www.by3933.com Open in urlscan Pro
2606:4700:90:0:3305:9ed6:8fda:a369 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://by8722.vip/
Effective URL:
https://www.by3933.com:30050/register?i_code=3697368
Submission: On July 21 via api (July 21st 2024, 5:58:00 pm UTC) from BE — Scanned from DE

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 57 HTTP transactions. The main IP is 2606:4700:90:0:3305:9ed6:8fda:a369, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.by3933.com.
TLS certificate: Issued by R10 on June 11th 2024. Valid for: 3 months.

This is the only time www.by3933.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	38.47.158.152 38.47.158.152	147019 (HHLJ-AS-A...) (HHLJ-AS-AP jiii)
55	2606:4700:90:... 2606:4700:90:0:3305:9ed6:8fda:a369	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	128.1.77.227 128.1.77.227	21859 (ZEN-ECN) (ZEN-ECN)
57	3

1 38.47.158.152 (United States) 1 redirects

ASN147019 (HHLJ-AS-AP jiii, HK)

by8722.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2606:4700:90:0:3305:9ed6:8fda:a369 (United States)

ASN13335 (CLOUDFLARENET, US)

www.by3933.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 128.1.77.227 (Paris, France)

ASN21859 (ZEN-ECN, US)

ktpbds.aratalife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	by3933.com www.by3933.com	2 MB
2	aratalife.com ktpbds.aratalife.com — Cisco Umbrella Rank: 972928	14 KB
1	by8722.vip 1 redirects by8722.vip	494 B
57	3

	Domain	Requested by
55	www.by3933.com	www.by3933.com
2	ktpbds.aratalife.com
1	by8722.vip	1 redirects
57	3

This site contains no links.

Subject Issuer	Validity	Valid
www.by3933.com R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
ktpbds.aratalife.com Certum Domain Validation CA SHA2	`2024-04-30` - `2025-04-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.by3933.com:30050/register?i_code=3697368
Frame ID: 1B110B77AC0B9E720989AF695BC4F147
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

博业体育官网

Page URL History Show full URLs

https://by8722.vip/ HTTP 302
https://www.by3933.com:30050/register?i_code=3697368 Page URL

Page Statistics

57
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2216 kB
Transfer

4668 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://by8722.vip/ HTTP 302
https://www.by3933.com:30050/register?i_code=3697368 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request register Show response
www.by3933.com/
Redirect Chain

https://by8722.vip/
https://www.by3933.com:30050/register?i_code=3697368

3 KB
2 KB

774ms
260ms

Document
text/html

2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/register?i_code=3697368

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

67012f77fb4600612f981d1015623ba77990e4fd4bcee22af0905569ccd10b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 21 Jul 2024 17:57:53 GMT
jckl: XiERZoicBxwmpSmnJI7iFn4rcrMIy8H8FuxNe8xhQCK9ufqZQVSktqxKC0Byc6cRcOPRR+8V+d5FebhIHg9nTg==
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-request-id: 416c7fe8149eb648675b6cdb7e5a737a
x-xss-protection: 1

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 21 Jul 2024 17:57:52 GMT
jckl: wCmIuZEWMunXar1rhmu3ozT9SpvF2gU8D1LJ//MsLKC0WFwZAlt/D6FocM3CugrmCo7fb2vETnhWNhbrYMKAnw==
location: https://www.by3933.com:30050/register?i_code=3697368
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
x-content-type-options: nosniff
x-request-id: 8c986c455a669721c5eb7c1a21fd1693
x-xss-protection: 1

GET
H2 200 WaveIcon.ttf
www.by3933.com/font/ 43 KB
43 KB 515ms
514ms Font
application/octet-stream 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/font/WaveIcon.ttf
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 5633e5a9438969bcf1d2d0a1bc1ce77193d3846e1d51049039b46484bee05c54

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
Origin: https://www.by3933.com:30050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:53 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:19:20 GMT
server: nginx
etag: "66978c98-aa10"
x-cache: HIT
content-type: application/octet-stream
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 43536
jckl: KSc9z/WgistMzhwHPR77xONpsx9qcHwkZ8ReLzhpjcdXJna023tUbeg0xAJLDdjbDFKFilTjkZvzFlxJNVz8ew==
x-request-id: 886934658ee45c50a501c0abb68c6855

GET
H2 200 getNgServeTime Show response
www.by3933.com/diff/ 32 B
257 B 998ms
997ms Script
text/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/diff/getNgServeTime
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 453a73def6bc37f18eb3a4d99f3d24c52b3a3690b11d2a644fb1bae72a5476a6

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jul 2024 17:57:53 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
jckl: OClpZkxLgoxI/NMceYKxoQDKnGzvofpLC6BOW8Q6MX4osSERY5dVn48haMTaevOg8ouvrYHFK0TmRcMAdRjdAQ==
x-request-id: d9962402223069ce86fe94d5c76bf36e
expires: 0

GET
H2 200 main-e96e9bea.41832fa9.css
www.by3933.com/css/ 78 KB
15 KB 339ms
338ms Stylesheet
text/css 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/css/main-e96e9bea.41832fa9.css
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: f49ebdc0a285cbbc0d5cb7fedc57f87be56affedc27c986ef55a7d38ee188f88

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:53 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: 3bow5/Uep04R04uIzSrQU5GPbjv3Q7kdPyj08tgLYf/94LKLkPcjDkZPk28uoKeOlC+wQ6xdzswQ1bB0KVKbcg==
x-request-id: a99e915fc81803569a7c4ba7806d9ff2

GET
H2 200 theme.config.js Show response
www.by3933.com/ 846 KB
261 KB 750ms
750ms Script
application/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/theme.config.js?240717171242

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

74cc6f13b1eb3449b2afececa50da12565a248bd0079c1b47cdb34cb0ee692d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:53 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
via: 1.1 google
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-cache-hit: edge
cache-control: max-age=1800
x-xss-protection: 1
jckl: xDz3FxE14VGSnMLtHTi7sVrMJDJN2SBOq9/J6QBpn6EiMmID9eXy/3Yb5FgTiK94ejRbUoOLWhLcBHa8cdOlUQ==
x-request-id: ab4613b730c7848a69fff055138a2b9e

GET
H2 200 runtime.82f95583.js Show response
www.by3933.com/js/ 11 KB
5 KB 255ms
255ms Script
application/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/runtime.82f95583.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 4968ec1e9e46700617dfbaeaf5b455de7fc5f3a3d80b2923a791c1187e59b106

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:54 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: tYfVOLSqWZvJEN34se485vKFnUdZGg1Fxf7Tyi6+e/l4PKVunQ6dolvIA+b9+vws6j+kWlG8b8pmfVZxT1khIw==
x-request-id: b6fe68c8c18436861de7aad92244dcc3

