bag.win Open in urlscan Pro
104.18.26.237 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl
Submission Tags: 0xscam
Submission: On November 23 via api (November 23rd 2024, 12:50:52 pm UTC) from US — Scanned from CA

Summary HTTP 106 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 106 HTTP transactions. The main IP is 104.18.26.237, located in and belongs to CLOUDFLARENET, US. The main domain is bag.win.
TLS certificate: Issued by WE1 on October 24th 2024. Valid for: 3 months.

This is the only time bag.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	104.18.26.237 104.18.26.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.154.167.99 149.154.167.99	62041 (Telegram ...) (Telegram Telegram Messenger Inc)
1	99.86.191.237 99.86.191.237	16509 (AMAZON-02) (AMAZON-02)
8	172.66.43.114 172.66.43.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
1	142.250.31.97 142.250.31.97	15169 (GOOGLE) (GOOGLE)
2	13.107.246.40 13.107.246.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	35.166.226.67 35.166.226.67	16509 (AMAZON-02) (AMAZON-02)
2	142.251.179.138 142.251.179.138	15169 (GOOGLE) (GOOGLE)
2	13.226.94.89 13.226.94.89	16509 (AMAZON-02) (AMAZON-02)
3	4.153.129.168 4.153.129.168	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	104.18.27.46 104.18.27.46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.29.150.176 52.29.150.176	16509 (AMAZON-02) (AMAZON-02)
18	23.220.128.40 23.220.128.40	16625 (AKAMAI-AS) (AKAMAI-AS)
3	18.238.80.83 18.238.80.83	16509 (AMAZON-02) (AMAZON-02)
1	172.253.63.95 172.253.63.95	15169 (GOOGLE) (GOOGLE)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
106	18

41 104.18.26.237 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bag.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.154.167.99 (London, United Kingdom)

ASN62041 (Telegram Telegram Messenger Inc, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.191.237 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-191-237.iad79.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.66.43.114 (United States)

ASN13335 (CLOUDFLARENET, US)

api.decentral.games	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.166.226.67 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-226-67.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.179.138 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f138.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.94.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-94-89.jfk52.r.cloudfront.net

widget.mava.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 4.153.129.168 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.27.46 (None, )

ASN13335 (CLOUDFLARENET, US)

verify.walletconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
explorer-api.walletconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.29.150.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-150-176.eu-central-1.compute.amazonaws.com

chat.mava.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 23.220.128.40 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-128-40.deploy.static.akamaitechnologies.com

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.238.80.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-83.jfk52.r.cloudfront.net

48714c3f-8f7a-437a-8149-53f1ad9d8b2c.snippet.anjouangaming.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	bag.win 1 redirects bag.win	4 MB
18	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2559	61 KB
11	walletconnect.com verify.walletconnect.com — Cisco Umbrella Rank: 55500 explorer-api.walletconnect.com — Cisco Umbrella Rank: 71599	25 KB
8	decentral.games api.decentral.games	18 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 625 b.clarity.ms — Cisco Umbrella Rank: 8098 c.clarity.ms — Cisco Umbrella Rank: 1269	30 KB
6	mava.app widget.mava.app chat.mava.app	835 KB
3	anjouangaming.org 48714c3f-8f7a-437a-8149-53f1ad9d8b2c.snippet.anjouangaming.org	20 KB
3	segment.io api.segment.io — Cisco Umbrella Rank: 1510	502 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	603 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 205	770 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	114 KB
1	segment.com cdn.segment.com — Cisco Umbrella Rank: 1935	1 KB
1	telegram.org telegram.org — Cisco Umbrella Rank: 10608	22 KB
106	15

	Domain	Requested by
41	bag.win	1 redirects bag.win cdn.jsdelivr.net
18	res.cloudinary.com	bag.win
10	explorer-api.walletconnect.com	cdn.jsdelivr.net bag.win
8	api.decentral.games	bag.win cdn.jsdelivr.net
4	chat.mava.app	cdn.jsdelivr.net
3	48714c3f-8f7a-437a-8149-53f1ad9d8b2c.snippet.anjouangaming.org	bag.win
3	b.clarity.ms	cdn.jsdelivr.net
3	api.segment.io	cdn.jsdelivr.net
2	c.clarity.ms	1 redirects
2	widget.mava.app	bag.win widget.mava.app
2	www.google-analytics.com	cdn.jsdelivr.net
2	www.clarity.ms	bag.win www.clarity.ms
1	c.bing.com	1 redirects
1	fonts.googleapis.com	client
1	verify.walletconnect.com	bag.win
1	www.googletagmanager.com	bag.win
1	cdn.jsdelivr.net	bag.win
1	cdn.segment.com	bag.win
1	telegram.org	bag.win
106	19

This site contains links to these domains. Also see Links.

Domain
docs.bag.win
verification.anjouangaming.org
mava.app

Subject Issuer	Validity	Valid
bag.win WE1	`2024-10-24` - `2025-01-22`	3 months	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2024-08-10` - `2025-09-11`	a year	crt.sh
*.segment.com Amazon RSA 2048 M02	`2024-10-15` - `2025-11-14`	a year	crt.sh
decentral.games WE1	`2024-10-24` - `2025-01-22`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.segment.io Amazon RSA 2048 M03	`2024-11-13` - `2025-12-13`	a year	crt.sh
mava.app Amazon RSA 2048 M03	`2024-10-17` - `2025-11-15`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
walletconnect.com WE1	`2024-11-02` - `2025-01-31`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-18` - `2025-01-13`	a year	crt.sh
*.snippet.anjouangaming.org GlobalSign GCC R6 AlphaSSL CA 2023	`2024-07-09` - `2025-08-10`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl
Frame ID: 49E6365643DA1BE1DEFADEC550A649CE
Requests: 106 HTTP requests in this frame

Frame: https://bag.win/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js
Frame ID: 7857B0353B63DC8C26A476787AD63AF2
Requests: 2 HTTP requests in this frame

Frame: https://verify.walletconnect.com/c7d5acd658e97940c5ba1ac1e43ca08f
Frame ID: 56F380251E4E76F751D420FF3D5829FF
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600&display=swap
Frame ID: 918E0AAEB031127A95C89D8ABDE81C7E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bag.win | The World’s Most Immersive Online Casino

Detected technologies

Cloudinary (CDN) Expand

Overall confidence: 80%
Detected patterns

<img[^>]+\.cloudinary\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

106
Requests

94 %
HTTPS

0 %
IPv6

15
Domains

19
Subdomains

18
IPs

4
Countries

5746 kB
Transfer

17365 kB
Size

16
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.bag.win/legal/responsible-gaming
Title: Responsible Gaming

Search URL Search Domain Scan URL

URL: https://docs.bag.win/legal/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://docs.bag.win/legal/notice-and-disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://docs.bag.win/legal/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://verification.anjouangaming.org/validate?domain=bag.win&seal_id=f8da7bc3b851aa8b9492d1602f743194bd88d0ee4ce31d7a7fbdd5440a030f9d59ba46e845ef7200e9e353c9bb6ddda8&stamp=66477b347b47e6a81ef84fcde11bcd40

Search URL Search Domain Scan URL

URL: https://mava.app/
Title: Powered by Mava

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://bag.win/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://bag.win/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js

Request Chain 114

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B45C21B0C8C54C6BBDB5A35E76E5F851&RedC=c.clarity.ms&MXFR=20EFFDA7B17467341134E8E7B57469D2 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B45C21B0C8C54C6BBDB5A35E76E5F851&MUID=040603E3872B681F3E9116A386016964

106 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request fiftysat Show response
bag.win/ref/ 5 KB
2 KB 224ms
170ms Document
text/html 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

0e81cfe19fd85d20a27ae58b45da3e8b3bfc2b67a8197906271fc475787c2698

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e71495dde93abfd-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 23 Nov 2024 12:50:43 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Next.js

GET
H2 200 telegram-web-app.js Show response
telegram.org/js/ 106 KB
22 KB 349ms
108ms Script
application/javascript 149.154.167.99
Telegram Telegram...

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/telegram-web-app.js

Requested by

Host: bag.win
URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (Telegram Telegram Messenger Inc, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3ab59994e7fad6650796e799102a64bcd660dd1b421887c74989729fcea14efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=345600
content-encoding: gzip
etag: W/"6739f222-1a916"
expires: Wed, 27 Nov 2024 12:50:43 GMT
date: Sat, 23 Nov 2024 12:50:43 GMT
content-type: application/javascript
last-modified: Sun, 17 Nov 2024 13:39:46 GMT
server: nginx/1.18.0

GET
H2 200 884236e94bae0989.css
bag.win/_next/static/css/ 1 MB
195 KB 40ms
38ms Stylesheet
text/css 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/css/884236e94bae0989.css

Requested by

Host: bag.win
URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23b74050cc139e4fbc1e5f37550006a8698acb35af0d28899b8afaadd33d40b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"16de13-19346295c40"
age: 147302
x-content-type-options: nosniff
cf-ray: 8e71495f0f14abfd-YYZ
expires: Sun, 23 Nov 2025 12:50:43 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 12:50:43 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 19 Nov 2024 20:42:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 webpack-52607eab2afbea40.js Show response
bag.win/_next/static/chunks/ 7 KB
4 KB 37ms
37ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Requested by

Host: bag.win
URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

795be942a3922d04e7ba8fe318a749f0d4e444574b42521b66beb27ad93f13b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1a52-19346295c40"
age: 147300
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:43 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:43 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 19 Nov 2024 20:42:16 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71495f9853aaf4-YYZ
server: cloudflare

GET
H3 200 framework-2fe4cb6473b20297.js Show response
bag.win/_next/static/chunks/ 138 KB
45 KB 67ms
67ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/framework-2fe4cb6473b20297.js

Requested by

Host: bag.win
URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

453ca013615baa4212000cc41322a6596b3051cd322065f4f30d20c7600b8b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"22719-192c011e438"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:43 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:43 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 24 Oct 2024 19:47:31 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71495fe88aaaf4-YYZ
server: cloudflare

GET
H3 200 main-5c643ef455828539.js Show response
bag.win/_next/static/chunks/ 92 KB
29 KB 60ms
59ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/main-5c643ef455828539.js

Requested by

Host: bag.win
URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44a61c9c2661b1f8515132de5b4c7d7b167c770127160e16345139d1e51cd421

