www.by3933.com Open in urlscan Pro
2606:4700:90:0:278e:685b:5466:ce8e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://by1899.vip/
Effective URL:
https://www.by3933.com:30050/register?i_code=7508008
Submission: On July 21 via api (July 21st 2024, 5:57:34 pm UTC) from BE — Scanned from DE

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 57 HTTP transactions. The main IP is 2606:4700:90:0:278e:685b:5466:ce8e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.by3933.com.
TLS certificate: Issued by R10 on June 11th 2024. Valid for: 3 months.

This is the only time www.by3933.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	38.47.158.106 38.47.158.106	147019 (HHLJ-AS-A...) (HHLJ-AS-AP jiii)
55	2606:4700:90:... 2606:4700:90:0:278e:685b:5466:ce8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	128.1.77.232 128.1.77.232	21859 (ZEN-ECN) (ZEN-ECN)
57	3

1 38.47.158.106 (United States) 1 redirects

ASN147019 (HHLJ-AS-AP jiii, HK)

by1899.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2606:4700:90:0:278e:685b:5466:ce8e (United States)

ASN13335 (CLOUDFLARENET, US)

www.by3933.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 128.1.77.232 (Paris, France)

ASN21859 (ZEN-ECN, US)

ktpbds.aratalife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	by3933.com www.by3933.com	2 MB
2	aratalife.com ktpbds.aratalife.com — Cisco Umbrella Rank: 972928	14 KB
1	by1899.vip 1 redirects by1899.vip	495 B
57	3

	Domain	Requested by
55	www.by3933.com	www.by3933.com
2	ktpbds.aratalife.com
1	by1899.vip	1 redirects
57	3

This site contains no links.

Subject Issuer	Validity	Valid
www.by3933.com R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
ktpbds.aratalife.com Certum Domain Validation CA SHA2	`2024-04-30` - `2025-04-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.by3933.com:30050/register?i_code=7508008
Frame ID: F135F6FA2235B978346DF300745527D9
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

博业体育官网

Page URL History Show full URLs

https://by1899.vip/ HTTP 302
https://www.by3933.com:30050/register?i_code=7508008 Page URL

Page Statistics

57
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2216 kB
Transfer

4667 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://by1899.vip/ HTTP 302
https://www.by3933.com:30050/register?i_code=7508008 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request register Show response
www.by3933.com/
Redirect Chain

https://by1899.vip/
https://www.by3933.com:30050/register?i_code=7508008

3 KB
2 KB

1129ms
240ms

Document
text/html

2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/register?i_code=7508008

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

67012f77fb4600612f981d1015623ba77990e4fd4bcee22af0905569ccd10b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 21 Jul 2024 17:57:27 GMT
jckl: C0EjS0VBADyl291zPmUMcp4WTbqRy+A5qqjW0KtxDS8ynSR7UFoIUcMU7tQMVqSrFVacfsne8lH2bM5nveI71g==
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-request-id: ad1b567c9d07a9a3b4215a7f10373429
x-xss-protection: 1

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 21 Jul 2024 17:57:26 GMT
jckl: BENGxA5lh5BFiu40Rin6rA5qkHpVXHf1DlpOOgpk5gC+088Czvyi/s+1qeN8HL4znBooDFoQsSPijCm515Ukqw==
location: https://www.by3933.com:30050/register?i_code=7508008
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
x-content-type-options: nosniff
x-request-id: bac92da324d8d69d8e2886e4d7bef712
x-xss-protection: 1

GET
H2 200 WaveIcon.ttf
www.by3933.com/font/ 43 KB
43 KB 315ms
314ms Font
application/octet-stream 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/font/WaveIcon.ttf
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 5633e5a9438969bcf1d2d0a1bc1ce77193d3846e1d51049039b46484bee05c54

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
Origin: https://www.by3933.com:30050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:28 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:19:20 GMT
server: nginx
etag: "66978c98-aa10"
x-cache: REVALIDATED
content-type: application/octet-stream
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 43536
jckl: CAEd5tUcMlDmJxd3wpyupEzydaH/bow+u/NGvFHgNIfrj3dBYH/xU6KbXRT08sP3EID3d7ZujPbis7qhRo013w==
x-request-id: 8d7c8c2ad59ed2ab8d34cb20d21a3fec

GET
H2 200 getNgServeTime Show response
www.by3933.com/diff/ 32 B
258 B 632ms
632ms Script
text/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/diff/getNgServeTime
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: e86b99e417fd6ca774d3fa6baff61ab59661839638f4db9c8dfa423f90e4f4cd

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jul 2024 17:57:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
jckl: vmoFBaMV2MZ5fqRZK+DgHoVrPqLopxj2VTFKuDcqEcILBCDxs/eu5cDgpB80lvj9OjY8GxuPYpmAugWxH8if9w==
x-request-id: 567684e6ab44af9c69e0ba6a9ae226f2
expires: 0

GET
H2 200 main-e96e9bea.41832fa9.css
www.by3933.com/css/ 78 KB
15 KB 630ms
630ms Stylesheet
text/css 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/css/main-e96e9bea.41832fa9.css
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: f49ebdc0a285cbbc0d5cb7fedc57f87be56affedc27c986ef55a7d38ee188f88

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: text/css
cache-control: max-age=1800
alt_svc: clear
jckl: x9O4B0ch3qKZsKxhyt5FpvD84V/90R8hxL7Szp3sH8dfAK5I9+kHDz32KlP8Ilf5vjPWhDdV+q9niPIEFp+TOg==
x-request-id: 987316690a452659ae4ed8ac83b92ca2

GET
H2 200 theme.config.js Show response
www.by3933.com/ 846 KB
261 KB 697ms
697ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/theme.config.js?240717171242

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

74cc6f13b1eb3449b2afececa50da12565a248bd0079c1b47cdb34cb0ee692d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:28 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
via: 1.1 google
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
x-xss-protection: 1
jckl: kSn7gm06y/t7Nj03Jodkf0b0qPqqCM3r1+h9kKATc6RpDi3n7hrkfwrifEbdLAuXSN26tHRbEMpuRgPghpm3Fw==
x-request-id: b7ba4f3639b81a29e506dd42398c8e99

GET
H2 200 runtime.82f95583.js Show response
www.by3933.com/js/ 11 KB
5 KB 537ms
535ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/runtime.82f95583.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 4968ec1e9e46700617dfbaeaf5b455de7fc5f3a3d80b2923a791c1187e59b106