GET
H2 200 2265.53bcef4d.js Show response
www.by3933.com/js/ 133 KB
43 KB 272ms
271ms Script
application/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/2265.53bcef4d.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ad938eec1af8524b572ff09bd9f62eda9c1538464fa8f95ac16d26041e2e593

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:54 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: T9dCqYBKnbVdVskzh933qbq1Vad86WuYm+fXEr/7PCA5XYvEJNtIZRPuRtmxxqYTN7tmtpDa3xR8+6LsYIiD3A==
x-request-id: a509a93bc74814d26df4a705cd050f64

GET
H2 200 5387.c3cbd39c.js Show response
www.by3933.com/js/ 266 KB
83 KB 316ms
315ms Script
application/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/5387.c3cbd39c.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e28d9ad432984c09a517fc86d20fe65f9733446647d7ce0394a4f077bd5b6fe

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:54 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: K3iQNt3wIqlMjjUwWSymZ4ZMJcqtVLNqpCi3ZMdlNI0zIMN5UcLgseJ5AKx6T6Zo7EJ5X/3slVYpyigoF6zT0g==
x-request-id: dafab80294f1be765994d44acafa6725

GET
H2 200 519.0ef8401a.js Show response
www.by3933.com/js/ 228 KB
75 KB 389ms
388ms Script
application/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/519.0ef8401a.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: f2759c69c362dda622e87ee89b95fdc41d63acaa142f7a40ec834a4ded8f2698

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:54 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: L46MjpCfZ9lVQxmQ432h9xzj//gJF+/oxPiXZUtubV8EHQHj97uIdVBIpdpEQWcDpPjNYkBNBbfwfxi+oJO3+w==
x-request-id: 8ffb51e5b7f3ffe3ab681ee5cce09223

GET
H2 200 3806.6e299e08.js Show response
www.by3933.com/js/ 270 KB
111 KB 436ms
435ms Script
application/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/3806.6e299e08.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ca03e4ac5d67b0e55e77c48e6e6bec3eedc9414cf745fa7bc270b5f34c00a8b

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:54 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: IUwc5M96KSc1t6hT5jqsXobcO9UXKCkR01WQpEqMvJqiudNts3UNOg59eDvqxjf2yabbTbSubmkxhOqN5568ug==
x-request-id: 1aeca00016d8b6ceb61e94fed7371338

GET
H2 200 main-7aeafcb2.802f25f6.js Show response
www.by3933.com/js/ 152 KB
39 KB 474ms
473ms Script
application/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/main-7aeafcb2.802f25f6.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: bf9e3d53260ce33eb0b10ad1c56e2c5f184fb6d14dae3bd6a18eea74b173bcd4

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:54 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: hTckAbUrCkYjj19SlOK2Innq83h/1Fl/NGa1KacDOrhNhvhkL+FqYQjD2Wrt0UMSxBPZJz/tvtrZ/Q9MN8brUg==
x-request-id: 3fb2a91a5580471694d6d023eae6721d

GET
H2 200 main-9bf88260.71d6b410.js Show response
www.by3933.com/js/ 211 KB
36 KB 474ms
474ms Script
application/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/main-9bf88260.71d6b410.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 39da2fdd181759719a37f11de61e0c5ae0a512c216d5ae5e34d80a8110b9b9a8

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:54 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: VqnyjTRjxUTBjJS7+ye06XTT4l0fiUYj31IiAjeQ4WYoSqo2NgdiP+2oz/YhUzkiqVwKHCS9v2Ywxv94iBZa1Q==
x-request-id: b7994c9593e9813b66ef30c16e51fac7

GET
H2 200 main-0a037d97.5d2dc226.js Show response
www.by3933.com/js/ 533 KB
162 KB 474ms
474ms Script
application/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/main-0a037d97.5d2dc226.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 9cce652670b04cca6abcf6aed54201a4ab61b1d43b00e9df923f9a62367df582

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:54 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: TvnGv1evY5+F6mbUZH7fXBXckBDC0Q83MZREzDfs0P6OvGeSg1YKHA7Vu1sqrl08OiYGoTPdhfbAuhAiAOvLiQ==
x-request-id: 3498cda88014a82e56a1872ae232a1ea

GET
H2 200 main-6b882012.96fcd3c2.js Show response
www.by3933.com/js/ 136 KB
34 KB 475ms
474ms Script
application/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/main-6b882012.96fcd3c2.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a93f71fde51a31468004da3a6bdd435c5e3dce417f331aaaa5301bdd3bbd411

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:54 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: JwXyQ0+UNcVBysPXmDt6Pxc+bIneQDUCGmgPZ9MJeQZUUGw9L3aDWaTu1l5kHmYYPWo3eGCxEI/gi87/mruLEQ==
x-request-id: e9eac71bd659b91b9577b24d7503f774

GET
H2 200 main-ef7d455c.5a69efdb.js Show response
www.by3933.com/js/ 295 KB
93 KB 474ms
474ms Script
application/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/register?i_code=3697368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a905628385219c9a689de49c26e1378aedc456d80d42186f8362951d1c82d02

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:54 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: I50iw7AlM83u0TKie71wmawa4I7YKj9lVbAvnhmzXTKrz51ZdYvLwp2jWBaUPlr+UoQYgtAY27TK+J26BRIVUA==
x-request-id: 62afcef274214abd28f0c06164f16c16

GET
DATA 200
OK truncated
/ 56 KB
56 KB Other
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b2a56357dd060684534895ead31b8df2a8cc6aa9779e1bec986ff553a5b046e

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 favicon.ico
www.by3933.com/ 3 KB
1 KB 253ms
253ms Other
text/html 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

67012f77fb4600612f981d1015623ba77990e4fd4bcee22af0905569ccd10b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
via: 1.1 google
vary: Accept-Encoding
x-cache: HIT
content-type: text/html
x-cache-hit: edge
cache-control: max-age=1800
x-xss-protection: 1
jckl: dyNhAF2AayG7kIrPGwvW1y63v6IDmXzl2Lz758Qy6YPLSpXZIweR2hazsY+TbbcPqbWB/cHdhY3Sqtx7JiW9YQ==
x-request-id: a1a2df2dd14d90a6e2307e2d151e2e87

GET
H2 200 common_register.c2cd5acd.css
www.by3933.com/css/ 31 KB
6 KB 252ms
252ms Stylesheet
text/css 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/css/common_register.c2cd5acd.css
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/js/runtime.82f95583.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: ba1c10e70c0b8a61b531ea8e5cefea33b62193a908b4b380a3c19230e1fa8574