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"17022-192c011e438"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:43 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:43 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 24 Oct 2024 19:47:31 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496098f3aaf4-YYZ
server: cloudflare

GET
H3 200 _app-98134c1fc8bc9f81.js Show response
bag.win/_next/static/chunks/pages/ 12 MB
4 MB 35ms
34ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/pages/_app-98134c1fc8bc9f81.js

Requested by

Host: bag.win
URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b43000b7882d451291a35101e12e256552ded456c4f5eef3f3a0672eae2318b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"c15232-19346295c40"
age: 147301
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:44 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 19 Nov 2024 20:42:16 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e714961092daaf4-YYZ
server: cloudflare

GET
H3 200 %5B...param%5D-d3515a66fc696067.js Show response
bag.win/_next/static/chunks/pages/ 435 B
585 B 113ms
111ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/pages/%5B...param%5D-d3515a66fc696067.js

Requested by

Host: bag.win
URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edea8ec39cd2b1bce7319f3f711ed06616d049dc51b479d0004f6d3370f09754

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1b3-19346295c40"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:44 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 19 Nov 2024 20:42:16 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e714961f9d4aaf4-YYZ
server: cloudflare

GET
H3 200 _buildManifest.js Show response
bag.win/_next/static/xGTWbSMdYs4bnih2Z-BNc/ 1 KB
923 B 80ms
79ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/xGTWbSMdYs4bnih2Z-BNc/_buildManifest.js

Requested by

Host: bag.win
URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d0ea03d339faf69a3ffea42c8315f0ea44887af8feb0e2239deff9557959ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5d6-19346295c40"
age: 147301
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:44 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 19 Nov 2024 20:42:16 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496229e1aaf4-YYZ
server: cloudflare

GET
H3 200 _ssgManifest.js Show response
bag.win/_next/static/xGTWbSMdYs4bnih2Z-BNc/ 77 B
355 B 79ms
78ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/xGTWbSMdYs4bnih2Z-BNc/_ssgManifest.js

Requested by

Host: bag.win
URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"4d-19346295c40"
age: 147301
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:44 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 19 Nov 2024 20:42:16 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496229e2aaf4-YYZ
server: cloudflare

GET 2baec721-7c26-4445-9479-ed4023f5e901
https://bag.win/ Frame 0
0

GET
H3 200 37ed31bc.c5f3ac17d7657bde.js Show response
bag.win/_next/static/chunks/ 140 KB
51 KB 54ms
53ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/37ed31bc.c5f3ac17d7657bde.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb7c70f4852ba763a4d573fb5c3c28beab13e75a0e72e28cf78622fa920dda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"22ee3-192727715e0"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:45 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 09 Oct 2024 18:07:40 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496bd85faaf4-YYZ
server: cloudflare

GET
H3 200 fcf75e44.c80fcef5c2019e77.js Show response
bag.win/_next/static/chunks/ 166 KB
60 KB 56ms
55ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/fcf75e44.c80fcef5c2019e77.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f24d9f1ac53de32a152f853ad482ce7c96a75a44462d1d24845b1bb91fda2bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"299b7-19346295c40"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:45 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 19 Nov 2024 20:42:16 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496bd861aaf4-YYZ
server: cloudflare

GET
H3 200 5432793e.5594550ac2d2f067.js Show response
bag.win/_next/static/chunks/ 139 KB
51 KB 58ms
57ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/5432793e.5594550ac2d2f067.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bb886e5b6b0ba13ecbac1ec4c3f1c8afa27c8107ceee3510a2b182bc2df14bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"22dc8-192c011e438"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:45 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 24 Oct 2024 19:47:31 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496bd864aaf4-YYZ
server: cloudflare

GET
H3 200 7558.b1cd0a5c3ec50e8a.js Show response
bag.win/_next/static/chunks/ 24 KB
7 KB 61ms
60ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/7558.b1cd0a5c3ec50e8a.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5c8aaa2a84db673958e97ab253f607af3c9b23c37338f9aefe2733f4aa2565c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6031-19326d4b718"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:45 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 18:41:35 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496bd867aaf4-YYZ
server: cloudflare

GET
H3 200 6133.f6a724fcd2495aa2.js Show response
bag.win/_next/static/chunks/ 304 KB
83 KB 62ms
61ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/6133.f6a724fcd2495aa2.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a19a9c897442f30152f94cdd6644e7e002eb60cd94394a72258f1b8b6a1e5e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"4c0be-192727715e0"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:45 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 09 Oct 2024 18:07:40 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496bd869aaf4-YYZ
server: cloudflare

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/pK03oncLYCxY1DJtTmnJnuwLByq2RlAb/ 616 B
1 KB 159ms
43ms Fetch
application/json 99.86.191.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/pK03oncLYCxY1DJtTmnJnuwLByq2RlAb/settings
Requested by: Host: bag.win
URL: https://bag.win/_next/static/chunks/pages/_app-98134c1fc8bc9f81.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-191-237.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d223a2959e7ca9ded5234e39fd6e8743512786d824c0f0185b9be8d67bb2032a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

access-control-max-age: 3000
x-amz-version-id: C5e7TIHNqqBHZSQ..z2wj9XkRR5wqWhY
etag: "b6506600671890c2c60e97521db46e89"
age: 9203
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: BDBu-DPV-yHMVtEqxaMR1_1hgLVmh_mPJz91azS0ewOqhKCHKTrWlA==
date: Sat, 23 Nov 2024 10:55:53 GMT
content-type: application/json; charset=utf-8
vary: accept-encoding
last-modified: Wed, 13 Nov 2024 23:04:02 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 798fb06c416f07d7eaba25e2728dc5ac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 616
x-amz-cf-pop: IAD79-C3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3

200

main.js Show response
bag.win/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/ Frame 7857
Redirect Chain

https://bag.win/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://bag.win/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?

8 KB
4 KB

26ms
26ms

Script
application/javascript

104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?

Requested by

Host: bag.win
URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Protocol

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22e21808e8132f8bf681d0a75379a0f9f60218b26ec1ff9594ac61d3b9b1e3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: gzip
x-content-type-options: nosniff
cf-ray: 8e71496e6a01aaf4-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
x-content-type-options: nosniff
cf-ray: 8e71496be86caaf4-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:45 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

OPTIONS
H3 403 getAppConfig
api.decentral.games/admin/ Frame 0
0 122ms
28ms Preflight
text/html 172.66.43.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.decentral.games/admin/getAppConfig

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bag.win
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: DIUH6ftlNU3qRsBxZXiChtR43OhPNoH19tDglYyde2pRiBalAlNKwX1g0tiKbEZvSrjM6YdP9PfznSg2SD0rKMT03VATt75SQ29u6YBgjsXxTTlNtUwKnGhSKsJ0pRJar1hgLQFsi99Mv9Gp8PgaMg==$yZ5I2Gezxm9Vyu+pm16LHw==
cf-mitigated: challenge
cf-ray: 8e71496f0924369c-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Sat, 23 Nov 2024 12:50:46 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority: u=1,i
referrer-policy: same-origin
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-options: nosniff
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

OPTIONS
H3 403 getThirdPartyGames
api.decentral.games/games/ Frame 0
0 105ms
30ms Preflight
text/html 172.66.43.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.decentral.games/games/getThirdPartyGames

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bag.win
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: qECVEfONdsvBAS6aucfdbCNFmkjrJiSUMkaueKF5K40dVfLPWLRXhaXqnBDFAcaupaUdI3nIeoW8Ur7ztSvLGQ+mXcY61GGx8K3a5hbUivnhZ9ZLs+p8bGb6WGjlCJc2/YUwqftuO75SDsGiLCrqDg==$BdPoMhJd6cuD5HibslgXMA==
cf-mitigated: challenge
cf-ray: 8e71496f0923369c-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Sat, 23 Nov 2024 12:50:46 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority: u=1,i
referrer-policy: same-origin
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-options: nosniff
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 eruda Show response
cdn.jsdelivr.net/npm/ 464 KB
114 KB 94ms
17ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/eruda

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/main-5c643ef455828539.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6df3805da066f2dbaeaa547b4ca83fa5c7c10ca8b6ba4357b0897bf3cc3b9a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"73eb0-Dx06OqDSMQPOVX/f6nBmzvwreY0"
age: 5450
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230066-FRA, cache-yyz4540-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 116465
x-jsd-version: 3.4.1

GET
H3 200 lib-jitsi-external-api.js Show response
bag.win/ref/js/ 4 KB
2 KB 183ms
182ms Script
text/html 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/ref/js/lib-jitsi-external-api.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/main-5c643ef455828539.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

c388a827cb8bc0a321b8c622b9caf3928269f2c5d7cb4c754f4964baee8b2691

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: MISS
x-content-type-options: nosniff
cf-ray: 8e71496e6a06aaf4-YYZ
expires: Sat, 23 Nov 2024 16:50:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Next.js
priority: u=3,i=?0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 148ms
68ms Script
application/javascript 142.250.31.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F2PD9TLKTV

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/main-5c643ef455828539.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

8d9bf10bf21e922dcfa7a4fea7e5e3048de02a23ca125212e399657b25555ee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 23 Nov 2024 12:50:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109671
x-xss-protection: 0
server: Google Tag Manager

GET gtm.js
www.googletagmanager.com/ 0
0

GET
H2 200 ogny7iwhlr Show response
www.clarity.ms/tag/ 689 B
1 KB 290ms
74ms Script
application/x-javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ogny7iwhlr
Requested by: Host: bag.win
URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f01f4f8c069856beaa5068d593c7838a6b4661420d56865be914e971c77952d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 689
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/x-javascript
x-azure-ref: 20241123T125046Z-r1c56ff7c76hr9vmhC1YTOkq3c0000000ac0000000008bmn

GET getAppConfig
api.decentral.games/admin/ 0
0

GET getThirdPartyGames
api.decentral.games/games/ 0
0

GET
H3 200 1586.82256a2c2d79a147.js Show response
bag.win/_next/static/chunks/ 4 KB
1 KB 59ms
58ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/1586.82256a2c2d79a147.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f0836b1e738020abddc1f22ec455025fbf41d30a36cbf202ce5b00236bcb662

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"ebc-192c011e438"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 24 Oct 2024 19:47:31 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496e9a1daaf4-YYZ
server: cloudflare