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: PWVvDjX7QN1GEXCQpy2nLYvNRVTbR2SoRTkjlRK7EDtlv08u1SnzOUnrs0pzvLgCts/G0QF1vuhYvCNv92icPQ==
x-request-id: f0922c5831616957eae5a37bff045d48

GET
H2 200 2265.53bcef4d.js Show response
www.by3933.com/js/ 133 KB
43 KB 552ms
551ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/2265.53bcef4d.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ad938eec1af8524b572ff09bd9f62eda9c1538464fa8f95ac16d26041e2e593

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: UriLyjjbbJuJsJ8wCaAweyeqC9/X1sTV66cIIgBKkXXWOXPmd/K/o0DVuEZ+2eakVmGG7eV75lWma4Fx5pms+g==
x-request-id: 2399d0612526665df5e43db3593fbd16

GET
H2 200 5387.c3cbd39c.js Show response
www.by3933.com/js/ 266 KB
83 KB 631ms
630ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/5387.c3cbd39c.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e28d9ad432984c09a517fc86d20fe65f9733446647d7ce0394a4f077bd5b6fe

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: n/1xSToBfPcKEe/D9mnTnkA1ZP15EcJ8mYXT1i/I0jZTuakRNjWyN03hgYG6ZBmL/BqAGxwOPzby1JrbWgIAMQ==
x-request-id: 7ccd97c2037eab4280316b90db28088e

GET
H2 200 519.0ef8401a.js Show response
www.by3933.com/js/ 228 KB
75 KB 592ms
591ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/519.0ef8401a.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: f2759c69c362dda622e87ee89b95fdc41d63acaa142f7a40ec834a4ded8f2698

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: gZp/Pra/dpx/PLd+l2Zi5U294TsgI/Em5ydDjoXr/zM62YAH3yqPrGfCmoMdYG6gBL9YzJRDYVbjOryrC8aARA==
x-request-id: 432014c7aeba3dd7640d02499aa44060

GET
H2 200 3806.6e299e08.js Show response
www.by3933.com/js/ 270 KB
111 KB 663ms
662ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/3806.6e299e08.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ca03e4ac5d67b0e55e77c48e6e6bec3eedc9414cf745fa7bc270b5f34c00a8b

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: L9xwMA88FUPMLvEQav1FynLAcyGWfLef/rlx3FdwX1cqfSi7mmx1iSsNlR2ssGLUGKSc/aBgGru0oCGgLfAv6w==
x-request-id: 7726add6123b58bd01114cfa8911f798

GET
H2 200 main-7aeafcb2.802f25f6.js Show response
www.by3933.com/js/ 152 KB
39 KB 682ms
682ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/main-7aeafcb2.802f25f6.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: bf9e3d53260ce33eb0b10ad1c56e2c5f184fb6d14dae3bd6a18eea74b173bcd4

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: M/DIw4FsFJejlPuME2LF8bDPLD2HsekPYnIX9cEY44rwY8hwTxAL2ss7owEqweTMH++lWPh+LIUZIe9OfHLU6A==
x-request-id: 336b468832aabf1923c92e98cc273de4

GET
H2 200 main-9bf88260.71d6b410.js Show response
www.by3933.com/js/ 211 KB
36 KB 788ms
787ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/main-9bf88260.71d6b410.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 39da2fdd181759719a37f11de61e0c5ae0a512c216d5ae5e34d80a8110b9b9a8

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: N1tMDrKtOHEDY0LYFxDVFLDXMwrNKPjWU3QrJl4EeBFl4mS/csumeQQ5T/4FpptfLAvWvec6dz61PFd8o6qgoA==
x-request-id: ecd16c78eb0da46518db3569906a92a7

GET
H2 200 main-0a037d97.5d2dc226.js Show response
www.by3933.com/js/ 533 KB
162 KB 682ms
682ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/main-0a037d97.5d2dc226.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 9cce652670b04cca6abcf6aed54201a4ab61b1d43b00e9df923f9a62367df582

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: KHID508DwclbKayNK7rYGBY8lSiTjZYpD23bBB0JAab6NU0dmL689Cvll91feiGZaX9Zu4DbN2kMSLBNXr4YeA==
x-request-id: c41270eb942f8ac3f51b0a954ef61781

GET
H2 200 main-6b882012.96fcd3c2.js Show response
www.by3933.com/js/ 136 KB
34 KB 816ms
816ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/main-6b882012.96fcd3c2.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a93f71fde51a31468004da3a6bdd435c5e3dce417f331aaaa5301bdd3bbd411

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: T5a6+je3RxYJwWVhHtUHDY/+EmTrnpc00anCmbniEEpvm1kPiQjxqJZy/X11PHMpZUd9iF0KHKc5p4ek9Zx/rQ==
x-request-id: fa0e41aee45957a3c4cebef8562ec428

GET
H2 200 main-ef7d455c.5a69efdb.js Show response
www.by3933.com/js/ 295 KB
93 KB 863ms
863ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=7508008
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a905628385219c9a689de49c26e1378aedc456d80d42186f8362951d1c82d02

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:28 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: MS2fldmKsdJpOgxLhmyVFB7ENJDKr9DS3m5MhyRxYD0pz9JLY1wkitFLWVg1Bq9/rELf2xEXsAKjLVRCv8yeVA==
x-request-id: f2296f9bf7e2f5f5e6d82b6e37f311f4

GET
DATA 200
OK truncated
/ 56 KB
56 KB Other
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b2a56357dd060684534895ead31b8df2a8cc6aa9779e1bec986ff553a5b046e

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 favicon.ico
www.by3933.com/ 3 KB
1 KB 249ms
249ms Other
text/html 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

67012f77fb4600612f981d1015623ba77990e4fd4bcee22af0905569ccd10b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
via: 1.1 google
vary: Accept-Encoding
x-cache: EXPIRED
content-type: text/html
cache-control: max-age=1800
x-xss-protection: 1
jckl: 1jrNMUr2UrE3i+6wh8oHf24G79Jy1rZ0Cy8T7vdY9M/+gVntxSWL7FqUpQzsqm0IR2QdKB52yw8AboXHXck7TA==
x-request-id: e38357c4ff3c21dc5f0a4e0fc48cb254