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: Oo5p8fWkOWrVqzvTZZ6S1mNRTgu7B9uSg28QndeK4PWajyfBP9gxDTE5T7CTKuzNLZAK7eMcNF54JZ3768ydhQ==
x-request-id: 69443ffa98ce22e9e62f0480d264e423

GET
H2 200 common_register.4bbeea49.js Show response
www.by3933.com/js/ 123 KB
43 KB 254ms
254ms Script
application/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/common_register.4bbeea49.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/js/runtime.82f95583.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 4cc94b411300ad926e03d2d04aa7e9082e817e73b4a79c1ea63abeadb0918469

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: K3cJ1MbuqW7Cy/7UnfQhE/A7kGFz/jaaGN1EfHiYdGSmvTOHfYTAR5M3sGc5jbwsqMNp89pQs7y6pCTFAEF0ug==
x-request-id: 7edc9b07b667d21777e14820199c2494

POST
H2 200 of5fdz8vrf81jtmjy4bbuwgzdflqn5wz Show response
www.by3933.com/scytale/ 328 B
609 B 276ms
276ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/of5fdz8vrf81jtmjy4bbuwgzdflqn5wz

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

4c22a54476f1d404655e6018938cbbe26fe2a3db7a0b787942d4c87ef7394d52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D3697368%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.168Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *
content-length: 328
x-xss-protection: 1; mode=block, 1
jckl: RsAUTbFPa4U2H9P9fsOMedXQ2VIQQexHijpWR98vpuWLbc71Gxt82WsTvCvON5lO1AqIahpnYgojOjTBWFBhUA==
x-request-id: d9265e72f91ca50cc3aa7a72ae21bc60

POST
H2 200 4zffdzjjatxk47gxztgsjp4x22cndacq Show response
www.by3933.com/scytale/ 2 KB
2 KB 302ms
301ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/4zffdzjjatxk47gxztgsjp4x22cndacq

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

31fa0769d48ee5245a8cd0a9d29c0a429d78c975c700c7b22f0063e55ecd9b35

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D3697368%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.174Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: 1GtSA8URl+prvOuyg+FhpqoXu6A+8MBnao+N5qx5Ci/08lUoZmnF7rHr5NfyU6FXtBGPOID4m6rY/vvAWcC/lg==
x-request-id: 18ee2336f47540e2e3ff3cf5470a259c
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *

POST
H2 200 pcffdz4epouj4aaqk1zitxrisasvitfr Show response
www.by3933.com/scytale/ 2 KB
2 KB 296ms
295ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/pcffdz4epouj4aaqk1zitxrisasvitfr

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

3fd31f9c341103b7dc847cb113dc4dafa4909494246b3f41304b33633bd97ef2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D3697368%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.178Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: Dq5cpErGW9X7dQkAeomD+nconZryUtmZutsBGvPed4GpxiN6269psd+bHkUg+lvoVLw0DZvI2shF7tNjE9B3xQ==
x-request-id: 476f293396725a05eb4d9835a1ecd4b7
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *

POST
H2 200 qaffdzacihik1hnjidh8ardluoiqps77 Show response
www.by3933.com/scytale/ 1 KB
1 KB 290ms
290ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/qaffdzacihik1hnjidh8ardluoiqps77

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

354399b1e7be52f5e43adbc4558276f9aecae49d2505ea543273dd36a9b401e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D3697368%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.179Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: e+x5KS7p3anjhsYdu9QId28bYCpUsU3m9ZZYRI//elPWXpIYoFxh9mh1ibvYGC7opSGAjyfG9uZ0Ew4jg4NDPw==
x-request-id: ebf1d4d8613e27996ed69d263b6d11dd
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *

POST
H2 200 laffdz47x8q8lajhcxeawrbswf714xh5 Show response
www.by3933.com/scytale/ 1 KB
1 KB 275ms
272ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/laffdz47x8q8lajhcxeawrbswf714xh5

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

81e8d531224e36bd22398ee65c87d12b9e5c8382f5f9f357bc7a50bd050842d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D3697368%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.182Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: CY9iCTUSF/gJEqWkNfEqYHpvIsnNk+lcr5KgZYC/n7gAwwryR0yBMJk+2/cZdBEBcvEyMvLTJ6lp6UUon0XnRA==
x-request-id: 63294a7ef4f9d304a4fc38dd858f069e
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *

POST
H2 200 caffdznsxz7uodcchqkex2ye4kwvykxh Show response
www.by3933.com/scytale/ 568 B
724 B 280ms
277ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/caffdznsxz7uodcchqkex2ye4kwvykxh

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

a7c69cba413f81e6383e0c3171daf9edcc27f9134626f799e2e7d567e31ff49c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D3697368%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.184Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *
content-length: 568
x-xss-protection: 1; mode=block, 1
jckl: MWAIjV2/vtyR71lJPGoiM8HssgvbGudN1pYDUoNYalT4DybgAaybzq13vJq5CBz6V9naJk1tUcRiST8cGSdYDQ==
x-request-id: 3bf80b04d104b945f2de8d27ffeacc29

POST
H2 200 8af5dznyiz8aruflareyrttxrsxgjsgy Show response
www.by3933.com/scytale/ 608 B
764 B 279ms
276ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/8af5dznyiz8aruflareyrttxrsxgjsgy

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

66dfb19fb329bade4b539f4b847e9c7b8e3941b6c9b2c2b98c2ca988379bbdd0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D3697368%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.185Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *
content-length: 608
x-xss-protection: 1; mode=block, 1
jckl: 2T/4a7O67znfzWfd26WaC4kqofOL3SIENbAO6AZamKyshglr5KULXvQ2a5U2lu5VPRLYge2jzrBaPkwVsIqjQw==
x-request-id: c68a88b4902d801fd28f04349ea66b67

POST
H2 200 iaffdzny5eyitzijsyrtfk2dvp1ugmyu Show response
www.by3933.com/scytale/ 296 B
453 B 279ms
278ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/iaffdzny5eyitzijsyrtfk2dvp1ugmyu

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

22bfc1b8c7b0f6fee012df3ace7734c3cc06dfd11cf9f7294c87d6236c7f1ded

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D3697368%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.186Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *
content-length: 296
x-xss-protection: 1; mode=block, 1
jckl: lcjDG/88X8HFVI6rzvNKOoUAPd3eSa8TJxt4eTtu8BgVCvGa92Od0q6ujK7vlSSudNXRJN3FjOE6YhVAoKJWRg==
x-request-id: 715756e65ce54564bcdfc7a925fd6465

