213Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002739
access-control-allow-headers: *
content-length: 288
x-xss-protection: 1; mode=block, 1
jckl: BUnIvmRwkHTU2EENVBoycsTBkytP8qftmOhSqK8+2Ia2j4QU8qFY2aXIxUopvtut9VKFayTNU5o4SXYUiRseaA==
x-request-id: 28843189df391bbee9f3807cf5a3ce4d

POST
H2 200 xf8fdzqyzlvc2qm4sphev21mhnkuwc2m Show response
www.cs88893.vip/scytale/ 144 B
295 B 296ms
295ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/xf8fdzqyzlvc2qm4sphev21mhnkuwc2m

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

79f922cf94cb9f899bc5fc8634e06c8a2b760e62e0a9a73b94c78d021e5b6e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
scytale: ]7/jv\E4?405%72[9+Qxxd@&>~3Y?)8#9b\/xI0ChQ!#l3U&\5xYf2C8AI;t{[U$Mb3pnz>j)3*r0z?8=r004_{2_&&5hd?~6/,IU\4&[zC
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 144
jckl: xoSVbMZpxGSgfGyN+KOMSnjKQ7PYOrlBkJtWrpSaDboPBlqrHq2sIvOHitqnVR3cy9be9aAaQ9U1awozcVEieQ==
x-xss-protection: 1
x-request-id: 5f530d8c321b0854119eb391c0e9f959

GET
H2 200 login_icon_username.85cc6929135be70e3f7a9a5ac5c7332b.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 1 KB
1 KB 289ms
288ms Image
image/webp 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_icon_username.85cc6929135be70e3f7a9a5ac5c7332b.webp
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/css/common_Entry.7c05e446.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 02823bdab5bfe29d049fe39d47f80a5da001ef4bc69ab47781d66606a2d404ea

Request headers

Referer: https://www.cs88893.vip:30050/css/common_Entry.7c05e446.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:19 GMT
server: nginx
etag: "66a0e02b-458"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 1112
jckl: RActsvUfu2ap2QfdMYaobge56gzLYPFiIdwepIiDTXodn4osL5cOIcnQO9hUoko6/txsvD0U3ui9DJuCfrC1fg==
x-request-id: 9b8b6d3bfed1f4f29dc82a7f23af66a3

GET
H2 200 login_userpassword_icon.63fcffa657bba9aaafd2d599c3c7ae78.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 1 KB
1 KB 288ms
287ms Image
image/webp 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_userpassword_icon.63fcffa657bba9aaafd2d599c3c7ae78.webp
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/css/common_Entry.7c05e446.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: b98bb3be5e7f26c8f63b9be071790237e0d7602db03c55e0d9415ea5c800ae25

Request headers

Referer: https://www.cs88893.vip:30050/css/common_Entry.7c05e446.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:19 GMT
server: nginx
etag: "66a0e02b-490"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 1168
jckl: wLLah3/9yv9L8B/UZ146ersAyr2jHClM5RYG4FCPoTXY0yivabu8jeDoTAbKdjCRFWQe/uHnvZOQoDne/okDnw==
x-request-id: b9b161f650364b07a127d7683a8f9327

GET
H2 200 login_icon_checkbox_select.3cc75b6c459ca2ecf362681d6aa54b13.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 312 B
482 B 290ms
290ms Image
image/webp 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_icon_checkbox_select.3cc75b6c459ca2ecf362681d6aa54b13.webp
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/css/common_Entry.7c05e446.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ef8eaa121b0e7ebac863bfbd2fceebcabd090f76ac2cffc2e7fc828b5b29a9c

Request headers

Referer: https://www.cs88893.vip:30050/css/common_Entry.7c05e446.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:19 GMT
server: nginx
etag: "66a0e02b-138"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 312
jckl: MiMGXr20ikPIm+aqhIIGD4OhydoP8/xKJOI0ERI5DnqtmtVU8FQ62iHk+/w8V9SmIX+tOPBOYplpOuK2v9ruyw==
x-request-id: 26fcfd34e59220b0291b39cbcef5b1cc