GET
H2 200 common_register.c2cd5acd.css
www.by3933.com/css/ 31 KB
6 KB 282ms
281ms Stylesheet
text/css 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/css/common_register.c2cd5acd.css
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/js/runtime.82f95583.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: ba1c10e70c0b8a61b531ea8e5cefea33b62193a908b4b380a3c19230e1fa8574

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:29 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: text/css
cache-control: max-age=1800
alt_svc: clear
jckl: hFdnYHnjqDO65jX+p/B9rQhPM6ti/Iec+zdThdt2eFZvU+NsLmhxOZRsHGaQycLDGiULFzBoOKiV7SvY+lUfbA==
x-request-id: eb80d6cd5e7c461ea0854e90074903b1

GET
H2 200 common_register.4bbeea49.js Show response
www.by3933.com/js/ 123 KB
43 KB 284ms
283ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/common_register.4bbeea49.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/js/runtime.82f95583.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 4cc94b411300ad926e03d2d04aa7e9082e817e73b4a79c1ea63abeadb0918469

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:29 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: bwQZ0mJYSf3gVsaCJ9n2q1hCfxiWGKSuntYTcm6hiKZ8RqapwppuDpKPuTHeXHg5QIe/w3DKqdIlIQLJDgItPQ==
x-request-id: a3464dac6c7776733c9aec04cd4913b3

POST
H2 200 zc5fdzjjkh4pm8rv4v2m1zfdcw4yhxm8 Show response
www.by3933.com/scytale/ 328 B
486 B 336ms
334ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/zc5fdzjjkh4pm8rv4v2m1zfdcw4yhxm8

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

762553235d46257c5c28e0f27ad2a301d42dc3a87011f062e66e8aec05d267bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D7508008%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A29.811Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *
content-length: 328
x-xss-protection: 1; mode=block, 1
jckl: cWsG2hlUMBJeDgpCWrQCFdTjwXHAhLOqzej939PAq73SiGpXxmKEzldCeCxdDQvozuonEawzyczOUngR0wZOrA==
x-request-id: 77cfa584a4a51d3bf4bf45c35f4d346d

POST
H2 200 b5ffdzcrab7ckpgidab71fkrrtekghqk Show response
www.by3933.com/scytale/ 2 KB
2 KB 341ms
340ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/b5ffdzcrab7ckpgidab71fkrrtekghqk

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

f1d5ad94205b33462987bd13c6e6b0942d7ccc96e2e6f5bed54a225719e13bb5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D7508008%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A29.813Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: 06b4EGjXKH8fohU49Jyw/Q1jmqBAS5mUy56nrRLO2jDqgjTuoo820aaefhrtqDwpmBW0+AZRitqRNJwXdlNTYA==
x-request-id: ac2a2bd65ec55031fd4afb22d11880aa
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *

POST
H2 200 rfffdzjgnfjxrquikik1finfdfuwmmoa Show response
www.by3933.com/scytale/ 2 KB
2 KB 346ms
345ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/rfffdzjgnfjxrquikik1finfdfuwmmoa

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

0eee4d56d3a8b7fb994566031310352ba6fd2991b712457f38470760ed8fd87f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D7508008%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A29.816Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: S2Ei5l21O2xPr6IzGfwYL1KUG2XoZb4Ji2gJ0oy7lJcJ7O1zxV23pnvhnOqy2vgNCZC/VArr7+0/wz9W8uzWag==
x-request-id: 2b2d36ce0a4b8c7f9068156e0f6d457f
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *

POST
H2 200 alffdza2da7iqu4c1edafbrurlrpzmlo Show response
www.by3933.com/scytale/ 1 KB
2 KB 326ms
325ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/alffdza2da7iqu4c1edafbrurlrpzmlo

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

7eba8c0cf0e4ac08c581a71b36c4c7759e3b5b8c66bc9ff939fc7a787d19f96b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D7508008%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A29.817Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: XdsW5cwInVoDiuiXneEkGvkgc6frJI0C/TpwoDbrxUvAbxQcyVR7tH/qWA52rJkGOIglkzzrjr1T42tDLtH9xA==
x-request-id: c095f735600267b222814d0d15168c07
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *

POST
H2 200 afffdznvgzlgusbtvqep457o4fwmxe8j Show response
www.by3933.com/scytale/ 1 KB
1 KB 356ms
355ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/afffdznvgzlgusbtvqep457o4fwmxe8j

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

6501a8a9981004920ed58093fcfb990eb11bfbfd691b49d732bf74b392595297

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D7508008%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A29.819Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: Be+YuU3AA2HgTgWK2D1YGDPbfxLjVUu/5v6Pu7Enojx51cpH2A6w1p1Ue3cwjMrCO3vaHzR5QKN5HMqFA6Ykgw==
x-request-id: 39b587c12adc0280aa68e0b0f6456983
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *

POST
H2 200 4wffdzjb1n2aq2er4w2jy7vdhniafeuy Show response
www.by3933.com/scytale/ 568 B
716 B 327ms
326ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/4wffdzjb1n2aq2er4w2jy7vdhniafeuy

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

7a76ff02973bcb70bfbdedeff879884a22cd5b9a18c4307aff9512f8ea10e64b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D7508008%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A29.820Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *
content-length: 568
x-xss-protection: 1; mode=block, 1
jckl: eOqP9ppmm9M7q3bUIMARvcwSkZYXq+UILigo730fRsfeCURMlFJ3Ns26zmDrh+eA8q1bnpMIdNpHTmbXR20SFg==
x-request-id: e7ce886b7fa2f1bbb88cf8f917a42c63

POST
H2 200 naf5dz8rlzwotxczggc4zlnh1gzs884y Show response
www.by3933.com/scytale/ 608 B
767 B 328ms
327ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/naf5dz8rlzwotxczggc4zlnh1gzs884y

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

b1525c3fa6ec33a68cbfc29ec1dddf77a9dccba671a284c597983437dce62ae8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D7508008%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A29.821Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *
content-length: 608
x-xss-protection: 1; mode=block, 1
jckl: di6GarNEfkEfV5+pm0gHVsnsHROHH8HfGYaCinICokazd+/rE+qXLB8uHKXVX565Jof9IjNrRqCP9k5AVXYURg==
x-request-id: adae32b61b88eed2e868afd90056d5ad