POST
H2 200 jaffdzadlifk4oj7weqspzeriymbwltd Show response
www.by3933.com/scytale/ 160 B
320 B 287ms
285ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/jaffdzadlifk4oj7weqspzeriymbwltd

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

590ae54350f00f8b8b8e8dfb10cd9a1bbf8577d1c85f2968670242a4221bac00

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D3697368%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.187Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *
content-length: 160
x-xss-protection: 1; mode=block, 1
jckl: JdOGa8wyuYRr3F3Vd6WTjEnITwk2PawHwBC6fiwaCMHl1XoAiBCnin8GLgaS+lY7Ep3eCCcft7KckSkAnpA4kw==
x-request-id: 9aea73ed11c66ee9c86bb8741ed6c6dd

POST
H2 200 p5ffdzc2tie4yb8whfdzrbo8wbczmfrv Show response
www.by3933.com/scytale/ 856 B
1015 B 279ms
279ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/p5ffdzc2tie4yb8whfdzrbo8wbczmfrv

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

43d74c75126b084464c15582261a487f83a4b4b0d155f827d90de9421a08817f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D3697368%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.176Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *
content-length: 856
x-xss-protection: 1; mode=block, 1
jckl: fDZrbHExIbklGWuBNq6RCNTB+UClO5fijAjuDnhaaXIaOQkZqlsVhGY5pPmP2V2TAsSfPyuAQtHlCFC+TZ1YVw==
x-request-id: c613b932c73bf0253febf66186e4a034

POST
H2 200 afffdz441xchsj1uncjrhbov4zcc88d5 Show response
www.by3933.com/scytale/ 664 B
823 B 281ms
281ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/afffdz441xchsj1uncjrhbov4zcc88d5

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

04cd3cd79b09f4a1a7b06ae76ca75d58e14a15257eae3f983f6bbe19c3735b2c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D3697368%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.180Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *
content-length: 664
x-xss-protection: 1; mode=block, 1
jckl: T1ikv7uHIxzXYTy5o8UEhwUWi+uRPSgjgKw9DMYWAffdqlzy6e1U77M3/iydG9KZxhDznU+LSBPSKQ54/FtmAw==
x-request-id: 9c0ad1ff5fa9f35636c21f37f448b15e

POST
H2 200 afffdz8knq5s4tc5nf8uqvpncsfvl4n7 Show response
www.by3933.com/scytale/ 18 KB
18 KB 349ms
348ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/afffdz8knq5s4tc5nf8uqvpncsfvl4n7

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

4f160fe134af137d1909e6eb4156609c6593a11723f62bda64202cf6ffd912af

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/register?i_code=3697368
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fregister%3Fi_code%3D3697368%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.182Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block, 1
jckl: IP0SwKP3opNYEBopufQcN+3MQ+gpaAFWROr5vmmIBrY+TQRgRb8Dg5eBL5lbiI1VoXKChiwEvgmKjj7kRui6gQ==
x-request-id: a27bd3a32c5d2ee5854b3cc6df13c1a5
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *
opt_uuid: 2fc8e0d7-0164-4800-97e5-4d4503025434

POST
H2 200 glffdz4srjk1cldtrpc74k14cb5vvhk5 Show response
www.by3933.com/scytale/ 2 KB
2 KB 278ms
276ms XHR
image/jpeg 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/glffdz4srjk1cldtrpc74k14cb5vvhk5

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

3c85ed39580319612110efaf057f93a3edf06e1d0808fbb6c8c85ca1879d5428

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.437Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 2287
x-xss-protection: 1; mode=block, 1
jckl: AIwwuQaLsWjdpAPYqPlCXapMhfdPfBaJFVhFZTlnVMZL6/vsyv9as5GRCLPphG/ZyTF/FZzFMz7IuGyHnQl3iQ==
x-request-id: 1486c9f16a94581e31253ba1a613b49f
pragma: no-cache
server: nginx
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 common_Entry.8d01a49f.css
www.by3933.com/css/ 59 KB
11 KB 253ms
253ms Stylesheet
text/css 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/js/runtime.82f95583.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: d7e643a75dad0a4decbd1c0a97fe7087d5168d4be0144f2e95959aeb3ff97e9c

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: zj5QPzuiN1hRyqQaRcqOBGvIbYhqL9QdU+WrUBhGrBKkMs1GJ6sa5I0IDaYXLRtCjqJMHiyXbIdPsFgZHuA0yw==
x-request-id: 6f4621db1bd3e26a2a463200fcefee8c

GET
H2 200 common_Entry.466b4ccd.js Show response
www.by3933.com/js/ 148 KB
49 KB 253ms
253ms Script
application/javascript 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/js/common_Entry.466b4ccd.js
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/js/runtime.82f95583.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: b3762d719629838d8d99d6b0d0ea9f3c6b58a3ff15a53532cfb94c68a224d9ea

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
jckl: nq2rl9it5nWJ0g5/FDo6SLev7I/40Tbegs+sQ+4CZep4hZpIBzpkCC11G4XZUvR5pb8//KNYk81svLVHUuF3vQ==
x-request-id: cd7a030e0dd38f6bbf4961bc3fc5389a

GET
H2 200 login_bg.6b769804579d3f1e7f0411f8dea37746.webp
www.by3933.com/assets/commons/images/logoEntry/ 62 KB
63 KB 269ms
268ms Image
image/webp 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/commons/images/logoEntry/login_bg.6b769804579d3f1e7f0411f8dea37746.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e592a3b50a944af8840239582a05f8ecbd24a3dea7b1e37858e81eca123c24b

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-f98a"
x-cache: HIT
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 63882
jckl: FmYK4rOFzy/9+GW5ec4Ssm4xYdy87g3kxMnF3v3aWcLjpphiZRi5vMDwg7s0iPOzADqCn2TjWGj0A8kvo5brOQ==
x-request-id: 5eedee61187baac8e187d095fcfc0698

GET
H2 200 icon_sms_code.9bc72747b7541ead2f1472623d54de5f.webp
www.by3933.com/assets/commons/images/logoEntry/ 524 B
686 B 274ms
273ms Image
image/webp 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/commons/images/logoEntry/icon_sms_code.9bc72747b7541ead2f1472623d54de5f.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 150dde236a6b01b81701896d40b431dcc64ddf5ce651bed69fd316af968da9d0

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-20c"
x-cache: HIT
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 524
jckl: iTwN8jTPwZchCHbqvN/q0mBgTCZ2IIpZNwUOij8Guu3lLjttBY4Kv0bS3xW9bGv45dkAPck5SD3x9YrI65yqMA==
x-request-id: a667b299a77314b1823c72906a406568