GET
H2 200 entry_submit_bg.5d1eb1ec99c8ac75983e4696baf9f121.webp
www.cs88893.vip/assets/frostedPurple2/colorSystem/purple/logoEntry/ 2 KB
2 KB 295ms
294ms Image
image/webp 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/colorSystem/purple/logoEntry/entry_submit_bg.5d1eb1ec99c8ac75983e4696baf9f121.webp
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/css/common_Entry.7c05e446.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f687fd3366f6b6d9054fa2c6dbc147d13df541d7cc30bfee041bb8bbc468cc4

Request headers

Referer: https://www.cs88893.vip:30050/css/common_Entry.7c05e446.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:18 GMT
server: nginx
etag: "66a0e02a-7b8"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 1976
jckl: EbqL7DyHKZYzK27ACKsFtJhhw07PnMUdvK4R3pz0WoyLyIZ5jZlua61gzxAR9KyFbGVrPY+DaNViZ+IhN3/nOA==
x-request-id: de17ee6405c8fa9115f08cf67403bb45

GET
H2 200 DINPro-Medium.otf
www.cs88893.vip/font/ 138 KB
138 KB 290ms
289ms Font
application/octet-stream 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cs88893.vip:30050/font/DINPro-Medium.otf
Requested by: Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/css/main-e96e9bea.0536733f.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 67f71fdc0019df2b77da656b6eb4fbae4d30dfbdeac0c6c71e87449754fe4caf

Request headers

Referer: https://www.cs88893.vip:30050/css/main-e96e9bea.0536733f.css
Origin: https://www.cs88893.vip:30050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:07:06 GMT
server: nginx
etag: "66a0e05a-22610"
content-type: application/octet-stream
cache-control: max-age=0,no-cache,no-store
alt_svc: clear
accept-ranges: bytes
content-length: 140816
jckl: XacuZCvZjrjg8GG8v3jY1vmfPJkGF75zc6WaQmKLLJ9zjxWHSJp12U/6O6MFl7klU6DxYmdY+k9cd8pB4IQjTA==
x-request-id: be42aba31402beadce789fc5ac702036

POST
H2 200 jcafdz8u5h8d1e218rfgxjkh8xuqto1t Show response
www.cs88893.vip/scytale/ 2 KB
2 KB 315ms
314ms XHR
image/jpeg 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/jcafdz8u5h8d1e218rfgxjkh8xuqto1t

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

f1335618fbc1e53f96c379bd93c33e9b39e319ff06b3aa438924c11d7f37ab5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A41.567Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 2102
x-xss-protection: 1; mode=block, 1
jckl: gRXVLFFNoKnrsTmTQkP6f6Yfgp21T7oGVJHVgyO3EWqpF7bWQUwcDeiY9KACYDxW566zGcmjWL3z1xJbxdw7vA==
x-request-id: 74b01889f883fe463218da1ae46fe14b
pragma: no-cache
server: nginx
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 login_bg_webp-ignore.3d4a9378e950727b663a1b3df3f6adb0.png
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 783 KB
784 KB 312ms
310ms Image
image/png 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_bg_webp-ignore.3d4a9378e950727b663a1b3df3f6adb0.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 723db99edebfb69633d97bc64a2da1fb8b60275676547b5ab9b44753fa2b2436

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:19 GMT
server: nginx
etag: "66a0e02b-c3b13"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 801555
jckl: ypvfQtSckpfSSVAwXJnvCkcgLEPbCqYBX4ueBPeumcBHjzTWegoHRo3F7ThJTZdwaMpkJZjpJYjxWngkyV/TLA==
x-request-id: 15b356a37dc4f8d78cc89580a98d6c83