POST
H2 200 jwffdzjvrfkofbkc2s5jhbbwpc4sukoe Show response
www.by3933.com/scytale/ 296 B
453 B 331ms
331ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/jwffdzjvrfkofbkc2s5jhbbwpc4sukoe

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

b3ec6c8ca21e1d15b0c90cb1658577a37416c8af459e498d4d39fb6f4c8967be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D7508008%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A29.821Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *
content-length: 296
x-xss-protection: 1; mode=block, 1
jckl: XbM2eC9G0+mrnAVb7NxAlyHjnWVoUl2073P1GzPQR3n/A3TexLheUGa7qWIX4caG/ajhcGQtoGDtjEQ75zzl+w==
x-request-id: 805e2b58156560c2d44df260c079a1dd

POST
H2 200 bzffdza75o8lbngxllvs2htx5oiy7wfp Show response
www.by3933.com/scytale/ 160 B
315 B 333ms
332ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/bzffdza75o8lbngxllvs2htx5oiy7wfp

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

c5d76fe905f976b1a1657fc3774c5b9dcd7457b60c6172778600bf4c09192ccb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D7508008%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A29.822Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *
content-length: 160
x-xss-protection: 1; mode=block, 1
jckl: MigaC7kwh4XGJhMnY1M4/rXo7hm5HuU2vQcdRbKv8F8y9MXo52UZiBC9ZM5GLi3poSNnYaEi5b7kmNa4vVv3Xg==
x-request-id: 52441541025fd4e8dd8aec2a5f3924a0

POST
H2 200 bwffdz4fkbm55wi2evvazcmd18ntfuvi Show response
www.by3933.com/scytale/ 856 B
1013 B 324ms
324ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/bwffdz4fkbm55wi2evvazcmd18ntfuvi

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

aea4f37d17a9fed584d3e53ef0492a80c29299256932abad2d0d3f26dcc2691a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D7508008%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A29.815Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *
content-length: 856
x-xss-protection: 1; mode=block, 1
jckl: UlU6aH5/GJZOzXIxBJ9Ic0C802Tizrp9yMImk7hTbtqhH/iYy86ucfBz7N4SPGTsYYrvR7zTUbuRnV1Zgw9O5g==
x-request-id: 6c100395bcb5f92c649d8880e34525ba

POST
H2 200 iwffdz8xynvq1j1arvrx4pc8u12u57oi Show response
www.by3933.com/scytale/ 664 B
823 B 325ms
325ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/iwffdz8xynvq1j1arvrx4pc8u12u57oi

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

80a247485e1a652d28df2d03b8681c66a0ea7b84cdef8cac9b871331351bb7c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D7508008%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A29.818Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *
content-length: 664
x-xss-protection: 1; mode=block, 1
jckl: xi1nEQzEXwyv/r45InYSU93PxDc3xJNW+yHw8kYpY/Z2kiyRe+GxcM30Xc31GqJVb9RlgVAq2UNjKMwHSt7vCQ==
x-request-id: b749f259b459e2d9373196fefd19e92d

POST
H2 200 8affdzc45vsgfyvz422p1u5mv1qk4kak Show response
www.by3933.com/scytale/ 18 KB
18 KB 368ms
367ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/8affdzc45vsgfyvz422p1u5mv1qk4kak

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

0169c2d2fcba238fa852e505410482342448c312400e0eed29b538982d6ef702

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=7508008
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D7508008%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A29.818Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: VFxva4oXrvYCzc6/Y7jbOy4csvWYJhyALMF2kgwd7RA7OL112mZuNIKA6pCvDvZJqU0F9M54rOJsKuNuFDaEzw==
x-request-id: 3d9ee72dd9a977a2906ca050a4e047b3
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *
opt_uuid: 920dfaea-e05c-4309-9e8a-a65030e16862

POST
H2 200 czffdzqbt8zt8qnyifwbxewmgiqd1cer Show response
www.by3933.com/scytale/ 2 KB
2 KB 299ms
298ms XHR
image/jpeg 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/czffdzqbt8zt8qnyifwbxewmgiqd1cer

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

f691c6cbb791c316c0df7af86e4d1b54853c61c8fe5c6d70aa481c65c97c6531

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A30.108Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 1926
x-xss-protection: 1; mode=block, 1
jckl: 3v5DOFz9/LEGJtZxsO/1r3Z+yHzq/gBH7Ag8935i/te6+NEtZUiI3IMc+9v6jACwVUS0U1qZoGOs6wyGQF1BCQ==
x-request-id: adfbc3940c5b8226b0312fdb2217fa38
pragma: no-cache
server: nginx
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 common_Entry.8d01a49f.css
www.by3933.com/css/ 59 KB
11 KB 247ms
246ms Stylesheet
text/css 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/js/runtime.82f95583.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: d7e643a75dad0a4decbd1c0a97fe7087d5168d4be0144f2e95959aeb3ff97e9c

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: text/css
cache-control: max-age=1800
alt_svc: clear
jckl: PZT8DlOi1BFvdJeR+cHgSGUKiWsAPl0e9YHGiKyYh9HQTlIQtPFktiZzzBkd550G8kHfCIK7OXjZ8UUVZx1mlg==
x-request-id: a0fef6f97f03aa7dc09102f2fe85680e

GET
H2 200 common_Entry.466b4ccd.js Show response
www.by3933.com/js/ 148 KB
49 KB 258ms
258ms Script
application/javascript 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/common_Entry.466b4ccd.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/js/runtime.82f95583.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: b3762d719629838d8d99d6b0d0ea9f3c6b58a3ff15a53532cfb94c68a224d9ea

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: application/javascript
cache-control: max-age=1800
alt_svc: clear
jckl: fYVoy1teyCAh5ucickbXrJaynqOwmNFH2IjLt4aQMFYiW2moOAxDPDbAN/vVck23gXTp4LMI9hUNYDR2WAWVKg==
x-request-id: 32fdeaba38fcd8c8632939f7a78f8215

GET
H2 200 login_bg.6b769804579d3f1e7f0411f8dea37746.webp
www.by3933.com/assets/commons/images/logoEntry/ 62 KB
63 KB 249ms
249ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/commons/images/logoEntry/login_bg.6b769804579d3f1e7f0411f8dea37746.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e592a3b50a944af8840239582a05f8ecbd24a3dea7b1e37858e81eca123c24b