POST
H2 200 pwffdz8bt2lp8eehzaxsnodhiuyuwksy Show response
www.by3933.com/scytale/ 336 B
528 B 274ms
273ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/pwffdz8bt2lp8eehzaxsnodhiuyuwksy

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

bdd5b59f7dead04ff3dfec12ec19e90a014f950f9c4cfd00218a2de5ef9485b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.435Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *
content-length: 336
x-xss-protection: 1; mode=block, 1
jckl: ZxjEOhbStboSctzmpzImucO9W/4D1ZRHyeJW3ZMeIa/d90N7RMEr8w0ekJxYf1aN8VzD7HBE/1J9lhYROtjckA==
x-request-id: ef0a909866bed2e336af21b68fdb8865

POST
H2 200 faffdzqw7zgsdwvuq8ddwl8c284szyn5 Show response
www.by3933.com/scytale/ 288 B
444 B 275ms
275ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/faffdzqw7zgsdwvuq8ddwl8c284szyn5

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

43348b13c9ef74e419498bbb8d5eda4c982be1035e8f7aced58bbc10402c3bff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.436Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584673
access-control-allow-headers: *
content-length: 288
x-xss-protection: 1; mode=block, 1
jckl: VqeLjfpo1F6m7EKKrhG5Nl+VpbzfnrX0/sBKua+UsQNNNYiVki4VpGcdNbnwMdPC/xAd65/Uxdg8L2r9L4eEVw==
x-request-id: dbd6fd2269837e370087080480b02184

GET
H2 200 favicon.ico
www.by3933.com/ 3 KB
0 1ms
1ms Other
text/html 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

67012f77fb4600612f981d1015623ba77990e4fd4bcee22af0905569ccd10b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html
x-cache-hit: edge
cache-control: max-age=1800
x-xss-protection: 1
jckl: dyNhAF2AayG7kIrPGwvW1y63v6IDmXzl2Lz758Qy6YPLSpXZIweR2hazsY+TbbcPqbWB/cHdhY3Sqtx7JiW9YQ==
x-request-id: a1a2df2dd14d90a6e2307e2d151e2e87

GET
H2 200 8a9fa18c04b74526b9c83b3e1179dca7.png
ktpbds.aratalife.com/clientManage/ 1 KB
2 KB 57ms
13ms Other
image/png 128.1.77.227
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://ktpbds.aratalife.com/clientManage/8a9fa18c04b74526b9c83b3e1179dca7.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.77.227 Paris, France, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a8f9d4e660a434973ea5d5fabdb72335c023fb7f0553c0298925b29523c36c2

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
last-modified: Fri, 29 Dec 2023 04:08:15 GMT
server: nginx
ips-gateway-cache: HIT
etag: "658e462f-5db"
ips-server-id: 0
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1499
x-ser: BC14_US-Texas-Dallas-1-cache-3, BC232_FR-Paris-Paris-3-cache-1

POST
H2 200 xf8fdzrjc4aqjkzpo8rsapk4iuzwxtdb Show response
www.by3933.com/scytale/ 144 B
294 B 266ms
265ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/xf8fdzrjc4aqjkzpo8rsapk4iuzwxtdb

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

0abdddc2d2fdc305fdb48aaf5726e4dd30b009627c919fa99bf170369deeb6f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
scytale: 7Ar^;lp>GAxxCI$f2bv\(+)E~$CE=rOhtU^{.,SC598=E~;$-*Ov}h<,tb~S]nS+27!YQ2>6$6pC/&$|Wtf+>)<E3pf1}tnA7Q|z#!h2{8,
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 144
jckl: zqZPodtVg+6k0ZM0/Tl72dvXEty8/DCCO65Ejelg5w43fwgY+oCwj6kMhDzaS0mBx2izZKykIdPyAsslKnIRrQ==
x-xss-protection: 1
x-request-id: e8d952a91ee90f6ec1cb5f2e680c0448

GET
H2 200 login_icon_username.85cc6929135be70e3f7a9a5ac5c7332b.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 1 KB
1 KB 254ms
251ms Image
image/webp 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_icon_username.85cc6929135be70e3f7a9a5ac5c7332b.webp
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 02823bdab5bfe29d049fe39d47f80a5da001ef4bc69ab47781d66606a2d404ea

Request headers

Referer: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-458"
x-cache: HIT
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 1112
jckl: nvBFunKzkcVyofYIcUBlbxHWFc5CRNoek7u1liV/YBtxo1ozRcHxFAqOgQG4yGn7i8itubS8BBu/Usl2qJaasA==
x-request-id: df089a5b543cfc129d4801de19050ba7

GET
H2 200 login_userpassword_icon.63fcffa657bba9aaafd2d599c3c7ae78.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 1 KB
1 KB 254ms
252ms Image
image/webp 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_userpassword_icon.63fcffa657bba9aaafd2d599c3c7ae78.webp
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: b98bb3be5e7f26c8f63b9be071790237e0d7602db03c55e0d9415ea5c800ae25

Request headers

Referer: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-490"
x-cache: HIT
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 1168
jckl: uPUm2EnNSj+kDXxXnbawdxf70nSkJTtAinQMk8crtZUzgnAfke3PN+FiqKJw+dpxwkIf9KVxB1m/FK6Yc4jjjg==
x-request-id: d544dc7bb264236f7f944672264603e6

GET
H2 200 login_icon_checkbox_select.3cc75b6c459ca2ecf362681d6aa54b13.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 312 B
473 B 255ms
253ms Image
image/webp 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_icon_checkbox_select.3cc75b6c459ca2ecf362681d6aa54b13.webp
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ef8eaa121b0e7ebac863bfbd2fceebcabd090f76ac2cffc2e7fc828b5b29a9c

Request headers

Referer: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-138"
x-cache: HIT
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 312
jckl: k4wQWt3uW1+YFG6pkwfGucadbpgKKGJ3ljKU4/PwK7IDawAx0HwBUtWsSYEnVn9gv0bbvLjYwN9UYDsYdLcOMg==
x-request-id: 72e5a3734158e52c699b29a9b11b152d

GET
H2 200 entry_submit_bg.c5cb72b6eb4b91c8471580a5b91f2b32.webp
www.by3933.com/assets/frostedPurple2/colorSystem/blue/logoEntry/ 2 KB
2 KB 257ms
254ms Image
image/webp 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/colorSystem/blue/logoEntry/entry_submit_bg.c5cb72b6eb4b91c8471580a5b91f2b32.webp
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 34d9033c5ad1b1a3f93ea0e1e678f9039978055f1331d94e2df24bf676488882