GET
H2 200 4e7d2d5657aa462d9c63c0c065c54a05.png
ktpbds.aratalife.com/clientManage/ 9 KB
9 KB 19ms
16ms Image
image/png 128.1.77.227
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktpbds.aratalife.com/clientManage/4e7d2d5657aa462d9c63c0c065c54a05.png?x-oss-process=image/format,webp/quality,q_90
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.77.227 Paris, France, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7258556df9f822332791e4efcba6808c4d909b631c9a5d81d41615acd6597e49

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
ips-gateway: TRUE
server: nginx
ips-server-id: 0
access-control-allow-origin: *
content-type: image/png
content-length: 9306
x-ser: BC112_US-Washington-seattle-1-cache-6, BC227_FR-Paris-Paris-3-cache-1

GET
H2 200 login_icon_loginRegis.4f695a5ee539f9a4c4341168c4de628e.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 908 B
1 KB 289ms
287ms Image
image/webp 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_icon_loginRegis.4f695a5ee539f9a4c4341168c4de628e.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: d58dd15b6caadcdbb4649a02ff4228bbee7c8c1e5862773d8ee0b7941ae6da0c

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:19 GMT
server: nginx
etag: "66a0e02b-38c"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 908
jckl: KlbOdkiZVPlCiDAqUyTDET6rDgTVbwDWa07VzK295y4ZXgehvdpYSDQYUbHBUjPTamv+x3yyzNpCg5STpLup7g==
x-request-id: 688fbd505419374c0c9f29388ac5d16b

GET
H2 200 login_icon_guest.a448f513227c6a5223e83b7d01800e16.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 726 B
894 B 294ms
292ms Image
image/webp 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_icon_guest.a448f513227c6a5223e83b7d01800e16.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: d542938b04c27ab5e23d45f9c22fa620a5ea1c54adae3d6c2ce8b37c966cf895

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:19 GMT
server: nginx
etag: "66a0e02b-2d6"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 726
jckl: gDI4v8aQhtBey1Wqt733LHJhvpLV9hUNxgC/jT/flkpeaJgoimoVfIs/1Ad21RiyHfjhOY6bIuxRxjs2yuh/ag==
x-request-id: c627a7b8cfc5739a6ef13e2fba41b4c4

GET
H2 200 login_icon_service_while.4f2c6901631b63d18dba27ce7ddcb5ae.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 768 B
942 B 305ms
303ms Image
image/webp 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/login_icon_service_while.4f2c6901631b63d18dba27ce7ddcb5ae.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 15eb607baa9a4b2ef861e1243e39e0c586662993c23b771cace28b1fbff4a6c6

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:19 GMT
server: nginx
etag: "66a0e02b-300"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 768
jckl: MdZVzuujmTNQJhCIenKRUfVsN0Ztls4WG83LWogfu0YN3tNt2x9RCzUmo/8S0NruG0jf2YXjix6OkM4BSS3EpA==
x-request-id: a4b52327d848d07e89d10fc47f2a2f68

GET
H2 200 icon_phone.1b4034eb56c45c6154722098dfd7d9ea.webp
www.cs88893.vip/assets/commons/images/logoEntry/ 422 B
592 B 298ms
296ms Image
image/webp 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/commons/images/logoEntry/icon_phone.1b4034eb56c45c6154722098dfd7d9ea.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aef37bfecf224bf0fdf186d3240e8f9bf62782ff4c4cbf3659e1f9196675320

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:19 GMT
server: nginx
etag: "66a0e02b-1a6"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 422
jckl: m3u+HdYWBFOG0Yrugpo+4YS8njafO8u9ozcG8mQtin0hNpcadeqbKwxjV/+DBdkpgqzWV/9oDuNCQICM/ufdKA==
x-request-id: e3215f3830685e0a661bbdf110c269f2