GET
H3 200 5532.ff0731f568beeee3.js Show response
bag.win/_next/static/chunks/ 724 B
699 B 53ms
52ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/5532.ff0731f568beeee3.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

270d1ac5e3d64a7c2618a9d2c6b8b992c8f79f9bfb41fe7a06cce7f22f6e614b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2d4-192c011e438"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 24 Oct 2024 19:47:31 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496e9a1eaaf4-YYZ
server: cloudflare

GET
H3 200 7761.22cbd8d5e81ef08b.js Show response
bag.win/_next/static/chunks/ 6 KB
2 KB 64ms
63ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/7761.22cbd8d5e81ef08b.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb85f38b3f26a0c5d99c4d09a313a57139b130548f7dbdf010f357c7c41989d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"19f2-19170a06ec0"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 20 Aug 2024 16:30:48 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496e9a20aaf4-YYZ
server: cloudflare

GET
H3 200 5252.f7117b94fd23ff30.js Show response
bag.win/_next/static/chunks/ 2 KB
1 KB 55ms
54ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/5252.f7117b94fd23ff30.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

332235989f1c6d09417e16ad3f51a0cd398fb03fbc00d4441347618f5e412f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"667-19326d4b718"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 18:41:35 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496e9a21aaf4-YYZ
server: cloudflare

GET
H3 200 3815.9568f4bea065a5cd.js Show response
bag.win/_next/static/chunks/ 18 KB
4 KB 63ms
62ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/3815.9568f4bea065a5cd.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cabf8da2909f622aabcac4428da9161c8b6f436685ef8cdb1fcb4f3c259b3b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"46ab-19346295c40"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 19 Nov 2024 20:42:16 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496e9a22aaf4-YYZ
server: cloudflare

GET
H3 200 6603.e41573d22142dc91.js Show response
bag.win/_next/static/chunks/ 9 KB
3 KB 57ms
56ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/6603.e41573d22142dc91.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0697f71f54f0dc950e46cb2d603e0f5fdd5f80d7ee9dd06902053da9a5ec8f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"24b9-19254e9bf50"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 04 Oct 2024 00:24:18 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e71496e9a25aaf4-YYZ
server: cloudflare

GET
H3 200 getGameConstants Show response
api.decentral.games/admin/ 80 KB
13 KB 544ms
544ms XHR
application/json 172.66.43.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.decentral.games/admin/getGameConstants

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/pages/_app-98134c1fc8bc9f81.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1f5805a319f19c0969f361ab17ac9978afbf4e1efa69a9976fbc59034687f620

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bag.win/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"140b4-fkh1h+c3OgtfyV6gfx6bT33Ev28"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-credentials: true
cf-ray: 8e7149710a76369c-YYZ
access-control-allow-origin: *
x-powered-by: Express
server: cloudflare

OPTIONS
H3 204 getGameConstants
api.decentral.games/admin/ Frame 0
0 267ms
267ms Preflight 172.66.43.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.decentral.games/admin/getGameConstants

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bag.win
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e71496f596c369c-YYZ
date: Sat, 23 Nov 2024 12:50:46 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-powered-by: Express

POST
H3 200 8e71495dde93abfd Show response
bag.win/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7857 0
726 B 31ms
27ms XHR
text/plain 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/cdn-cgi/challenge-platform/h/g/jsd/r/8e71495dde93abfd

Requested by

Host: bag.win
URL: https://bag.win/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-ray: 8e7149700b00aaf4-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 200 index-261b25c3c44df4da.js Show response
bag.win/_next/static/chunks/pages/ 1 KB
1002 B 33ms
33ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/pages/index-261b25c3c44df4da.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/main-5c643ef455828539.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bd6338da132e5c18826bd471b144fc40cf6ca242eca3bb3ac5f570590db25ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"431-19346295c40"
age: 147303
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 19 Nov 2024 20:42:16 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e7149702b10aaf4-YYZ
server: cloudflare

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
167 B 295ms
91ms Fetch
application/json 35.166.226.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.226.67 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-226-67.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://bag.win
content-length: 21
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/json
vary: Origin

POST
H2 204 collect Show response
www.google-analytics.com/g/ 0
546 B 125ms
47ms Fetch
text/plain 142.251.179.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-F2PD9TLKTV&gtm=45je4bk0v9195999518za200&_p=1732366246137&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1972359154.1732366246&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2Fref%2Ffiftysat&sid=1732366246&sct=1&seg=0&dl=https%3A%2F%2Fbag.win%2Fref%2Ffiftysat%3Ftwclid%3D25rt4mncdn0db7gn61c9neeipl&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3054
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.179.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: pd-in-f138.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://bag.win
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.56/ 66 KB
28 KB 66ms
66ms Script
application/javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.56/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ogny7iwhlr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

x-azure-ref: 20241123T125046Z-r1c56ff7c76hr9vmhC1YTOkq3c0000000ac0000000008bmp
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 9ee51ffb-a01e-0002-0f07-379063000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 19:41:29 GMT

GET
H3 200 / Show response
bag.win/ 8 KB
3 KB 170ms
170ms Fetch
text/html 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

22318b27ce957658905325dfadcb27beebd24cd561309de82a9eca6c5a791b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8e7149709b4baaf4-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Next.js
priority: u=1,i

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
widget.mava.app/ 3 KB
3 KB 342ms
225ms Script
application/javascript 13.226.94.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.mava.app/
Requested by: Host: bag.win
URL: https://bag.win/_next/static/chunks/main-5c643ef455828539.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-94-89.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbbc7144eaeade4a4cb766b24472f22341750b065d98a51dfd4746d8f928cee1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

x-amz-cf-pop: JFK52-P10
etag: "ea6b079e87282be18858379b69bc6d53"
via: 1.1 b8e7e4d288487b86cfc6bcf59fb6d08c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 3073
x-amz-cf-id: YtnTR0hM1rAYOOb3lk6OReGwFNHV_qb213U_jO8-b9c7-yhkyZXrGg==
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: application/javascript
last-modified: Fri, 22 Nov 2024 06:46:11 GMT
x-amz-meta-cache-control: public, max-age=0
server: AmazonS3

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5d1b272bbdc098003bf72cda6a75a0da84953c55000594e38807356e63b5627

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
168 B 194ms
90ms Fetch
application/json 35.166.226.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.226.67 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-226-67.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://bag.win
content-length: 21
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/json
vary: Origin

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
167 B 192ms
89ms Fetch
application/json 35.166.226.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.226.67 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-226-67.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://bag.win
content-length: 21
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/json
vary: Origin

GET
H3 200 image
bag.win/_next/ 43 B
379 B 174ms
174ms Image
image/gif 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bag.win/_next/image?url=https%3A%2F%2Fsegment.prod.bidr.io%2Fassociate-segment%3Fbuzz_key%3Daskpermission%26segment_key%3Daskpermission-119%26value%3D&w=1920&q=75

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

cf-cache-status: DYNAMIC
etag: 3OyrE1W1wrns7ygTIr8mWsWEC0aIdIWG6WMrRzpf5Ws=
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: image/gif
vary: Accept
content-disposition: inline; filename="associate-segment.gif"
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=60, must-revalidate
cf-ray: 8e7149710b8eaaf4-YYZ
content-length: 43
x-nextjs-cache: STALE
server: cloudflare

POST
H/1.1 204
No Content collect Show response
b.clarity.ms/ 0
271 B 233ms
98ms XHR
text/plain 4.153.129.168
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://bag.win/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://bag.win
Date: Sat, 23 Nov 2024 12:50:46 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 c7d5acd658e97940c5ba1ac1e43ca08f
verify.walletconnect.com/ Frame 56F3 0
0 353ms
290ms Document
text/html 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://verify.walletconnect.com/c7d5acd658e97940c5ba1ac1e43ca08f
Requested by: Host: bag.win
URL: https://bag.win/_next/static/chunks/6133.f6a724fcd2495aa2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bag.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=900
cf-ray: 8e714972ae72ac4e-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 23 Nov 2024 12:50:47 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 5763.64e280b50089cc80.js Show response
bag.win/_next/static/chunks/ 117 KB
34 KB 69ms
68ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/5763.64e280b50089cc80.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fbf903426d5a1a458a6a30a0d0c60f54fb14eda10bb28a721fad653584aaca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1d3df-1918fdc2518"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 26 Aug 2024 18:04:15 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e7149724c6aaaf4-YYZ
server: cloudflare

GET
H2 200 v2.js Show response
widget.mava.app/ 828 KB
830 KB 231ms
230ms Script
application/javascript 13.226.94.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.mava.app/v2.js
Requested by: Host: widget.mava.app
URL: https://widget.mava.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-94-89.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1dc132c7539ee9d1e0eb76fe5026795b13c128ec3dbfb97c700b7e650c30b5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

x-amz-cf-pop: JFK52-P10
etag: "392fc2dda358da40435e481127fa6e73"
via: 1.1 b8e7e4d288487b86cfc6bcf59fb6d08c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 848155
x-amz-cf-id: dCuSevRE3qxdN1uTBrd30lXCA_bpG3bdOgH6VDPDgS5hxFDAXATn7g==
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: application/javascript
last-modified: Fri, 22 Nov 2024 06:46:11 GMT
x-amz-meta-cache-control: public, max-age=0
server: AmazonS3

GET
H3 200 9343.f7137b03b2100296.js Show response
bag.win/_next/static/chunks/ 14 KB
5 KB 66ms
65ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/9343.f7137b03b2100296.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c7fd9093e259ee7ae3bf3705a022c8bf24162111500045c82f9c090e95081f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"3672-192c011e438"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 24 Oct 2024 19:47:31 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e7149731ce8aaf4-YYZ
server: cloudflare

GET
H3 200 1391.7be115b434641168.js Show response
bag.win/_next/static/chunks/ 111 KB
33 KB 65ms
65ms Script
application/javascript 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/_next/static/chunks/1391.7be115b434641168.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/webpack-52607eab2afbea40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87f9fa6f3d304979959ab26b3d015be528dd1c3baf9fafe3927ac94efa1c9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1ba38-192c011e438"
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 24 Oct 2024 19:47:31 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000
cf-ray: 8e7149738d51aaf4-YYZ
server: cloudflare