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-f98a"
x-cache: REVALIDATED
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 63882
jckl: z/GhiBMWBqsvVzu3Rs8RdUV3c/PIB0ro3PdzJicUO/DVEalFszdiNOUb84INrsWxWtXlLDPGBVk4QVvD8sEuaQ==
x-request-id: 7ded5b87778c7b016ad1b916adb4ad4e

GET
H2 200 icon_sms_code.9bc72747b7541ead2f1472623d54de5f.webp
www.by3933.com/assets/commons/images/logoEntry/ 524 B
771 B 264ms
264ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/commons/images/logoEntry/icon_sms_code.9bc72747b7541ead2f1472623d54de5f.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 150dde236a6b01b81701896d40b431dcc64ddf5ce651bed69fd316af968da9d0

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-20c"
x-cache: REVALIDATED
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 524
jckl: JHqM9qeTIXcsH2HdGRIlhda9/hww1H9AEflJOBv9t0mnDVde7pSuP7P7BGbCXrPSbuBPff+aM/VhIUTOcp8s6g==
x-request-id: 455bade38619a1a6c7409efeb75252ae

GET
H2 200 favicon.ico
www.by3933.com/ 3 KB
0 0ms
0ms Other
text/html 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

67012f77fb4600612f981d1015623ba77990e4fd4bcee22af0905569ccd10b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: EXPIRED
content-type: text/html
cache-control: max-age=1800
x-xss-protection: 1
jckl: 1jrNMUr2UrE3i+6wh8oHf24G79Jy1rZ0Cy8T7vdY9M/+gVntxSWL7FqUpQzsqm0IR2QdKB52yw8AboXHXck7TA==
x-request-id: e38357c4ff3c21dc5f0a4e0fc48cb254

POST
H2 200 azffdzr8yn2msigayjets7gzuthgu7yu Show response
www.by3933.com/scytale/ 336 B
508 B 301ms
300ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/azffdzr8yn2msigayjets7gzuthgu7yu

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

c5fdcbbd5e1ba595b7818c7a830bbfe25f63711da43252193f156b921e4421ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A30.107Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *
content-length: 336
x-xss-protection: 1; mode=block, 1
jckl: Q3c3Uh6ocWE9hOK9kvsf2Tjw+7eSDpppDFu+rzJqyH4k6WPRICEcwXTJ9dePm4WYNWKj3b7ykj16MnU9KQ29Fg==
x-request-id: c4e24545c1cdd0953f604862d84d53a5

POST
H2 200 l5ffdzjxgvengvj18c85mwasvxz8olez Show response
www.by3933.com/scytale/ 288 B
479 B 306ms
305ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/l5ffdzjxgvengvj18c85mwasvxz8olez

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

188f5c584f5c36d05e3108a6a98fa0acadfd21ba4dfa7c81f074da760c3c4699

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A30.107Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584648
access-control-allow-headers: *
content-length: 288
x-xss-protection: 1; mode=block, 1
jckl: QPSLlfa53hE/qtmpI4sc2ZLeDpLNkcd4pyRaffR0P6AHm0wOIvoQwwCt4RI7kPQNtnVnY1/zniCjZ3HiA2Zagw==
x-request-id: 93dcaf82252f008e9d72ec7782d3de5b

GET
H2 200 8a9fa18c04b74526b9c83b3e1179dca7.png
ktpbds.aratalife.com/clientManage/ 1 KB
2 KB 439ms
17ms Other
image/png 128.1.77.232
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://ktpbds.aratalife.com/clientManage/8a9fa18c04b74526b9c83b3e1179dca7.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.77.232 Paris, France, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a8f9d4e660a434973ea5d5fabdb72335c023fb7f0553c0298925b29523c36c2

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
last-modified: Fri, 29 Dec 2023 04:08:15 GMT
server: nginx
ips-gateway-cache: HIT
etag: "658e462f-5db"
ips-server-id: 0
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1499
x-ser: BC14_US-Texas-Dallas-1-cache-3, BC232_FR-Paris-Paris-3-cache-1

POST
H2 200 ca8fdza88knnfpu5mmbxtfuojyyhr1mx Show response
www.by3933.com/scytale/ 144 B
297 B 291ms
289ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/ca8fdza88knnfpu5mmbxtfuojyyhr1mx

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

23c305193725e3670b90d385ef866b061e5ccb1187b1239580cfb636cbfe68c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
scytale: 4AA#+S^><S5frh$fGE%<[9^GM@4I1U|nS~\UbCO^C4{$YQ.-|/CI6j?9nj4\{t3b-@A_.27?I.r&@0t0}C;+7=,.<tU5r<AO]$,AG}S2;[C
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 144
jckl: erDNTmOM8JTPs6OahWulZOJQt+1qpdVayCCairWYGkdGa7EGcikmgBVdG0Ql0ZQZnBEVkORcqiMpmbRdrIRykQ==
x-xss-protection: 1
x-request-id: d47567369a7bd15b1bd1fbca8b0f20c6

GET
H2 200 login_icon_username.85cc6929135be70e3f7a9a5ac5c7332b.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 1 KB
1 KB 245ms
245ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_icon_username.85cc6929135be70e3f7a9a5ac5c7332b.webp
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 02823bdab5bfe29d049fe39d47f80a5da001ef4bc69ab47781d66606a2d404ea

Request headers

Referer: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-458"
x-cache: REVALIDATED
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 1112
jckl: zWWPuJURBThoGPEm5X7/bgF8gyIrJqiYWss5Glzyzl85YrCYEE1RqegsGqD+CAqgjGko6Sgyj5Shxy8C/wzsuQ==
x-request-id: 4fb8062755d6fe6511ebb4aa4e5a5fa8

GET
H2 200 login_userpassword_icon.63fcffa657bba9aaafd2d599c3c7ae78.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 1 KB
1 KB 247ms
247ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_userpassword_icon.63fcffa657bba9aaafd2d599c3c7ae78.webp
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: b98bb3be5e7f26c8f63b9be071790237e0d7602db03c55e0d9415ea5c800ae25

Request headers

Referer: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-490"
x-cache: REVALIDATED
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 1168
jckl: Bc8jKlpsXMaqs+bBmgK5qAP8j3WPeHywyqw3wJ5mawQNjNr93VNrmk8YeBn9lcyVGnlH7irnanhpe3N/ExkwCA==
x-request-id: fcedcef47b4f2b87034fcbec72a6a6b7