GET
H2 200 icon_sms_code.d7ae69737c162c2878bdaac0b57100e6.webp
www.cs88893.vip/assets/frostedPurple2/global/logoEntry/ 968 B
1 KB 303ms
301ms Image
image/webp 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/frostedPurple2/global/logoEntry/icon_sms_code.d7ae69737c162c2878bdaac0b57100e6.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bfbc9f45626512fa80e3e04416ff89e2ed5bfacf553162b7660748ea314b546

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:19 GMT
server: nginx
etag: "66a0e02b-3c8"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 968
jckl: Cc18zm3FVHkBp/dd0wt7cP1Ge4YGZK+iG5R5Uckg2pgQb8TcX6/kVQRd6uP6//nEq8vvgxbmhU9GqFYYoAmQCw==
x-request-id: bf1ac4e87024afd35df738ce90e06b77

GET
H2 200 login_icon_service_black.37a97d80c43dfec385b079089654d860.webp
www.cs88893.vip/assets/commons/images/logoEntry/ 444 B
617 B 298ms
297ms Image
image/webp 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cs88893.vip:30050/assets/commons/images/logoEntry/login_icon_service_black.37a97d80c43dfec385b079089654d860.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 188d90ad58d8c4a0969583fe14d10be202321a6f96c071c8295afbe80d30386f

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
via: 1.1 google
last-modified: Wed, 24 Jul 2024 11:06:19 GMT
server: nginx
etag: "66a0e02b-1bc"
x-cache: MISS
content-type: image/webp
cache-control: max-age=1800
alt_svc: clear
accept-ranges: bytes
content-length: 444
jckl: NHjy7GWVmTeBdKzuH4+URIJFJUPcru5RvIXko+VQEqQWN1Xt97z9I2lz1sLkd0rIfNzE/q9PEp3WXNC3IAQasQ==
x-request-id: 627ee910563c3796a9dca7f13557edde

POST
H2 200 vaafdzjjpz7eld8vu1ywyin2yqfpunal Show response
www.cs88893.vip/scytale/ 336 B
531 B 301ms
300ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/vaafdzjjpz7eld8vu1ywyin2yqfpunal

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

93c81b620fc0fad38b63c68eebd9bee485c233c616a08258df7e201b2923bb62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A41.566Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002740
access-control-allow-headers: *
content-length: 336
x-xss-protection: 1; mode=block, 1
jckl: cmfDTMi4G8EfiFy2dntPvyzNW6PbepVy6NzihDVYBBspRhVu4uf/r2LyyDNHqbk7WqiMNNwq5DqIG7djdUnNGA==
x-request-id: 3c5cd97da21c0a69a6fd5f3e19eb0d51

POST
H2 200 owafdzat7azlmey2vtcyydglg8qkzndk Show response
www.cs88893.vip/scytale/ 288 B
517 B 301ms
300ms XHR
application/scytale 172.65.176.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cs88893.vip:30050/scytale/owafdzat7azlmey2vtcyydglg8qkzndk

Requested by

Host: www.cs88893.vip
URL: https://www.cs88893.vip:30050/js/main-ef7d455c.7f81cb1f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.65.176.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

d06f22611cc2795b16efa8ceb7eb32318d88a34223bb79ad9c56eb8f25e6301c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.cs88893.vip:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.cs88893.vip%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F24%2019%3A04%3A07%EF%BC%8Cbranch%3A%20hotfix%2F240725%2C%20commitId%3Ae001485b5e0094c302f896d509e209e175e1d42b%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20purple%EF%BC%8CsiteId%3A%205326%22%2C%22rlt%22%3A%222024-07-26T14%3A05%3A41.566Z%22%2C%22slt%22%3A%222024-07-26T14%3A05%3A40.722Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2226%2FJul%2F2024%3A16%3A05%3A39%20%2B0200%22%2C%22timestamp%22%3A1722002739%7D%2C%22diff%22%3A-1722%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Fri, 26 Jul 2024 14:05:41 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1722002740
access-control-allow-headers: *
content-length: 288
x-xss-protection: 1; mode=block, 1
jckl: qi4odi9F5upJ0MXuZyZHESvfsd88TiC+oCc4opBoFCsIzhAe+X3ouS8a900WAFI9fCdsCFkefPjUL1lDruyUTg==
x-request-id: f8f2c54859afe3bc16b46ea252080488