GET
H3 200 getDesktopListings Show response
explorer-api.walletconnect.com/w3m/v1/ 7 KB
2 KB 286ms
257ms Fetch
application/json 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://explorer-api.walletconnect.com/w3m/v1/getDesktopListings?projectId=c7d5acd658e97940c5ba1ac1e43ca08f&sdkType=wcm&sdkVersion=js-2.6.2&page=1&entries=9&version=2
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bc2c3b580f2b1f6a44c53e0e02131c6abeb831f53e53221c1d10a6f2977ce08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

x-robots-tag: noindex
cache-control: public, max-age=43200, s-maxage=21600
content-encoding: br
cf-ray: 8e7149744e4636f9-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 playerLevelingConfig Show response
api.decentral.games/admin/ 4 KB
2 KB 209ms
209ms XHR
application/json 172.66.43.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.decentral.games/admin/playerLevelingConfig

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7322366f405e4dea693b51b5213048e3780cd1cdc21f72b934e7c0d4daacfd03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bag.win/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"f50-cHYZ9IaAGerXPuGxy++8h8wU5g4"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-credentials: true
cf-ray: 8e714975bdda369c-YYZ
access-control-allow-origin: *
x-powered-by: Express
server: cloudflare

OPTIONS
H3 204 playerLevelingConfig
api.decentral.games/admin/ Frame 0
0 201ms
200ms Preflight 172.66.43.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.decentral.games/admin/playerLevelingConfig

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bag.win
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e7149747d06369c-YYZ
date: Sat, 23 Nov 2024 12:50:47 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-powered-by: Express

GET
H3 200 18711270-36a3-4d89-e20f-1f1ccb262a00
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 1 KB
2 KB 588ms
586ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/18711270-36a3-4d89-e20f-1f1ccb262a00?projectId=c7d5acd658e97940c5ba1ac1e43ca08f&sdkType=wcm&sdkVersion=js-2.6.2

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8ea3d80dc02793b61a5038753931dfae14c8767d9cf768eb1002d0d87821a85

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bag.win
Referer: https://bag.win/

Response headers

x-wc-r2-status: HIT
x-robots-tag: noindex
cf-cache-status: HIT
etag: "cfhrdQwLmzrbLNBkD1hnrCJvpbfmDcyauXnchu_YTSDQ"
cf-bgj: imgq:86,h2pri
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000, s-maxage=86400
cf-images: internal=ok/- q=0 n=19+2 c=0+2 v=2024.10.6 l=1180 f=false
cf-ray: 8e714975ef8b36f9-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1180
server: cloudflare

GET
H3 200 f79ccec4-6729-434e-4c61-7b164eb11500
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 1 KB
2 KB 531ms
529ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/f79ccec4-6729-434e-4c61-7b164eb11500?projectId=c7d5acd658e97940c5ba1ac1e43ca08f&sdkType=wcm&sdkVersion=js-2.6.2

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bb72f567d1c8f4797ca49a346ab2187603ce74ec85fb44e733464a4cc5c0545

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bag.win
Referer: https://bag.win/

Response headers

x-wc-r2-status: HIT
x-robots-tag: noindex
cf-cache-status: HIT
etag: "cf_rAbs6bVlA8sIJkkHirBcwLffmDcyauXnchu_YTSDQ"
cf-bgj: imgq:86,h2pri
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000, s-maxage=86400
cf-images: internal=ok/- q=0 n=769+2 c=0+2 v=2024.10.6 l=1412 f=false
cf-ray: 8e714975ef8d36f9-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1412
server: cloudflare

GET
H3 200 7e1514ba-932d-415d-1bdb-bccb6c2cbc00
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 910 B
1 KB 56ms
54ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/7e1514ba-932d-415d-1bdb-bccb6c2cbc00?projectId=c7d5acd658e97940c5ba1ac1e43ca08f&sdkType=wcm&sdkVersion=js-2.6.2

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e352c8a9e65670d43fa8709cbde5535226746cc4d4777e07b251e117ca4aa95

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bag.win
Referer: https://bag.win/

Response headers

x-wc-r2-status: HIT
x-robots-tag: noindex
cf-cache-status: HIT
etag: "cfmeYviP6kCNFgjEWLRBgPUJnDfmDcyauXnchu_YTSDQ"
age: 73236
cf-bgj: imgq:86,h2pri
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:47 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
cf-images: internal=ok/- q=0 n=49+5 c=0+5 v=2024.10.6 l=910 f=false
cf-ray: 8e714975ef8e36f9-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 910
server: cloudflare

GET
H3 200 c39b3a16-1a38-4588-f089-cb7aeb584700
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 2 KB
2 KB 57ms
54ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/c39b3a16-1a38-4588-f089-cb7aeb584700?projectId=c7d5acd658e97940c5ba1ac1e43ca08f&sdkType=wcm&sdkVersion=js-2.6.2

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f08bd5fd73b03bd498bdea7b974f26bc80a03b26b6efb63e3d856fe324a1e288

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bag.win
Referer: https://bag.win/

Response headers

x-wc-r2-status: HIT
x-robots-tag: noindex
cf-cache-status: HIT
etag: "cfzxenqWecI6yJVG_C8-69sArsfmDcyauXnchu_YTSDQ"
age: 73236
cf-bgj: imgq:86,h2pri
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:47 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
cf-images: internal=ok/- q=0 n=1263+2 c=0+2 v=2024.10.6 l=1700 f=false
cf-ray: 8e714975ef8f36f9-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1700
server: cloudflare

GET
H3 200 9f259366-0bcd-4817-0af9-f78773e41900
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 2 KB
2 KB 57ms
55ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/9f259366-0bcd-4817-0af9-f78773e41900?projectId=c7d5acd658e97940c5ba1ac1e43ca08f&sdkType=wcm&sdkVersion=js-2.6.2

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac3ab06433e114c3e21ae87b9ba5b79cb3ee2829e4354397352fd04d01251e22

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bag.win
Referer: https://bag.win/

Response headers

x-wc-r2-status: HIT
x-robots-tag: noindex
cf-cache-status: HIT
etag: "cftQTt3un0HlQqBazMK6bKNWLifmDcyauXnchu_YTSDQ"
age: 73236
cf-bgj: imgq:86,h2pri
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:47 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
cf-images: internal=ok/- q=0 n=1128+8 c=1+7 v=2024.10.6 l=1860 f=false
cf-ray: 8e714975ef9036f9-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1860
server: cloudflare

GET
H3 200 204b2240-5ce4-4996-6ec4-f06a22726900
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 3 KB
3 KB 73ms
71ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/204b2240-5ce4-4996-6ec4-f06a22726900?projectId=c7d5acd658e97940c5ba1ac1e43ca08f&sdkType=wcm&sdkVersion=js-2.6.2

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2afca389fab7fb59ce8f7e39c2796f4e48e3e292f24558710fc9359fe8da86b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bag.win
Referer: https://bag.win/

Response headers

x-wc-r2-status: HIT
x-robots-tag: noindex
cf-cache-status: HIT
etag: "cfHSK7haDWQDA9lEEikk-9BEcPfmDcyauXnchu_YTSDQ"
age: 73236
cf-bgj: imgq:86,h2pri
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:47 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
cf-images: internal=ok/- q=0 n=28+8 c=4+4 v=2024.10.6 l=2986 f=false
cf-ray: 8e714975ef9136f9-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2986
server: cloudflare

GET
H3 200 b6ee4efc-f53e-475b-927b-a7ded6211700
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 3 KB
3 KB 54ms
52ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/b6ee4efc-f53e-475b-927b-a7ded6211700?projectId=c7d5acd658e97940c5ba1ac1e43ca08f&sdkType=wcm&sdkVersion=js-2.6.2

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c636ba07da1373f4c0e7ef915f807b125b1921f03cac429a4805c1cb22750659

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bag.win
Referer: https://bag.win/

Response headers

x-wc-r2-status: HIT
x-robots-tag: noindex
cf-cache-status: HIT
etag: "cf9TnuhjIqeWjX901zZxsJee5JfmDcyauXnchu_YTSDQ"
age: 73236
cf-bgj: imgq:86,h2pri
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:47 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
cf-images: internal=ok/- q=0 n=683+10 c=6+4 v=2024.10.6 l=2666 f=false
cf-ray: 8e714975ef9236f9-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2666
server: cloudflare

GET
H3 200 fbd441cc-e861-46dc-48ae-a04228ddb500
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 3 KB
3 KB 65ms
63ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/fbd441cc-e861-46dc-48ae-a04228ddb500?projectId=c7d5acd658e97940c5ba1ac1e43ca08f&sdkType=wcm&sdkVersion=js-2.6.2

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e4db7cebb517a9dffb833d5ec75b5e91b9eff4eeae380476df7f85e21459081

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bag.win
Referer: https://bag.win/

Response headers

x-wc-r2-status: HIT
x-robots-tag: noindex
cf-cache-status: HIT
etag: "cfFJ943IWAd-AliTnsJ2QbJY_MfmDcyauXnchu_YTSDQ"
age: 73236
cf-bgj: imgq:86,h2pri
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:47 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
cf-images: internal=ok/- q=0 n=690+11 c=5+6 v=2024.10.6 l=2790 f=false
cf-ray: 8e714975ef9336f9-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2790
server: cloudflare

GET
H3 200 7fd5a23a-3a01-4cfb-3c8b-9f43ae414400
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 3 KB
3 KB 74ms
72ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/7fd5a23a-3a01-4cfb-3c8b-9f43ae414400?projectId=c7d5acd658e97940c5ba1ac1e43ca08f&sdkType=wcm&sdkVersion=js-2.6.2

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0236ca1c9ca15fafaabee69e69e3e8a0570801cbb31da6768ba8318070baed97

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bag.win
Referer: https://bag.win/

Response headers

x-wc-r2-status: HIT
x-robots-tag: noindex
cf-cache-status: HIT
etag: "cfRafM7wSd8-Qni9A0q6y28FCOfmDcyauXnchu_YTSDQ"
age: 73234
cf-bgj: imgq:86,h2pri
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 12:50:47 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=31536000
cf-images: internal=ok/- q=0 n=886+9 c=1+8 v=2024.10.6 l=2974 f=false
cf-ray: 8e714975ef9436f9-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2974
server: cloudflare

GET
H3 200 getPromoBannerInfos Show response
api.decentral.games/mobile/ 6 KB
3 KB 190ms
189ms XHR
application/json 172.66.43.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.decentral.games/mobile/getPromoBannerInfos