GET
H2 200 login_icon_checkbox_select.3cc75b6c459ca2ecf362681d6aa54b13.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 312 B
471 B 264ms
264ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_icon_checkbox_select.3cc75b6c459ca2ecf362681d6aa54b13.webp
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ef8eaa121b0e7ebac863bfbd2fceebcabd090f76ac2cffc2e7fc828b5b29a9c

Request headers

Referer: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-138"
x-cache: REVALIDATED
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 312
jckl: KsStm710IsDrWM3fXBZ/p1g5j2pONnzhmTHlibic+/mPVkcXzalPVGICv452ITIjCZe/ebuWU7Jf/RYs4WefLA==
x-request-id: 0b35ea88e70b9149c8370c16415c80be

GET
H2 200 entry_submit_bg.c5cb72b6eb4b91c8471580a5b91f2b32.webp
www.by3933.com/assets/frostedPurple2/colorSystem/blue/logoEntry/ 2 KB
2 KB 266ms
266ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/colorSystem/blue/logoEntry/entry_submit_bg.c5cb72b6eb4b91c8471580a5b91f2b32.webp
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 34d9033c5ad1b1a3f93ea0e1e678f9039978055f1331d94e2df24bf676488882

Request headers

Referer: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:17 GMT
server: nginx
etag: "66978c1d-7c4"
x-cache: REVALIDATED
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 1988
jckl: goc/mhR3DFaswZfS9zrCO1dSLHu3x2ZM6B2ccbtZluETa4wwEB9H3qcjQOg69l+zSCyjOHZo1wjROPIEU8jrfQ==
x-request-id: e7152ad34038da26af0002f1250ba064

GET
H2 200 DINPro-Medium.otf
www.by3933.com/font/ 138 KB
138 KB 394ms
393ms Font
application/octet-stream 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/font/DINPro-Medium.otf
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/css/main-e96e9bea.41832fa9.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 67f71fdc0019df2b77da656b6eb4fbae4d30dfbdeac0c6c71e87449754fe4caf

Request headers

Referer: https://www.by3933.com:30050/css/main-e96e9bea.41832fa9.css
Origin: https://www.by3933.com:30050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:19:20 GMT
server: nginx
etag: "66978c98-22610"
content-type: application/octet-stream
cache-control: max-age=0,no-cache,no-store
alt_svc: clear
accept-ranges: bytes
content-length: 140816
jckl: COpxPW/WgolbMgAXcENAuYDkNIwdAc29dV6Dylmvju5EmGySuupcpIDka77tgils73bNPhKE/fP7woMN+sQwsg==
x-request-id: ec653fa4b2b6f6c6414449e42c679889

POST
H2 200 dlafdzqlcuj14sj11yyjx1kdqbz8gdsx Show response
www.by3933.com/scytale/ 2 KB
2 KB 417ms
415ms XHR
image/jpeg 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/dlafdzqlcuj14sj11yyjx1kdqbz8gdsx

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

6cf8b471e6af7ad9f6f5474f2e39818d49994c77c79d82d59311d24ee06401cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A30.395Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 2062
x-xss-protection: 1; mode=block, 1
jckl: 3P1mxteCIghEyyHJ4eOO6gF/HTyf67XZQIPX3Ulyld5QPXIFecyM8aEBziekm2Wq930MSJuvm+GZn0dlmZ2k5g==
x-request-id: 6dbdad9504912411501ea971bd41976b
pragma: no-cache
server: nginx
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 login_bg_webp-ignore.3d4a9378e950727b663a1b3df3f6adb0.png
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 783 KB
784 KB 256ms
255ms Image
image/png 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_bg_webp-ignore.3d4a9378e950727b663a1b3df3f6adb0.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 723db99edebfb69633d97bc64a2da1fb8b60275676547b5ab9b44753fa2b2436

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-c3b13"
x-cache: REVALIDATED
content-type: image/png
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 801555
jckl: o6Rl2h/seyWL+2z7p4XOwwTOrAtiXIg4P8Vk5ZGhorRxe+TPIf1lXpzPNbz8j8K0zqICb5jGw1zQPs4T7dm5sw==
x-request-id: 387d0b02a15c41a76843904dbb85c634

GET
H2 200 login_icon_loginRegis.4f695a5ee539f9a4c4341168c4de628e.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 908 B
1 KB 387ms
386ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_icon_loginRegis.4f695a5ee539f9a4c4341168c4de628e.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: d58dd15b6caadcdbb4649a02ff4228bbee7c8c1e5862773d8ee0b7941ae6da0c

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-38c"
x-cache: REVALIDATED
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 908
jckl: SDkiMfnjlUxPCD54tf0edA2YQwF6O9FHmZHTniqns/QyG9e2DWUVGdCfZHX2+zz+VYCaWhdY9y4cv6neRG9UZw==
x-request-id: 10f6aaf41823def36a60584b827bc962

GET
H2 200 login_icon_guest.a448f513227c6a5223e83b7d01800e16.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 726 B
887 B 388ms
387ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_icon_guest.a448f513227c6a5223e83b7d01800e16.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: d542938b04c27ab5e23d45f9c22fa620a5ea1c54adae3d6c2ce8b37c966cf895

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-2d6"
x-cache: REVALIDATED
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 726
jckl: 4f6IHVztl8Xby8h4+FtrS7bT2kzlBmNL/2PapBA1k9XWXoxPj76Uvz1pLmlAoon5RZvYTcTfMO8aGy/Ok8o2xw==
x-request-id: 789adcae05302a4501a34842f18ea3e1

GET
H2 200 login_icon_service_while.4f2c6901631b63d18dba27ce7ddcb5ae.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 768 B
931 B 390ms
389ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_icon_service_while.4f2c6901631b63d18dba27ce7ddcb5ae.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 15eb607baa9a4b2ef861e1243e39e0c586662993c23b771cace28b1fbff4a6c6

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-300"
x-cache: REVALIDATED
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 768
jckl: fZ7mtneA4iT7A1LwRgTzC2TkhbD+FawyYMx3+XRTnvLEkEqCksaybV/opeaiswvGZNmKvm/MkWTbg420MDOR1w==
x-request-id: 9d5adf475d53aac9c881e9309bbf036c