Request headers

Referer: https://www.by3933.com:30050/css/common_Entry.8d01a49f.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:17 GMT
server: nginx
etag: "66978c1d-7c4"
x-cache: HIT
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 1988
jckl: z7YxXtXvXUL6sWbcB5DWWDDfvu61vf23P3SVTSMruslrFiZo6cCIkwMAfdwOwaBs2s9hLugxsEcXcRlQ0OYZng==
x-request-id: f89f98790a900827e79f9aaaf86c377b

GET
H2 200 DINPro-Medium.otf
www.by3933.com/font/ 138 KB
138 KB 394ms
394ms Font
application/octet-stream 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.by3933.com:30050/font/DINPro-Medium.otf
Requested by: Host: www.by3933.com
URL: https://www.by3933.com:30050/css/main-e96e9bea.41832fa9.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 67f71fdc0019df2b77da656b6eb4fbae4d30dfbdeac0c6c71e87449754fe4caf

Request headers

Referer: https://www.by3933.com:30050/css/main-e96e9bea.41832fa9.css
Origin: https://www.by3933.com:30050
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:19:20 GMT
server: nginx
etag: "66978c98-22610"
content-type: application/octet-stream
cache-control: max-age=0,no-cache,no-store
alt_svc: clear
accept-ranges: bytes
content-length: 140816
jckl: zVAB19S39PzDr0nLPsayZPdRsyTROBySqVcl2Hrh4tE8qNZ2Pm4d0S5KJVJnVY6r+Rl0huC6l2NeA6D1bL2hKQ==
x-request-id: aa8162f5eb89c5373a0868b67216a21f

POST
H2 200 c5afdz4gzlqwrr4he1d1cy4k4kzhrgnj Show response
www.by3933.com/scytale/ 2 KB
2 KB 415ms
414ms XHR
image/jpeg 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/c5afdz4gzlqwrr4he1d1cy4k4kzhrgnj

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

fa1adeb6ba34cb003bb645c9b22ab2cfe0a344dc7bce13737d8cddf707958e44

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.740Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
content-length: 2168
x-xss-protection: 1; mode=block, 1
jckl: hXfRyIa61Q1mgwOB7V9+XEbYz2ydk5YuWlOJkJ9FsGni6pIAhheO0VjUVjLRL3IP+d5H9UQ2eCW58jOEKED9QQ==
x-request-id: f688aa352a46fa0400c3b84763392422
pragma: no-cache
server: nginx
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store
access-control-allow-headers: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 login_bg_webp-ignore.3d4a9378e950727b663a1b3df3f6adb0.png
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 783 KB
784 KB 256ms
254ms Image
image/png 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_bg_webp-ignore.3d4a9378e950727b663a1b3df3f6adb0.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 723db99edebfb69633d97bc64a2da1fb8b60275676547b5ab9b44753fa2b2436

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-c3b13"
x-cache: HIT
content-type: image/png
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 801555
jckl: 1z36hSKieRTHfoacYvvB8GGIM/HRYbGvbqpxw0LAWowHg1iXKPIMSZwa6vqmhHRgUvz3Ty9zUIQEVeawcnJuww==
x-request-id: 41d63ba74c56e613a851815328f7121f

GET
H2 200 login_icon_loginRegis.4f695a5ee539f9a4c4341168c4de628e.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 908 B
1 KB 388ms
386ms Image
image/webp 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_icon_loginRegis.4f695a5ee539f9a4c4341168c4de628e.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: d58dd15b6caadcdbb4649a02ff4228bbee7c8c1e5862773d8ee0b7941ae6da0c

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-38c"
x-cache: HIT
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 908
jckl: feBqavqi8mcj8lCyQwl//fBPujnBHpX2pS0sWieOfWQeTG8IArllnEAo2Fc79ILyP3Vp41lI90FLjnBoEU5ilA==
x-request-id: b297b1a84a2355cee47025666f07e133

GET
H2 200 login_icon_guest.a448f513227c6a5223e83b7d01800e16.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 726 B
886 B 389ms
388ms Image
image/webp 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_icon_guest.a448f513227c6a5223e83b7d01800e16.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: d542938b04c27ab5e23d45f9c22fa620a5ea1c54adae3d6c2ce8b37c966cf895

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-2d6"
x-cache: HIT
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 726
jckl: qQMwA/aUKwagAspusQKyuztIlYsv975vHNUcAbdDJSNe8AQmgO5/Vbvw+0J5VEb7XJh6m1BuLQeTTiWaKcBiAQ==
x-request-id: cc0b3b45890e0efae723feb5859387a1

GET
H2 200 login_icon_service_while.4f2c6901631b63d18dba27ce7ddcb5ae.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 768 B
930 B 390ms
389ms Image
image/webp 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_icon_service_while.4f2c6901631b63d18dba27ce7ddcb5ae.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 15eb607baa9a4b2ef861e1243e39e0c586662993c23b771cace28b1fbff4a6c6

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-300"
x-cache: HIT
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 768
jckl: uR5ueKM+o1ACiVxuje6MFc8C7xcMpSLZRYaNChvqD84/OXUDIgAj/zInT9fh8zlvgDtu+jSzu6pObcI4a1Ixfw==
x-request-id: f9922577ffdf2a4b7ac2dd9560610a10

GET
H2 200 login_icon_fastverification.4a9726458b0226bac917598d45fff4dc.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 1 KB
2 KB 391ms
390ms Image
image/webp 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/login_icon_fastverification.4a9726458b0226bac917598d45fff4dc.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 61f455e6e737926398d4a92aa6f535998a0637f5e1eff502ab8ddd194e7cc9ca

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-57c"
x-cache: HIT
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 1404
jckl: wVHNa/F1Q3HjG/36xrN9bMx1laQoQk1rolMcgbPe1XJ/Yoj7reuZ4/0K8Pt/4dGGBDc/bRpS9d4BODtOLxB65Q==
x-request-id: 42c3a3d3b622d597d5694b0e05b579d8

GET
H2 200 icon_phone.1b4034eb56c45c6154722098dfd7d9ea.webp
www.by3933.com/assets/commons/images/logoEntry/ 422 B
588 B 392ms
391ms Image
image/webp 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/commons/images/logoEntry/icon_phone.1b4034eb56c45c6154722098dfd7d9ea.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aef37bfecf224bf0fdf186d3240e8f9bf62782ff4c4cbf3659e1f9196675320

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-1a6"
x-cache: HIT
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 422
jckl: dkGMQXgumo7FqIKVIjMNR9HaNVjIVojDNq3qt7Snlj08iWZFbS8UsjFkWfrcIKC6TM4n313j+eJJI1uP6kn38A==
x-request-id: a0e2e3b4e75a88f1f01e857d1878545c