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e710e5e2d6b69e8655b1c054d2c84498e81f21866fccca2e746270291e1d6c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bag.win/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"19cf-aJxEqRjwLZGTn/AzEdrTaKK7AK0"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:47 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-credentials: true
cf-ray: 8e7149783f91369c-YYZ
access-control-allow-origin: *
x-powered-by: Express
server: cloudflare

OPTIONS
H3 204 getPromoBannerInfos
api.decentral.games/mobile/ Frame 0
0 189ms
189ms Preflight 172.66.43.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.decentral.games/mobile/getPromoBannerInfos

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.114 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bag.win
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e7149770ef0369c-YYZ
date: Sat, 23 Nov 2024 12:50:47 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-powered-by: Express

POST
H2 200 login Show response
chat.mava.app/api/auth/ 237 B
527 B 186ms
185ms Fetch
application/json 52.29.150.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mava.app/api/auth/login
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.150.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-150-176.eu-central-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 72068434e6cc5f8b96cf1d1c03d1d71c48bf4205de1d8a271b75d07d89df4a67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://bag.win/

Response headers

access-control-max-age: 31536000
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE
access-control-allow-origin: *
content-length: 237
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: application/json; charset=utf-8
server: nginx/1.22.1
access-control-allow-headers: Content-Type, x-auth-signature, x-auth-token, Authorization

OPTIONS
H2 200 login
chat.mava.app/api/auth/ Frame 0
0 356ms
111ms Preflight
application/json 52.29.150.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mava.app/api/auth/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.150.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-150-176.eu-central-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bag.win
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-auth-signature, x-auth-token, Authorization
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE
access-control-allow-origin: *
access-control-max-age: 31536000
content-length: 3
content-type: application/json; charset=utf-8
date: Sat, 23 Nov 2024 12:50:47 GMT
server: nginx/1.22.1

POST
H/1.1 204
No Content collect Show response
b.clarity.ms/ 0
271 B 50ms
47ms XHR
text/plain 4.153.129.168
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://bag.win/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://bag.win
Date: Sat, 23 Nov 2024 12:50:47 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 Confetti_b5xpfk.png
res.cloudinary.com/dnzambf4m/image/upload/v1666924580/ 6 KB
6 KB 279ms
120ms Image
image/png 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1666924580/Confetti_b5xpfk.png

Requested by

Host: bag.win
URL: https://bag.win/_next/static/css/884236e94bae0989.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

4f8c7f1676f203a06807855d14562fa6758d55da86c45f5939a59b692eff6950

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "0c47afb97bf5d439cdc7f9f0535bddca"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=22;start=2024-11-23T12:50:48.153Z;desc=hit,rtt;dur=32,content-info;desc="width=362,height=196,owidth=362,oheight=196,obytes=5932"
content-length: 5932
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/png
last-modified: Fri, 28 Oct 2022 02:36:21 GMT
server: Cloudinary

GET
H3 200 ProtoMono-Regular.otf
bag.win/fonts/ProtoMono/ 23 KB
16 KB 412ms
411ms Font
font/otf 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/fonts/ProtoMono/ProtoMono-Regular.otf

Requested by

Host: bag.win
URL: https://bag.win/_next/static/css/884236e94bae0989.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d9c563fecad555bd089f916eade1b721a5a78a3cedb0c4033336619b7548938

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bag.win
Referer: https://bag.win/_next/static/css/884236e94bae0989.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"5bc0-1934621c2f0"
x-content-type-options: nosniff
expires: Sat, 23 Nov 2024 16:50:48 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: font/otf
last-modified: Tue, 19 Nov 2024 20:33:58 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8e71497a1973aaf4-YYZ
server: cloudflare

GET
H3 200 RobotoMono-Regular.ttf
bag.win/fonts/RobotoMono/ 112 KB
66 KB 164ms
164ms Font
font/ttf 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/fonts/RobotoMono/RobotoMono-Regular.ttf

Requested by

Host: bag.win
URL: https://bag.win/_next/static/css/884236e94bae0989.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7ab2d73cf7d538face08bcdde95b928ce609a970237c8811ca3c76059c8bb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bag.win
Referer: https://bag.win/_next/static/css/884236e94bae0989.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"1bfc0-1934621c2f0"
x-content-type-options: nosniff
expires: Sat, 23 Nov 2024 16:50:48 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: font/ttf
last-modified: Tue, 19 Nov 2024 20:33:58 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8e71497a1975aaf4-YYZ
server: cloudflare

GET
H3 200 Rodfat%20two-Demo.ttf
bag.win/fonts/Rodfat/ 32 KB
13 KB 171ms
171ms Font
font/ttf 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/fonts/Rodfat/Rodfat%20two-Demo.ttf

Requested by

Host: bag.win
URL: https://bag.win/_next/static/css/884236e94bae0989.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6974f9dd38cfc8768e04f7f2268ba859968f7239126a062e677b0405fedc83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://bag.win
Referer: https://bag.win/_next/static/css/884236e94bae0989.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"8060-1934621c2f0"
x-content-type-options: nosniff
expires: Sat, 23 Nov 2024 16:50:48 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: font/ttf
last-modified: Tue, 19 Nov 2024 20:33:58 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8e71497a1976aaf4-YYZ
server: cloudflare

GET
H2 200 anj-seal.js Show response
48714c3f-8f7a-437a-8149-53f1ad9d8b2c.snippet.anjouangaming.org/ 3 KB
2 KB 576ms
371ms Script
text/javascript 18.238.80.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://48714c3f-8f7a-437a-8149-53f1ad9d8b2c.snippet.anjouangaming.org/anj-seal.js

Requested by

Host: bag.win
URL: https://bag.win/_next/static/chunks/pages/_app-98134c1fc8bc9f81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.80.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-80-83.jfk52.r.cloudfront.net

Software

cloudflare / Express

Resource Hash

fe00efc616c6bc6c045e6aef76ea8eb8a415ff13325acbd89c5d4c3831af7211

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=300
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"c80-TBtsQT2DCDRSz25WCPoVp/C+UjY"
via: 1.1 e8d43fa48b39621b588a1a1ac423b626.cloudfront.net (CloudFront)
cf-ray: 8e71497b5a923946-IAD
x-cache: Miss from cloudfront
x-amz-cf-id: j0oQOGT_KlRmaejuVub-TKYRngp8c4T4_5N0eUZi3qLV-HPAOY1tAg==
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
server: cloudflare
x-amz-cf-pop: JFK52-P5

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07d89e4f855aa30d735b287334f9cc49e12299c7d55b56f2499caee15ff9529f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38948bf5b6744e2528d5bc2a7876e71fcda91cd574c275c26fe3e25cb2a8dad4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a03b648c0abbda21a82b6f3975b6068ca0fbc275c6710a877c528b8f0e7a12d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e35355fd108a997fcc1cd4ea3e24bb38e798fda6948b9e3ad4f3b77d59fad980

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8b3115f5892701b599f307729bb2d800e65355bd4b4b0e3c29eda4fc04b169f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29bfd1a8e50429332ffefdd5083305b87f115571829f31f617613077fc6356d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 USDT_lekowq.svg
res.cloudinary.com/dnzambf4m/image/upload/v1705635031/Casino%20Mobile/CasinoTokens/ 704 B
906 B 148ms
42ms Image
image/svg+xml 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1705635031/Casino%20Mobile/CasinoTokens/USDT_lekowq.svg

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

a348e45bec7b93bf1fe769cdce2ae94329b267f02345e8830349b9908faac8e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
content-encoding: br
etag: W/"a5e847686beba3edd496c9a4abc423f5"
x-content-type-options: nosniff
server-timing: cld-akam;dur=5;start=2024-11-23T12:50:48.126Z;desc=hit,rtt;dur=32,content-info;desc="width=2000,height=2000,bytes=704,o=1,ef=(17)"
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/svg+xml
content-disposition: attachment; filename="USDT_lekowq.svg"
vary: Accept-Encoding
last-modified: Fri, 19 Jan 2024 03:30:33 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 394
server: Cloudinary

GET
H2 200 usdc_rvxbbz.svg
res.cloudinary.com/dnzambf4m/image/upload/v1727817884/Casino%20Mobile/Coin/ 4 KB
2 KB 229ms
124ms Image
image/svg+xml 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1727817884/Casino%20Mobile/Coin/usdc_rvxbbz.svg

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

b95bc545e12f4f4b215ee02a296ddf648df609b3ea8da99d11f38ad5939a7f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

x-request-id: 256d49f8286dd32e9dd8dad5c0ccc4ae
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
content-encoding: br
etag: W/"dacc1001c901cb80f2426faa71673905"
x-content-type-options: nosniff
server-timing: cld-akam;dur=54;start=2024-11-23T12:50:48.148Z;desc=hit,rtt;dur=32,content-info;desc="width=220,height=220,bytes=4151,o=1,ef=(17)"
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/svg+xml
content-disposition: attachment; filename="usdc_rvxbbz.svg"
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 21:24:46 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1892
server: Cloudinary

GET
H2 200 USD_iaefxn.png
res.cloudinary.com/dnzambf4m/image/upload/v1725995707/Casino%20Mobile/CasinoTokens/ 4 KB
4 KB 147ms
42ms Image
image/png 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1725995707/Casino%20Mobile/CasinoTokens/USD_iaefxn.png

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

2135f4ae3174439a4bd684f956f4b698fcf97fbbbadeeaa2edf60af4eedb65d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=604800
x-request-id: 23baefb5b6a4d632417e70fb297f85a0
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "0a932b8e4f54f81eadbba300770d89fd"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=5;start=2024-11-23T12:50:48.126Z;desc=hit,rtt;dur=32,content-info;desc="width=128,height=128,bytes=3913,o=1,ef=(17)"
content-length: 3913
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/png
last-modified: Tue, 10 Sep 2024 19:15:08 GMT
server: Cloudinary

GET
H2 200 USDB_k36qlh.png
res.cloudinary.com/dnzambf4m/image/upload/v1727197338/Casino%20Mobile/CasinoTokens/ 4 KB
5 KB 169ms
64ms Image
image/png 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1727197338/Casino%20Mobile/CasinoTokens/USDB_k36qlh.png