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cs127.cc/	1969-12-31 23:59:59	Name: https_waf_cookie Value: 100dc162-f0e7-45016fdefb1f51235d1a5a1973a7944615a6
cs127.cc/	1970-01-20 22:20:04	Name: acw_tc Value: ac11000117220027370375507e0087c39ddd48b6cb36cc146b5a8de56cf132
www.cs88893.vip/	1969-12-31 23:59:59	Name: https_waf_cookie Value: 9f36deca-0c88-4ed854014164caf9d40de8910eb53724d6fe
www.cs88893.vip/	1970-01-20 22:20:04	Name: acw_tc Value: ac11000117220027388185337e00877c3bf3235f36a345a7e606b27c200a95

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.cs88893.vip:30050/entry/register Message: [DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://www.cs88893.vip:30050/entry/register Message: [DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cs127.cc
ktpbds.aratalife.com
www.cs88893.vip
128.1.77.227
172.65.176.239
65.181.133.170
02823bdab5bfe29d049fe39d47f80a5da001ef4bc69ab47781d66606a2d404ea
0300e21ae42f546ef9e94f8503bbde3605b0ee270e6ec4296fdfc375205d16b4
0881778b2d509976c592bb3333964192a460518ee7ed67f1ff2d1cfa9e9792a1
0e28d9ad432984c09a517fc86d20fe65f9733446647d7ce0394a4f077bd5b6fe
10fed109b2d9128d8a8a0c87d54883995e0646e776992f6050ba91e2a84b1fa8
150dde236a6b01b81701896d40b431dcc64ddf5ce651bed69fd316af968da9d0
158c6365c61615cd8ef353bdabfa294eb2b4f8cf5523f5b5ef984ab56182a539
15eb607baa9a4b2ef861e1243e39e0c586662993c23b771cace28b1fbff4a6c6
17cd1ec140e88f3009b771c8b104389fb0b5bdf0acf80fe7acc5013c291a74de
188d90ad58d8c4a0969583fe14d10be202321a6f96c071c8295afbe80d30386f
1e4dbe4b1d887df8bd081f46ac32dd9fa982c5b6fec2ef1abab839589bb77d40
203555ffec08c3e848a153ac668e70006a21c7882ba8dc81ebad78fa286281bb
30461348ef42e64e298495b4a6ead22cc76577ccaafa594bced7367390fc28db
3a4a42ddbdb0fff63f07473409c5178f39246057a141a506261c84a5e1724ab4
3cd942f7971a53f8cb4504752d089ce5beca9759baa4c81cef6dbef2679e333b
47709c9787f68f4816bc0ae7f7325810b7969e09b22ed15fe42d8bef94f1f304
4b2a56357dd060684534895ead31b8df2a8cc6aa9779e1bec986ff553a5b046e
5633e5a9438969bcf1d2d0a1bc1ce77193d3846e1d51049039b46484bee05c54
5ef8eaa121b0e7ebac863bfbd2fceebcabd090f76ac2cffc2e7fc828b5b29a9c
610b394668201ed51a9e53fd7af6e0ae487f4b0ed387eb8fff6de4efb4b0019e
61f455e6e737926398d4a92aa6f535998a0637f5e1eff502ab8ddd194e7cc9ca
65290ed85e77065a4923527505d05a63796a7066feeb9bcb2ad41a1a27042cd8
67f71fdc0019df2b77da656b6eb4fbae4d30dfbdeac0c6c71e87449754fe4caf
6ad938eec1af8524b572ff09bd9f62eda9c1538464fa8f95ac16d26041e2e593
6aef37bfecf224bf0fdf186d3240e8f9bf62782ff4c4cbf3659e1f9196675320