GET
H2 200 login_icon_fastverification.4a9726458b0226bac917598d45fff4dc.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 1 KB
2 KB 391ms
390ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_icon_fastverification.4a9726458b0226bac917598d45fff4dc.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 61f455e6e737926398d4a92aa6f535998a0637f5e1eff502ab8ddd194e7cc9ca

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-57c"
x-cache: REVALIDATED
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 1404
jckl: BNH443BFMPABezWpasG2RUmPkks4wqf1i1pe0S4ZekXsYFm/paE26MSztgIy180JQ0ie10wX9WPQgnc+cb/koA==
x-request-id: 0e572e3cdce111637e090c345f802444

GET
H2 200 icon_phone.1b4034eb56c45c6154722098dfd7d9ea.webp
www.by3933.com/assets/commons/images/logoEntry/ 422 B
586 B 392ms
391ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/commons/images/logoEntry/icon_phone.1b4034eb56c45c6154722098dfd7d9ea.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aef37bfecf224bf0fdf186d3240e8f9bf62782ff4c4cbf3659e1f9196675320

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-1a6"
x-cache: REVALIDATED
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 422
jckl: pRiY191REHK8uxbjxZN+OMLPBuTI59F5wM/Qz5sE+kuUKf8B9KHgK8sjCcNTdvFZ7VKwz1Cpk5GpxlCB93yQsQ==
x-request-id: ccef23355a8604bd20a8a272f93bfb31

GET
H2 200 icon_sms_code.d7ae69737c162c2878bdaac0b57100e6.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 968 B
1 KB 393ms
392ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/icon_sms_code.d7ae69737c162c2878bdaac0b57100e6.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bfbc9f45626512fa80e3e04416ff89e2ed5bfacf553162b7660748ea314b546

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-3c8"
x-cache: REVALIDATED
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 968
jckl: 4Lkwsb0s5G8a8dSjDh94U2AMPFq36hwQFWrQP584Qk9So0sJyqoo9bjGUxwuGWvwXe06KF2FIkRhrwzgPZTg4A==
x-request-id: 5cec0d17c54676feeaca6c4f28462868

GET
H2 200 login_icon_service_black.37a97d80c43dfec385b079089654d860.webp
www.by3933.com/assets/commons/images/logoEntry/ 444 B
614 B 412ms
411ms Image
image/webp 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/commons/images/logoEntry/login_icon_service_black.37a97d80c43dfec385b079089654d860.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 188d90ad58d8c4a0969583fe14d10be202321a6f96c071c8295afbe80d30386f

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-1bc"
x-cache: REVALIDATED
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 444
jckl: kFNUK+H0OuMBJBkwlcX3rIHxi1johLqJ6Vy3wnHKtderM4BtRVciXBGhEkJfvWGPlqnb76+FOwgnv/8b7hSqnA==
x-request-id: cf0dd5650434f913748a516d325bac25

POST
H2 200 1fafdzrib22nycl4lhwettbn5jf2iz71 Show response
www.by3933.com/scytale/ 336 B
542 B 404ms
403ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/1fafdzrib22nycl4lhwettbn5jf2iz71

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

c5fdcbbd5e1ba595b7818c7a830bbfe25f63711da43252193f156b921e4421ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A30.393Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584649
access-control-allow-headers: *
content-length: 336
x-xss-protection: 1; mode=block, 1
jckl: FwR0zHlY7+bEb8PCNcu+8sK7fDwt7GixHU96oOPY6RPjMWeesmjRuxQDJ2SKd6E8ajaCxvrm/1aDYklZYfkN1Q==
x-request-id: 2e44377543824ae38e83f1d11340a057

POST
H2 200 q5afdza41qfevwlsm8qf18yh4a2ifl8b Show response
www.by3933.com/scytale/ 288 B
485 B 403ms
401ms XHR
application/scytale 2606:4700:90:0:278e:685b:5466:ce8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/q5afdza41qfevwlsm8qf18yh4a2ifl8b

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:278e:685b:5466:ce8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

904fb9d0c246c85d738031ae47832838b3fe3165cfbcba17452172e77d05a971

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A30.394Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A29.771Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A28%20%2B0200%22%2C%22timestamp%22%3A1721584648%7D%2C%22diff%22%3A-1771%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584649
access-control-allow-headers: *
content-length: 288
x-xss-protection: 1; mode=block, 1
jckl: CnCDrxtwODSQzUR0WejCPjKz39Ly6n2hCq/J6d52qd/yvl9ZTRE6TubZUrvCnSvEntI5jTxzwy+RyVsM1iab9A==
x-request-id: a5c9c448bce95e1902f9e35f32018eef

GET
H2 200 f894b06dce6e4211a385a3d395f7d20a.png
ktpbds.aratalife.com/clientManage/ 12 KB
13 KB 197ms
20ms Image
image/png 128.1.77.232
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktpbds.aratalife.com/clientManage/f894b06dce6e4211a385a3d395f7d20a.png?x-oss-process=image/format,webp/quality,q_90
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.77.232 Paris, France, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: nginx /
Resource Hash: d37db84cbb4f3b66213dd6469e3f2e5c7461e13bb2fac3c3b904b214b6ba722e

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:30 GMT
ips-gateway: TRUE
server: nginx
ips-server-id: 0
access-control-allow-origin: *
content-type: image/png
content-length: 12688
x-ser: BC113_US-Washington-seattle-1-cache-6, BC226_FR-Paris-Paris-3-cache-1

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
by1899.vip/	1969-12-31 23:59:59	Name: https_waf_cookie Value: abde34ed-cda9-4b0d848b12be804b2fc9690a3855f2d41a03
by1899.vip/	1970-01-20 22:13:06	Name: acw_tc Value: ac11000117215846468337643e00927d890f375ac616dfb0e8a24d3778a6a5
www.by3933.com/	1969-12-31 23:59:59	Name: https_waf_cookie Value: f60d434a-da0d-434644cf71bf440abd1f5dfe5defc96ea137
www.by3933.com/	1970-01-20 22:13:06	Name: acw_tc Value: ac11000117215846479662181e009aac32107754c63fd9bec97c0c8f85f696