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

b90669c1be42cc62603644cee8d34c703b0bc7b5d060a2e57d2907b0405f4d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=604800
x-request-id: c0fbb6bfa6a3c188f50159c73c6ef6b1
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "656f38b200b4ad5c3645296f4dc02925"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=6;start=2024-11-23T12:50:48.125Z;desc=hit,rtt;dur=32,content-info;desc="width=140,height=140,bytes=4240,o=1,ef=(17)"
content-length: 4240
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/png
last-modified: Tue, 24 Sep 2024 17:02:19 GMT
server: Cloudinary

GET
H2 200 BTC_px3lak.svg
res.cloudinary.com/dnzambf4m/image/upload/v1727817884/Casino%20Mobile/Coin/ 2 KB
1 KB 170ms
66ms Image
image/svg+xml 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1727817884/Casino%20Mobile/Coin/BTC_px3lak.svg

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

ef5ff6e02ccab6c38c0b2525d19053bf8edb1e90929fa94e29739b89c9efc39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

x-request-id: 36a88ef706b71984470c7da65099d61e
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
content-encoding: br
etag: W/"4e62b93b0bd72a11f71b27e0b9edb93a"
x-content-type-options: nosniff
server-timing: cld-akam;dur=7;start=2024-11-23T12:50:48.125Z;desc=hit,rtt;dur=32,content-info;desc="width=220,height=220,bytes=1632,o=1,ef=(17)"
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/svg+xml
content-disposition: attachment; filename="BTC_px3lak.svg"
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 21:24:46 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 817
server: Cloudinary

GET
H2 200 ETH_e93uwq.svg
res.cloudinary.com/dnzambf4m/image/upload/v1705635301/Casino%20Mobile/CasinoTokens/ 964 B
971 B 579ms
577ms Image
image/svg+xml 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1705635301/Casino%20Mobile/CasinoTokens/ETH_e93uwq.svg

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

aeb668ddda93f7a7667df30eebc630711af466676b1535d007d9ff933aa801de

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
content-encoding: br
etag: W/"e825ae5cef071f10c4ff28098992a8da"
x-content-type-options: nosniff
server-timing: cld-akam;dur=241;start=2024-11-23T12:50:48.453Z;desc=hit,rtt;dur=32,content-info;desc="width=800,height=800,bytes=964,o=1,ef=(17)"
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/svg+xml
content-disposition: attachment; filename="ETH_e93uwq.svg"
vary: Accept-Encoding
last-modified: Fri, 19 Jan 2024 03:35:03 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 459
server: Cloudinary

GET
H2 200 SOL_tbjlek.png
res.cloudinary.com/dnzambf4m/image/upload/v1730755415/Casino%20Mobile/Coin/ 1 KB
2 KB 100ms
98ms Image
image/png 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1730755415/Casino%20Mobile/Coin/SOL_tbjlek.png

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

0e541ba8e572c4264c47d552d878622591e8f859463ce3886e80487e8eb3f70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=604800
x-request-id: b5434cee43c42905e5c8fb8f9f0e689e
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "49246d765a875d11b13a6f8b3c9f0594"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=6;start=2024-11-23T12:50:48.215Z;desc=hit,rtt;dur=32,content-info;desc="width=32,height=32,bytes=1165,o=1,ef=(17)"
content-length: 1165
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/png
last-modified: Mon, 04 Nov 2024 21:23:36 GMT
server: Cloudinary

GET
H2 200 BNB_iad7hp.svg
res.cloudinary.com/dnzambf4m/image/upload/v1727817884/Casino%20Mobile/Coin/ 794 B
905 B 101ms
99ms Image
image/svg+xml 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1727817884/Casino%20Mobile/Coin/BNB_iad7hp.svg

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

8ff2cda2f7b0935e6e3c228c4a0fbc6a74bb439a92121d82062d1740d7295fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

x-request-id: 4041f9a6abab6b79cf04704b6309433a
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
content-encoding: br
etag: W/"357cad2d99141003296b3627397fce17"
x-content-type-options: nosniff
server-timing: cld-akam;dur=5;start=2024-11-23T12:50:48.215Z;desc=hit,rtt;dur=32,content-info;desc="width=220,height=220,bytes=794,o=1,ef=(17)"
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/svg+xml
content-disposition: attachment; filename="BNB_iad7hp.svg"
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 21:24:46 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 361
server: Cloudinary

GET
H2 200 DOGE_d2ivi9.svg
res.cloudinary.com/dnzambf4m/image/upload/v1727817882/Casino%20Mobile/Coin/ 1 KB
1 KB 102ms
100ms Image
image/svg+xml 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1727817882/Casino%20Mobile/Coin/DOGE_d2ivi9.svg

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

d820c9c894af54762b5f64a33911888597a0b67046b04cd7d881fefb883d41c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

x-request-id: 3b047df18731ef269e9517f696f6e47d
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
content-encoding: br
etag: W/"d71b9ba04b3965ef150bd322d64236b8"
x-content-type-options: nosniff
server-timing: cld-akam;dur=6;start=2024-11-23T12:50:48.222Z;desc=hit,rtt;dur=32,content-info;desc="width=220,height=220,bytes=1196,o=1,ef=(17)"
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/svg+xml
content-disposition: attachment; filename="DOGE_d2ivi9.svg"
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 21:24:44 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 571
server: Cloudinary

GET
H2 200 ltc_a7c8sm.svg
res.cloudinary.com/dnzambf4m/image/upload/v1727817882/Casino%20Mobile/Coin/ 1 KB
1 KB 102ms
101ms Image
image/svg+xml 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1727817882/Casino%20Mobile/Coin/ltc_a7c8sm.svg

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

4dfd15e6b9573a5c52857272af0e7bb9bdee4da970af4e80e259e3c2e673e93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

x-request-id: f4b339bb10a0343d8bb0938f45125ae4
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
content-encoding: br
etag: W/"99344f75443a70f274a2912077ca3557"
x-content-type-options: nosniff
server-timing: cld-akam;dur=6;start=2024-11-23T12:50:48.225Z;desc=hit,rtt;dur=32,content-info;desc="width=220,height=220,bytes=1428,o=1,ef=(17)"
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/svg+xml
content-disposition: attachment; filename="ltc_a7c8sm.svg"
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 21:24:44 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 705
server: Cloudinary

GET
H2 200 TRON_yvdp3y.png
res.cloudinary.com/dnzambf4m/image/upload/v1730755415/Casino%20Mobile/Coin/ 2 KB
2 KB 115ms
113ms Image
image/png 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1730755415/Casino%20Mobile/Coin/TRON_yvdp3y.png

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

aacbd20c5da886262e39b1659e95d78371c2b3f58840b4cb7ec3a14db22de68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=604800
x-request-id: 7e61feafe538c3e7b3a43f462d48c06a
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "bd7c689d98783d8b0bc32d087ca978d1"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=6;start=2024-11-23T12:50:48.229Z;desc=hit,rtt;dur=37,content-info;desc="width=32,height=32,bytes=1913,o=1,ef=(17)"
content-length: 1913
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/png
last-modified: Mon, 04 Nov 2024 21:23:36 GMT
server: Cloudinary

GET
H2 200 Binance_hyrlpv.png
res.cloudinary.com/dnzambf4m/image/upload/v1730743500/Casino%20Mobile/DepositFrom/ 4 KB
4 KB 118ms
116ms Image
image/png 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1730743500/Casino%20Mobile/DepositFrom/Binance_hyrlpv.png

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

e40d163c00d07939430cfa2c716035f2d9756ffbe81cce5c940ed8b499436556

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=604800
x-request-id: 15093f0ecbd47c8b8ecdba3c060e8908
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "acb202afff76c34bc86650f5fe4917b5"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=10;start=2024-11-23T12:50:48.226Z;desc=hit,rtt;dur=37,content-info;desc="width=123,height=66,bytes=3975,o=1,ef=(17)"
content-length: 3975
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/png
last-modified: Mon, 04 Nov 2024 18:05:02 GMT
server: Cloudinary

GET
H2 200 Coinbase_nzqrf2.png
res.cloudinary.com/dnzambf4m/image/upload/v1730737592/Casino%20Mobile/DepositFrom/ 3 KB
4 KB 102ms
101ms Image
image/png 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1730737592/Casino%20Mobile/DepositFrom/Coinbase_nzqrf2.png

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

abe1ceff8ea65aee287b7c15bb7fe024f2aae794b09a61d51b4005186dcc7bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=604800
x-request-id: 6a4f8ba6956f630f653ed3b4a2450b38
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "de90c479eeb11200f8c3089076467925"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=5;start=2024-11-23T12:50:48.218Z;desc=hit,rtt;dur=32,content-info;desc="width=162,height=54,bytes=3530,o=1,ef=(17)"
content-length: 3530
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/png
last-modified: Mon, 04 Nov 2024 16:26:34 GMT
server: Cloudinary

GET
H2 200 MasterCard_xmhc6h.png
res.cloudinary.com/dnzambf4m/image/upload/v1730755288/Casino%20Mobile/DepositFrom/ 7 KB
7 KB 106ms
104ms Image
image/png 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1730755288/Casino%20Mobile/DepositFrom/MasterCard_xmhc6h.png

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

c98ca359ef2c2d45a6b47726c7c03a9f72a348e57edf6090f520ba4d31e91a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=604800
x-request-id: eb15af5b94aa6e632c605eeec68cc6dc
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "3a0c87fb14adc3ee4407cac8683864ad"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=5;start=2024-11-23T12:50:48.215Z;desc=hit,rtt;dur=32,content-info;desc="width=140,height=112,bytes=7004,o=1,ef=(17)"
content-length: 7004
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/png
last-modified: Mon, 04 Nov 2024 21:21:29 GMT
server: Cloudinary

GET
H2 200 Visa_sm0ljh.png
res.cloudinary.com/dnzambf4m/image/upload/v1730737592/Casino%20Mobile/DepositFrom/ 3 KB
4 KB 109ms
108ms Image
image/png 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1730737592/Casino%20Mobile/DepositFrom/Visa_sm0ljh.png

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

f0ef87321d7e8d7a7aa81d4cbe822e828cd85ffc2b2b681a094e2dea682c6019

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=604800
x-request-id: 93866798fc2de6b0249c280146332db1
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "107f4cdb05cdadb0fe7747b57d29f6ee"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=6;start=2024-11-23T12:50:48.215Z;desc=hit,rtt;dur=32,content-info;desc="width=114,height=36,bytes=3534,o=1,ef=(17)"
content-length: 3534
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/png
last-modified: Mon, 04 Nov 2024 16:26:33 GMT
server: Cloudinary