GET
H2 200 icon_sms_code.d7ae69737c162c2878bdaac0b57100e6.webp
www.by3933.com/assets/frostedPurple2/global/logoEntry/ 968 B
1 KB 392ms
392ms Image
image/webp 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/frostedPurple2/global/logoEntry/icon_sms_code.d7ae69737c162c2878bdaac0b57100e6.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bfbc9f45626512fa80e3e04416ff89e2ed5bfacf553162b7660748ea314b546

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-3c8"
x-cache: HIT
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 968
jckl: FcexE/UdjqI6GFH8ebug1McJqL13b+iBPG5PYY15REZ9Xzpc6ZzsivCWJY9PTauzQMT1NfNb7/BP/VLYwyowKA==
x-request-id: e88b0cb1c2e85ec4163dbbbb03de0b3a

GET
H2 200 login_icon_service_black.37a97d80c43dfec385b079089654d860.webp
www.by3933.com/assets/commons/images/logoEntry/ 444 B
614 B 393ms
392ms Image
image/webp 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.by3933.com:30050/assets/commons/images/logoEntry/login_icon_service_black.37a97d80c43dfec385b079089654d860.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: nginx /
Resource Hash: 188d90ad58d8c4a0969583fe14d10be202321a6f96c071c8295afbe80d30386f

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
via: 1.1 google
last-modified: Wed, 17 Jul 2024 09:17:20 GMT
server: nginx
etag: "66978c20-1bc"
x-cache: HIT
content-type: image/webp
cache-control: max-age=1800
x-cache-hit: edge
alt_svc: clear
accept-ranges: bytes
content-length: 444
jckl: Fjvkh7XFEl0zEJWymyfoqfN/niMId3bwTy7LFmSaiBRmSJmFhWtYx0YRCDB9Lbd7UxDqvN3KR9GhC6CjdA/H1w==
x-request-id: 616227a6bad28809a2dd4463eff7ce1f

GET
H2 200 f894b06dce6e4211a385a3d395f7d20a.png
ktpbds.aratalife.com/clientManage/ 12 KB
13 KB 16ms
16ms Image
image/png 128.1.77.227
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktpbds.aratalife.com/clientManage/f894b06dce6e4211a385a3d395f7d20a.png?x-oss-process=image/format,webp/quality,q_90
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.77.227 Paris, France, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: nginx /
Resource Hash: d37db84cbb4f3b66213dd6469e3f2e5c7461e13bb2fac3c3b904b214b6ba722e

Request headers

Referer: https://www.by3933.com:30050/entry/register
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
ips-gateway: TRUE
server: nginx
ips-server-id: 0
access-control-allow-origin: *
content-type: image/png
content-length: 12688
x-ser: BC113_US-Washington-seattle-1-cache-6, BC226_FR-Paris-Paris-3-cache-1

POST
H2 200 qlafdz4vykqtdkm2qa8lceucbwdpsemt Show response
www.by3933.com/scytale/ 336 B
521 B 396ms
395ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/qlafdz4vykqtdkm2qa8lceucbwdpsemt

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

bdd5b59f7dead04ff3dfec12ec19e90a014f950f9c4cfd00218a2de5ef9485b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.738Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584674
access-control-allow-headers: *
content-length: 336
x-xss-protection: 1; mode=block, 1
jckl: NrjAOWQMhP6BqDdVLgjdBde4QHV5bBz+l25w+eHkLbsMJbGgI4Nso1My0sEu2b6DBGqXvOYeCnNUsS66dfo+1g==
x-request-id: b96fda553eb024cd1783c87b30ea1a89

POST
H2 200 xzafdz4fpnspjkdebszhhwg5sma4dfgc Show response
www.by3933.com/scytale/ 288 B
441 B 396ms
395ms XHR
application/scytale 2606:4700:90:0:3305:9ed6:8fda:a369
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.by3933.com:30050/scytale/xzafdz4fpnspjkdebszhhwg5sma4dfgc

Requested by

Host: www.by3933.com
URL: https://www.by3933.com:30050/js/main-ef7d455c.5a69efdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2606:4700:90:0:3305:9ed6:8fda:a369 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx /

Resource Hash

a13798d4b8b75a1e2fa77ca1d8255c2b6fcf47ed3d3f89e862c4c6c132c7c5a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://www.by3933.com:30050/entry/register
SFDCR: 0
Accept-Language: zh-CN
info: %7B%22loop%22%3A1%2C%22href%22%3A%22https%3A%2F%2Fwww.by3933.com%3A30050%2Fentry%2Fregister%22%2C%22vn%22%3A%22build%20time%3A2024%2F7%2F17%2017%3A13%3A16%EF%BC%8Cbranch%3A%20version%2F240717%2C%20commitId%3A22daae3ddc66b482a3923506ac96693062e4f352%EF%BC%8Cclinet%3A%20WEB%EF%BC%8CthemeName%3A%20frostedPurple2%EF%BC%8Ccolor%3A%20blue%EF%BC%8CsiteId%3A%205268%22%2C%22rlt%22%3A%222024-07-21T17%3A57%3A55.739Z%22%2C%22slt%22%3A%222024-07-21T17%3A57%3A55.114Z%22%2C%22st%22%3A%7B%22currentTime%22%3A%2221%2FJul%2F2024%3A19%3A57%3A53%20%2B0200%22%2C%22timestamp%22%3A1721584673%7D%2C%22diff%22%3A-2114%7D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
QHUJK: 1
Content-Type: application/scytale

Response headers

date: Sun, 21 Jul 2024 17:57:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
content-date: 1721584674
access-control-allow-headers: *
content-length: 288
x-xss-protection: 1; mode=block, 1
jckl: UFoASl0P7XRfNOCjOkMzNsED31lURdINHocIA0di6frP+6m9PbfE7fZWxS44v1r0rGC4hd1xXyMXBpI+GOH8GA==
x-request-id: b13ed49e67099cb7291713ed196f6366

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
by8722.vip/	1969-12-31 23:59:59	Name: https_waf_cookie Value: f7fe0c1a-23c7-49cec2247a8214b2198bfdbf9040ef19ab89
by8722.vip/	1970-01-20 22:13:06	Name: acw_tc Value: ac11000117215846721957163e01978e70e139d2db30b7dbee07aaa53a2f86
www.by3933.com/	1969-12-31 23:59:59	Name: https_waf_cookie Value: 482878fb-5e2b-42ebe4a7aa443c0c964aa4d5fc8484e9a8de
www.by3933.com/	1970-01-20 22:13:06	Name: acw_tc Value: ac11000117215846731194294e009ab27331e3e21486a3be99b7631adeb68b