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.by3933.com:30050/entry/register Message: [DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://www.by3933.com:30050/entry/register Message: [DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

by1899.vip
ktpbds.aratalife.com
www.by3933.com
128.1.77.232
2606:4700:90:0:278e:685b:5466:ce8e
38.47.158.106
0169c2d2fcba238fa852e505410482342448c312400e0eed29b538982d6ef702
02823bdab5bfe29d049fe39d47f80a5da001ef4bc69ab47781d66606a2d404ea
0a93f71fde51a31468004da3a6bdd435c5e3dce417f331aaaa5301bdd3bbd411
0e28d9ad432984c09a517fc86d20fe65f9733446647d7ce0394a4f077bd5b6fe
0eee4d56d3a8b7fb994566031310352ba6fd2991b712457f38470760ed8fd87f
150dde236a6b01b81701896d40b431dcc64ddf5ce651bed69fd316af968da9d0
15eb607baa9a4b2ef861e1243e39e0c586662993c23b771cace28b1fbff4a6c6
188d90ad58d8c4a0969583fe14d10be202321a6f96c071c8295afbe80d30386f
188f5c584f5c36d05e3108a6a98fa0acadfd21ba4dfa7c81f074da760c3c4699
1ca03e4ac5d67b0e55e77c48e6e6bec3eedc9414cf745fa7bc270b5f34c00a8b
23c305193725e3670b90d385ef866b061e5ccb1187b1239580cfb636cbfe68c5
2a905628385219c9a689de49c26e1378aedc456d80d42186f8362951d1c82d02
34d9033c5ad1b1a3f93ea0e1e678f9039978055f1331d94e2df24bf676488882
39da2fdd181759719a37f11de61e0c5ae0a512c216d5ae5e34d80a8110b9b9a8
3a8f9d4e660a434973ea5d5fabdb72335c023fb7f0553c0298925b29523c36c2
4968ec1e9e46700617dfbaeaf5b455de7fc5f3a3d80b2923a791c1187e59b106
4b2a56357dd060684534895ead31b8df2a8cc6aa9779e1bec986ff553a5b046e
4cc94b411300ad926e03d2d04aa7e9082e817e73b4a79c1ea63abeadb0918469
5633e5a9438969bcf1d2d0a1bc1ce77193d3846e1d51049039b46484bee05c54
5ef8eaa121b0e7ebac863bfbd2fceebcabd090f76ac2cffc2e7fc828b5b29a9c
61f455e6e737926398d4a92aa6f535998a0637f5e1eff502ab8ddd194e7cc9ca
6501a8a9981004920ed58093fcfb990eb11bfbfd691b49d732bf74b392595297
67012f77fb4600612f981d1015623ba77990e4fd4bcee22af0905569ccd10b50
67f71fdc0019df2b77da656b6eb4fbae4d30dfbdeac0c6c71e87449754fe4caf
6ad938eec1af8524b572ff09bd9f62eda9c1538464fa8f95ac16d26041e2e593
6aef37bfecf224bf0fdf186d3240e8f9bf62782ff4c4cbf3659e1f9196675320
6cf8b471e6af7ad9f6f5474f2e39818d49994c77c79d82d59311d24ee06401cf
6e592a3b50a944af8840239582a05f8ecbd24a3dea7b1e37858e81eca123c24b
723db99edebfb69633d97bc64a2da1fb8b60275676547b5ab9b44753fa2b2436
74cc6f13b1eb3449b2afececa50da12565a248bd0079c1b47cdb34cb0ee692d5
762553235d46257c5c28e0f27ad2a301d42dc3a87011f062e66e8aec05d267bd
7a76ff02973bcb70bfbdedeff879884a22cd5b9a18c4307aff9512f8ea10e64b
7bfbc9f45626512fa80e3e04416ff89e2ed5bfacf553162b7660748ea314b546
7eba8c0cf0e4ac08c581a71b36c4c7759e3b5b8c66bc9ff939fc7a787d19f96b
80a247485e1a652d28df2d03b8681c66a0ea7b84cdef8cac9b871331351bb7c6
904fb9d0c246c85d738031ae47832838b3fe3165cfbcba17452172e77d05a971
9cce652670b04cca6abcf6aed54201a4ab61b1d43b00e9df923f9a62367df582
aea4f37d17a9fed584d3e53ef0492a80c29299256932abad2d0d3f26dcc2691a
b1525c3fa6ec33a68cbfc29ec1dddf77a9dccba671a284c597983437dce62ae8
b3762d719629838d8d99d6b0d0ea9f3c6b58a3ff15a53532cfb94c68a224d9ea
b3ec6c8ca21e1d15b0c90cb1658577a37416c8af459e498d4d39fb6f4c8967be
b98bb3be5e7f26c8f63b9be071790237e0d7602db03c55e0d9415ea5c800ae25
ba1c10e70c0b8a61b531ea8e5cefea33b62193a908b4b380a3c19230e1fa8574
bf9e3d53260ce33eb0b10ad1c56e2c5f184fb6d14dae3bd6a18eea74b173bcd4
c5d76fe905f976b1a1657fc3774c5b9dcd7457b60c6172778600bf4c09192ccb
c5fdcbbd5e1ba595b7818c7a830bbfe25f63711da43252193f156b921e4421ed
d37db84cbb4f3b66213dd6469e3f2e5c7461e13bb2fac3c3b904b214b6ba722e
d542938b04c27ab5e23d45f9c22fa620a5ea1c54adae3d6c2ce8b37c966cf895
d58dd15b6caadcdbb4649a02ff4228bbee7c8c1e5862773d8ee0b7941ae6da0c
d7e643a75dad0a4decbd1c0a97fe7087d5168d4be0144f2e95959aeb3ff97e9c
e86b99e417fd6ca774d3fa6baff61ab59661839638f4db9c8dfa423f90e4f4cd
f1d5ad94205b33462987bd13c6e6b0942d7ccc96e2e6f5bed54a225719e13bb5
f2759c69c362dda622e87ee89b95fdc41d63acaa142f7a40ec834a4ded8f2698
f49ebdc0a285cbbc0d5cb7fedc57f87be56affedc27c986ef55a7d38ee188f88
f691c6cbb791c316c0df7af86e4d1b54853c61c8fe5c6d70aa481c65c97c6531

www.by3933.com Open in urlscan Pro 2606:4700:90:0:278e:685b:5466:ce8e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

57 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

2216 kBTransfer

4667 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.by3933.com Open in urlscan Pro
2606:4700:90:0:278e:685b:5466:ce8e Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2216 kB
Transfer

4667 kB
Size

4
Cookies

57 HTTP transactions
1 data transactions