GET
H2 200 AmericanExpress_zocox5.png
res.cloudinary.com/dnzambf4m/image/upload/v1730755288/Casino%20Mobile/DepositFrom/ 4 KB
4 KB 112ms
111ms Image
image/png 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1730755288/Casino%20Mobile/DepositFrom/AmericanExpress_zocox5.png

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

97bc43546d414106f5439868a7075f309ff404287e55ea1f2290c645581cf988

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=604800
x-request-id: f2bc8860f0fbbdfc1fb0dbbec867a922
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "6bcbacd4989a542947e4baa3bb83f388"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=8;start=2024-11-23T12:50:48.226Z;desc=hit,rtt;dur=37,content-info;desc="width=122,height=140,bytes=4116,o=1,ef=(17)"
content-length: 4116
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/png
last-modified: Mon, 04 Nov 2024 21:21:29 GMT
server: Cloudinary

GET
H2 200 Bag_Small_ax7dey.png
res.cloudinary.com/dnzambf4m/image/upload/v1719285566/ 9 KB
9 KB 119ms
118ms Image
image/png 23.220.128.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dnzambf4m/image/upload/v1719285566/Bag_Small_ax7dey.png

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.220.128.40 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-40.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

0f479bcfbb43f49aa2343fc5b0ec35e114d0955febdfc7c50f2a20dbd018e72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=604800
x-request-id: e1b9de60e4a33b899dfe2246fb8d2553
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "e0b24747f145040bee2b4f17f68513fb"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=19;start=2024-11-23T12:50:48.215Z;desc=hit,rtt;dur=32,content-info;desc="width=67,height=82,bytes=9170,o=1,ef=(17)"
content-length: 9170
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/png
last-modified: Tue, 25 Jun 2024 03:19:27 GMT
server: Cloudinary

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2222b2b62852f134cd99f4142aedefba015dce3195435f641aad0563d1c8a3dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cb908f689342e00913367ccdff96639dc02b65421d0dfc8af30b5cf0a6fea47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f6e8d9157e852bd9b0390b25494d56f6d5e2ab480eba71e1aeb0064009fd2b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 image
bag.win/_next/ 1 KB
1 KB 162ms
161ms Image
image/webp 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bag.win/_next/image?url=https%3A%2F%2Fres.cloudinary.com%2Fdnzambf4m%2Fimage%2Fupload%2Fv1719285566%2FBag_Small_ax7dey.png&w=32&q=75

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

551f1d5f1fa7b0c417e3d5bf6aea97fe700af6c5ac0c10c85cb988ab0493682d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

cf-cache-status: DYNAMIC
etag: VR8dXx+nsMQX49W-auqX-nAK9sWsDBDIXLmIqwSTaC0=
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/webp
vary: Accept
content-disposition: inline; filename="Bag_Small_ax7dey.webp"
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=2592000, must-revalidate
cf-ray: 8e71497a79cdaaf4-YYZ
content-length: 1096
x-nextjs-cache: HIT
server: cloudflare

GET
H3 200 image
bag.win/_next/ 634 B
981 B 161ms
158ms Image
image/webp 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bag.win/_next/image?url=https%3A%2F%2Fres.cloudinary.com%2Fdnzambf4m%2Fimage%2Fupload%2Fv1728327940%2FCasino%2520Mobile%2FFlags%2FGB_m4nukq.png&w=32&q=75

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4edd6b32d7a83ce63a1caf33dc539fa2c910ca020319fe3e15b9aa0dded83692

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

cf-cache-status: DYNAMIC
etag: Tt1rMteoPOY6HK8z3FOfoskQygIDGf4+FbmqDd7YNpI=
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/webp
vary: Accept
content-disposition: inline; filename="GB_m4nukq.webp"
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=2592000, must-revalidate
cf-ray: 8e71497a79d0aaf4-YYZ
content-length: 634
x-nextjs-cache: HIT
server: cloudflare

GET
H3 200 image
bag.win/_next/ 5 KB
5 KB 161ms
159ms Image
image/webp 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bag.win/_next/image?url=https%3A%2F%2Fres.cloudinary.com%2Fdnzambf4m%2Fimage%2Fupload%2Fv1731621216%2Fpocket-casino_csp8a9.png&w=256&q=75

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ef65a8e36e4157047322c38c16a0c384465cdcefb9b885f5991a0708fb4ff25

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

cf-cache-status: DYNAMIC
etag: LvZajjbkFXBHMiw4wWoMOERlzc77m4hfWZGgcI+0-yU=
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/webp
vary: Accept
content-disposition: inline; filename="pocket-casino_csp8a9.webp"
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=2592000, must-revalidate
cf-ray: 8e71497a79d1aaf4-YYZ
content-length: 4976
x-nextjs-cache: HIT
server: cloudflare

GET
H3 200 image
bag.win/_next/ 5 KB
5 KB 178ms
176ms Image
image/webp 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bag.win/_next/image?url=https%3A%2F%2Fres.cloudinary.com%2Fdnzambf4m%2Fimage%2Fupload%2Fv1729026834%2Fdeposit-bonus_ox1f0b.png&w=256&q=75

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

583a66a4cf536dca3cce003983e99f8a56861d74a4fe2c682c816e5bdeee3aaf

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

cf-cache-status: DYNAMIC
etag: WDpmpM9Tbco8zgA5g+mfilaGHXSk-ixoLIFuW97uOq8=
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/webp
vary: Accept
content-disposition: inline; filename="deposit-bonus_ox1f0b.webp"
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=2592000, must-revalidate
cf-ray: 8e71497a79d3aaf4-YYZ
content-length: 5250
x-nextjs-cache: HIT
server: cloudflare

GET
H3 200 image
bag.win/_next/ 6 KB
6 KB 440ms
438ms Image
image/webp 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bag.win/_next/image?url=https%3A%2F%2Fres.cloudinary.com%2Fdnzambf4m%2Fimage%2Fupload%2Fv1729031040%2Fcasino-leaderboard_zbfjca.png&w=256&q=75

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47f0215b808a06e7bf9f04a3e4cd7b283e19c8419c0a20ffbc61077628edfd03

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

cf-cache-status: DYNAMIC
etag: R-AhW4CKBue-nwSj5M17KD4ZyEGcCiD-vGEHdijt-QM=
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/webp
vary: Accept
content-disposition: inline; filename="casino-leaderboard_zbfjca.webp"
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=2592000, must-revalidate
cf-ray: 8e71497a79d4aaf4-YYZ
content-length: 5646
x-nextjs-cache: HIT
server: cloudflare

GET
H3 200 image
bag.win/_next/ 6 KB
6 KB 172ms
171ms Image
image/webp 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bag.win/_next/image?url=https%3A%2F%2Fres.cloudinary.com%2Fdnzambf4m%2Fimage%2Fupload%2Fv1729030993%2Fpoker-leaderboard_d4trhk.png&w=256&q=75

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2f0072157accd631588395b30422e4b859c68a756169e39a79d1dfa7d9681c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

cf-cache-status: DYNAMIC
etag: 8vAHIVeszWMViDlbMEIuS4WcaKdWFp45p50d+n2WgcU=
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/webp
vary: Accept
content-disposition: inline; filename="poker-leaderboard_d4trhk.webp"
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=2592000, must-revalidate
cf-ray: 8e71497a79d5aaf4-YYZ
content-length: 6034
x-nextjs-cache: HIT
server: cloudflare

GET
H3 200 image
bag.win/_next/ 5 KB
5 KB 173ms
171ms Image
image/webp 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bag.win/_next/image?url=https%3A%2F%2Fres.cloudinary.com%2Fdnzambf4m%2Fimage%2Fupload%2Fv1726858269%2Fhot_hand_jackpot_l2q6wh.png&w=256&q=75

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c03549b9c84954a16cfd3efa94ccb19300669d4adbb06c0644b34fe6697fdff

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

cf-cache-status: DYNAMIC
etag: PANUm5yElUoWz9PvqUzLGTAGadStuwbAZEs0-maX-f8=
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/webp
vary: Accept
content-disposition: inline; filename="hot_hand_jackpot_l2q6wh.webp"
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=2592000, must-revalidate
cf-ray: 8e71497a79d6aaf4-YYZ
content-length: 4942
x-nextjs-cache: HIT
server: cloudflare

GET
H2 200 settings Show response
chat.mava.app/api/ 629 B
919 B 119ms
119ms Fetch
application/json 52.29.150.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mava.app/api/settings?clientToken=20640f4b3ad3403cbf7bd086dd31b82213b4762ab9fcfd03da1d0203b015f9cf
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.150.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-150-176.eu-central-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 8aafde23d35564169c85582487548de3283ffdbbe90feac9fdb45f96694af0f3

Request headers

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY3NDFjZmE4OThmYWQwMjlhNzU5MDFiZCIsImNsaWVudCI6IjY1YjNlODg2Nzk0NDhmMmRkZWUzNzRjMyIsImlhdCI6MTczMjM2NjI0OCwiZXhwIjoxNzYzOTAyMjQ4fQ.IxlR-en-KwTAMa3BN82wEgwdMjrxrEF_9So8PgMD-Us
Referer: https://bag.win/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-max-age: 31536000
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE
access-control-allow-origin: *
content-length: 629
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: application/json; charset=utf-8
server: nginx/1.22.1
access-control-allow-headers: Content-Type, x-auth-signature, x-auth-token, Authorization

OPTIONS
H2 200 settings
chat.mava.app/api/ Frame 0
0 112ms
111ms Preflight
application/json 52.29.150.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.mava.app/api/settings?clientToken=20640f4b3ad3403cbf7bd086dd31b82213b4762ab9fcfd03da1d0203b015f9cf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.150.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-150-176.eu-central-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://bag.win
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-auth-signature, x-auth-token, Authorization
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE
access-control-allow-origin: *
access-control-max-age: 31536000
content-length: 3
content-type: application/json; charset=utf-8
date: Sat, 23 Nov 2024 12:50:48 GMT
server: nginx/1.22.1

GET
H2 200 css2
fonts.googleapis.com/ Frame 918E 6 KB
1 KB 133ms
51ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