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.by3933.com:30050/entry/register Message: [DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://www.by3933.com:30050/entry/register Message: [DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

by8722.vip
ktpbds.aratalife.com
www.by3933.com
128.1.77.227
2606:4700:90:0:3305:9ed6:8fda:a369
38.47.158.152
02823bdab5bfe29d049fe39d47f80a5da001ef4bc69ab47781d66606a2d404ea
04cd3cd79b09f4a1a7b06ae76ca75d58e14a15257eae3f983f6bbe19c3735b2c
0a93f71fde51a31468004da3a6bdd435c5e3dce417f331aaaa5301bdd3bbd411
0abdddc2d2fdc305fdb48aaf5726e4dd30b009627c919fa99bf170369deeb6f2
0e28d9ad432984c09a517fc86d20fe65f9733446647d7ce0394a4f077bd5b6fe
150dde236a6b01b81701896d40b431dcc64ddf5ce651bed69fd316af968da9d0
15eb607baa9a4b2ef861e1243e39e0c586662993c23b771cace28b1fbff4a6c6
188d90ad58d8c4a0969583fe14d10be202321a6f96c071c8295afbe80d30386f
1ca03e4ac5d67b0e55e77c48e6e6bec3eedc9414cf745fa7bc270b5f34c00a8b
22bfc1b8c7b0f6fee012df3ace7734c3cc06dfd11cf9f7294c87d6236c7f1ded
2a905628385219c9a689de49c26e1378aedc456d80d42186f8362951d1c82d02
31fa0769d48ee5245a8cd0a9d29c0a429d78c975c700c7b22f0063e55ecd9b35
34d9033c5ad1b1a3f93ea0e1e678f9039978055f1331d94e2df24bf676488882
354399b1e7be52f5e43adbc4558276f9aecae49d2505ea543273dd36a9b401e7
39da2fdd181759719a37f11de61e0c5ae0a512c216d5ae5e34d80a8110b9b9a8
3a8f9d4e660a434973ea5d5fabdb72335c023fb7f0553c0298925b29523c36c2
3c85ed39580319612110efaf057f93a3edf06e1d0808fbb6c8c85ca1879d5428
3fd31f9c341103b7dc847cb113dc4dafa4909494246b3f41304b33633bd97ef2
43348b13c9ef74e419498bbb8d5eda4c982be1035e8f7aced58bbc10402c3bff
43d74c75126b084464c15582261a487f83a4b4b0d155f827d90de9421a08817f
453a73def6bc37f18eb3a4d99f3d24c52b3a3690b11d2a644fb1bae72a5476a6
4968ec1e9e46700617dfbaeaf5b455de7fc5f3a3d80b2923a791c1187e59b106
4b2a56357dd060684534895ead31b8df2a8cc6aa9779e1bec986ff553a5b046e
4c22a54476f1d404655e6018938cbbe26fe2a3db7a0b787942d4c87ef7394d52
4cc94b411300ad926e03d2d04aa7e9082e817e73b4a79c1ea63abeadb0918469
4f160fe134af137d1909e6eb4156609c6593a11723f62bda64202cf6ffd912af
5633e5a9438969bcf1d2d0a1bc1ce77193d3846e1d51049039b46484bee05c54
590ae54350f00f8b8b8e8dfb10cd9a1bbf8577d1c85f2968670242a4221bac00
5ef8eaa121b0e7ebac863bfbd2fceebcabd090f76ac2cffc2e7fc828b5b29a9c
61f455e6e737926398d4a92aa6f535998a0637f5e1eff502ab8ddd194e7cc9ca
66dfb19fb329bade4b539f4b847e9c7b8e3941b6c9b2c2b98c2ca988379bbdd0
67012f77fb4600612f981d1015623ba77990e4fd4bcee22af0905569ccd10b50
67f71fdc0019df2b77da656b6eb4fbae4d30dfbdeac0c6c71e87449754fe4caf
6ad938eec1af8524b572ff09bd9f62eda9c1538464fa8f95ac16d26041e2e593
6aef37bfecf224bf0fdf186d3240e8f9bf62782ff4c4cbf3659e1f9196675320
6e592a3b50a944af8840239582a05f8ecbd24a3dea7b1e37858e81eca123c24b
723db99edebfb69633d97bc64a2da1fb8b60275676547b5ab9b44753fa2b2436
74cc6f13b1eb3449b2afececa50da12565a248bd0079c1b47cdb34cb0ee692d5
7bfbc9f45626512fa80e3e04416ff89e2ed5bfacf553162b7660748ea314b546
81e8d531224e36bd22398ee65c87d12b9e5c8382f5f9f357bc7a50bd050842d2
9cce652670b04cca6abcf6aed54201a4ab61b1d43b00e9df923f9a62367df582
a13798d4b8b75a1e2fa77ca1d8255c2b6fcf47ed3d3f89e862c4c6c132c7c5a2
a7c69cba413f81e6383e0c3171daf9edcc27f9134626f799e2e7d567e31ff49c
b3762d719629838d8d99d6b0d0ea9f3c6b58a3ff15a53532cfb94c68a224d9ea
b98bb3be5e7f26c8f63b9be071790237e0d7602db03c55e0d9415ea5c800ae25
ba1c10e70c0b8a61b531ea8e5cefea33b62193a908b4b380a3c19230e1fa8574
bdd5b59f7dead04ff3dfec12ec19e90a014f950f9c4cfd00218a2de5ef9485b2
bf9e3d53260ce33eb0b10ad1c56e2c5f184fb6d14dae3bd6a18eea74b173bcd4
d37db84cbb4f3b66213dd6469e3f2e5c7461e13bb2fac3c3b904b214b6ba722e
d542938b04c27ab5e23d45f9c22fa620a5ea1c54adae3d6c2ce8b37c966cf895
d58dd15b6caadcdbb4649a02ff4228bbee7c8c1e5862773d8ee0b7941ae6da0c
d7e643a75dad0a4decbd1c0a97fe7087d5168d4be0144f2e95959aeb3ff97e9c
f2759c69c362dda622e87ee89b95fdc41d63acaa142f7a40ec834a4ded8f2698
f49ebdc0a285cbbc0d5cb7fedc57f87be56affedc27c986ef55a7d38ee188f88
fa1adeb6ba34cb003bb645c9b22ab2cfe0a344dc7bce13737d8cddf707958e44

www.by3933.com Open in urlscan Pro 2606:4700:90:0:3305:9ed6:8fda:a369 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

57 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

2216 kBTransfer

4668 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.by3933.com Open in urlscan Pro
2606:4700:90:0:3305:9ed6:8fda:a369 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2216 kB
Transfer

4668 kB
Size

4
Cookies

57 HTTP transactions
1 data transactions