6dc31db1b6306b910b2346a0c16184d47b5b77e33f8589e13042978b05b998a5
6e592a3b50a944af8840239582a05f8ecbd24a3dea7b1e37858e81eca123c24b
723db99edebfb69633d97bc64a2da1fb8b60275676547b5ab9b44753fa2b2436
7258556df9f822332791e4efcba6808c4d909b631c9a5d81d41615acd6597e49
79f922cf94cb9f899bc5fc8634e06c8a2b760e62e0a9a73b94c78d021e5b6e5d
7bfbc9f45626512fa80e3e04416ff89e2ed5bfacf553162b7660748ea314b546
8159be6f2546ec08a0a52d28ce7f209df6863db2a276d73d30e2a16a92718fad
88c9b0c3ee19611b8c2bad71eaf125374182369c00859e77d0d9bbc5de836c6d
8f687fd3366f6b6d9054fa2c6dbc147d13df541d7cc30bfee041bb8bbc468cc4
8f839a8353a4058ae8d82ddb2e4abbddc50974492865f64fd073c1065e3102c8
93c81b620fc0fad38b63c68eebd9bee485c233c616a08258df7e201b2923bb62
945864e51ed6f6c18020bf72e906cd2bef1ff8ff2da4ba92ff3a582a531af3f9
9e20e8c4aa29bfea5baa10090d4b905b9aa175fb6314adf0253417a5cf987a0f
a328cbb6fe773c5f2fead8b9f0a16d946e0442611d53f4a59dac4d605bd9ff41
a51a19a932c307ee0fb795ca9018601d9325a7b301141c651375e710508abb7b
a5e162c1ed4782c0de381095857272c33d85d2d8708343a857d1e3bbdc26a2fc
aabe04af1d3bad21cfd95361b00df774b422a8ab4ec61412a546f5691ee5e4d6
ad70f9ea295ae9a516aec36dd38c950f959e967641dfc07240c75088debc8a33
af485889cbff0e88d666630fb99e38aa1f1f1ccc462694d21b60416faef7fb7a
b7e24335d857ccf890ad63166b661a256e60339b79d656ce64d56f1f65999851
b98bb3be5e7f26c8f63b9be071790237e0d7602db03c55e0d9415ea5c800ae25
bd2c1f4b6a801ede5a3d9a556201ee0cd6dcb29bb9c2415646d4379c96dd6bb9
ca777c73e2eb3dae51c1108197e612fea550cb29316a098763aedb3323fac410
d06f22611cc2795b16efa8ceb7eb32318d88a34223bb79ad9c56eb8f25e6301c
d3cc58dee3bc90d8bdf7708ae09bf4bede7da5a5572299021c4609b84a0cde10
d542938b04c27ab5e23d45f9c22fa620a5ea1c54adae3d6c2ce8b37c966cf895
d58dd15b6caadcdbb4649a02ff4228bbee7c8c1e5862773d8ee0b7941ae6da0c
dc2929ecc40c8505b8b88b2e93b85864942d6d6f407cbb18690dc36e497cdf9e
e3790f98e4954e0100c59bd37e924399342a9df78f6f4350704558c7e4cf8ee4
efcb3b7205a25b2b0c7432861519205679b4987d5fcaa18af57ef2d11331b7fd
f1335618fbc1e53f96c379bd93c33e9b39e319ff06b3aa438924c11d7f37ab5c
f2759c69c362dda622e87ee89b95fdc41d63acaa142f7a40ec834a4ded8f2698

www.cs88893.vip Open in urlscan Pro 172.65.176.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

58 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

2207 kBTransfer

4604 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cs88893.vip Open in urlscan Pro
172.65.176.239 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2207 kB
Transfer

4604 kB
Size

4
Cookies

58 HTTP transactions
1 data transactions