648c19b643eb932f736c030adc1cb7cd6cf19a95b211667924d7380755448429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 23 Nov 2024 12:50:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 23 Nov 2024 11:38:55 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
DATA 200
OK truncated
/ Frame 918E 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e40e31479ac64ae2af7cca5e3a2f227ac102c47337297f875bd975ca97e84bcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 66477b347b47e6a81ef84fcde11bcd40-bag.win-f8da7bc3b851aa8b9492d1602f743194bd88d0ee4ce31d7a7fbdd5440a030f9d59ba46e845ef7200e9e353c9bb6ddda8-c2VhbC5wbmc%3D
48714c3f-8f7a-437a-8149-53f1ad9d8b2c.snippet.anjouangaming.org/sealassets/ 18 KB
18 KB 350ms
350ms Image
image/png 18.238.80.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://48714c3f-8f7a-437a-8149-53f1ad9d8b2c.snippet.anjouangaming.org/sealassets/66477b347b47e6a81ef84fcde11bcd40-bag.win-f8da7bc3b851aa8b9492d1602f743194bd88d0ee4ce31d7a7fbdd5440a030f9d59ba46e845ef7200e9e353c9bb6ddda8-c2VhbC5wbmc%3D?status=valid

Requested by

Host: bag.win
URL: https://bag.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.80.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-80-83.jfk52.r.cloudfront.net

Software

cloudflare / Express

Resource Hash

63ad72ef2e07720b5bb805627cf051b65195fabae0bd633184adedeef64120a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=1200
cf-cache-status: DYNAMIC
etag: W/"4677-tYIWOtQczOg6bY2g/vzOIK06RyA"
via: 1.1 e8d43fa48b39621b588a1a1ac423b626.cloudfront.net (CloudFront)
cf-ray: 8e71497db968580c-IAD
x-cache: Miss from cloudfront
content-length: 18039
x-amz-cf-id: svQPEH6rJTLoHkoBc7sxgUYZeTSH_w_rJ3rux-jJguIac27d2UVfhw==
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/png
x-powered-by: Express
server: cloudflare
x-amz-cf-pop: JFK52-P5

GET
H2 200 54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
48714c3f-8f7a-437a-8149-53f1ad9d8b2c.snippet.anjouangaming.org/ 68 B
432 B 32ms
31ms Image
image/png 18.238.80.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://48714c3f-8f7a-437a-8149-53f1ad9d8b2c.snippet.anjouangaming.org/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
Requested by: Host: bag.win
URL: https://bag.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-83.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

cache-control: no-cache, no-store, must-revalidate
etag: "e679fbd466a2d656f194a5da4fa083cd"
age: 1539004
via: 1.1 e8d43fa48b39621b588a1a1ac423b626.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 68
x-amz-cf-id: GeXqyYVYXCALxsfpJRKcygHyL4ay1XAAnKEV9F3Ka6AAF4rM6vVa7A==
date: Tue, 05 Nov 2024 17:20:45 GMT
content-type: image/png
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B45C21B0C8C54C6BBDB5A35E76E5F851&RedC=c.clarity.ms&MXFR=20EFFDA7B17467341134E8E7B57469D2
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B45C21B0C8C54C6BBDB5A35E76E5F851&MUID=040603E3872B681F3E9116A386016964

42 B
442 B

37ms
36ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B45C21B0C8C54C6BBDB5A35E76E5F851&MUID=040603E3872B681F3E9116A386016964
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Sat, 23 Nov 2024 12:50:48 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B45C21B0C8C54C6BBDB5A35E76E5F851&MUID=040603E3872B681F3E9116A386016964
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C3BD37A7511C436798A8A56B78AB3C2E Ref B: YTO01EDGE0822 Ref C: 2024-11-23T12:50:49Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Sat, 23 Nov 2024 12:50:48 GMT
x-powered-by: ASP.NET

GET
H3 200 favicon.ico
bag.win/ 4 KB
2 KB 156ms
155ms Other
image/x-icon 104.18.26.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bag.win/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f0133a08cabe213047bc7f3137b1793d569043abebfb152bed1937a831e1325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://bag.win/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"10be-1934621c2f0"
x-content-type-options: nosniff
expires: Sat, 23 Nov 2024 16:50:49 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 12:50:49 GMT
content-type: image/x-icon
last-modified: Tue, 19 Nov 2024 20:33:58 GMT
vary: Accept-Encoding
priority: u=1,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=14400
cf-ray: 8e7149805d9baaf4-YYZ
server: cloudflare

POST
H/1.1 204
No Content collect Show response
b.clarity.ms/ 0
271 B 103ms
99ms XHR
text/plain 4.153.129.168
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://bag.win/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://bag.win
Date: Sat, 23 Nov 2024 12:50:49 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 204 collect Show response
www.google-analytics.com/g/ 0
57 B 47ms
45ms Fetch
text/plain 142.251.179.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-F2PD9TLKTV&gtm=45je4bk0v9195999518za200&_p=1732366246137&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1972359154.1732366246&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&dp=%2Fref%2Ffiftysat&sid=1732366246&sct=1&seg=0&dl=https%3A%2F%2Fbag.win%2F&dt=&_s=2&tfd=8066
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.179.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: pd-in-f138.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://bag.win/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://bag.win
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 12:50:51 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bag.win
URL: blob:https://bag.win/2baec721-7c26-4445-9479-ed4023f5e901

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NS24DT

Domain: api.decentral.games
URL: https://api.decentral.games/admin/getAppConfig

Domain: api.decentral.games
URL: https://api.decentral.games/games/getThirdPartyGames

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bag.win/	1970-01-21 09:58:22	Name: ajs_anonymous_id Value: a7abe97e-34cb-41f8-b84b-bd7c7f179b77
www.clarity.ms/	1970-01-21 09:58:22	Name: CLID Value: b0dea708f3c64b72aa6d0afb3d942f8f.20241123.20251123
.bag.win/	1970-01-21 09:58:22	Name: cf_clearance Value: rl_CE5fihWDWQDPWTUMRuVafW6uNA863SwjKYrrhf9g-1732366246-1.2.1.1-7WXiLw8XY9YDnkf4dWvZeQokeAW4M19KhfL3hBPvX2Dn9LljLFo13JS1pZTkXmsMa5x4X3ddzud.Lrd8G.kegI82QRgAd0ovoZiS10vXVy0YdOA3K9XcH1UGLgrreNB4pK8ab2ySsRRFweLR_NCUmGzptAwsBQbKJcbLLHPjHK6cewzsu7JUKLTP_5M.plDakq41dEe49474ndPl6xjjs6SCzp7R6MI9.zdOY7OWgoWOwpleuV2.j.G7ZLgzm7mE3DoFSwEgDO7bourXeOhzCjK2DeIe.GIb0E7WR8RcRikBbejjeQYYdPrfSvqbown8BGj4w7IBvjTncyah0jkyC9OhoWnLSlLSQ44Y_VjYZGbG1ye8FoqKTi2skEI9mZIL
.bag.win/	1970-01-21 10:48:46	Name: _ga Value: GA1.1.1972359154.1732366246
.bag.win/	1970-01-21 09:58:22	Name: _clck Value: 1q29ku7%7C2%7Cfr4%7C0%7C1788
.bag.win/	1970-01-21 01:14:12	Name: _clsk Value: 1jmxmyf%7C1732366246935%7C1%7C1%7Cb.clarity.ms%2Fcollect
.walletconnect.com/	1970-01-21 01:12:48	Name: __cf_bm Value: hHh1rpI69q_V96S1SA3I5eNpFMWEm7DYQLYT3BjUtFY-1732366247-1.0.1.1-J52dNJDNYCXyfINLaSJqO5MTqQGIH3lwYuEX8BPQrj7N7IdQS8trjEJrdp8KmBiij8kuqt368x1y7CWqzpPFRA
.bag.win/	1970-01-21 10:48:46	Name: _ga_F2PD9TLKTV Value: GS1.1.1732366246.1.1.1732366247.0.0.0
.bag.win/	1970-01-21 01:12:48	Name: __cf_bm Value: 2deK0KU07LUbAXYZNKTWtJc2OUggNnDstNnT5.dEGno-1732366249-1.0.1.1-yjC9HP8f7W89feGGKY6L.pJwyv_tS_x9xoX219Xj2Sfzz7s1FiperYvMv8kF.vdnicYsR7xdhc2nrscushvhEg
.bing.com/	1970-01-21 10:34:22	Name: MUID Value: 040603E3872B681F3E9116A386016964
.c.bing.com/	1970-01-21 01:22:51	Name: MR Value: 0
.c.bing.com/	1970-01-21 10:34:22	Name: SRM_B Value: 040603E3872B681F3E9116A386016964
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:34:22	Name: MUID Value: 040603E3872B681F3E9116A386016964
.c.clarity.ms/	1970-01-21 01:22:51	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 01:12:46	Name: ANONCHK Value: 0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl Message: Access to XMLHttpRequest at 'https://api.decentral.games/admin/getAppConfig' from origin 'https://bag.win' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.decentral.games/admin/getAppConfig Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl Message: Access to XMLHttpRequest at 'https://api.decentral.games/games/getThirdPartyGames' from origin 'https://bag.win' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.decentral.games/games/getThirdPartyGames Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://bag.win/ref/fiftysat?twclid=25rt4mncdn0db7gn61c9neeipl Message: Refused to execute script from 'https://bag.win/ref/js/lib-jitsi-external-api.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

48714c3f-8f7a-437a-8149-53f1ad9d8b2c.snippet.anjouangaming.org
api.decentral.games
api.segment.io
b.clarity.ms
bag.win
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.segment.com
chat.mava.app
explorer-api.walletconnect.com
fonts.googleapis.com
res.cloudinary.com
telegram.org
verify.walletconnect.com
widget.mava.app
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
api.decentral.games
bag.win
www.googletagmanager.com
104.18.26.237
104.18.27.46
13.107.246.40
13.226.94.89
142.250.31.97
142.251.179.138
149.154.167.99
151.101.65.229
172.253.63.95
172.66.43.114
18.238.80.83
20.110.205.119
204.79.197.237
23.220.128.40
35.166.226.67
4.153.129.168
52.29.150.176
99.86.191.237
0236ca1c9ca15fafaabee69e69e3e8a0570801cbb31da6768ba8318070baed97
0697f71f54f0dc950e46cb2d603e0f5fdd5f80d7ee9dd06902053da9a5ec8f2c
07d89e4f855aa30d735b287334f9cc49e12299c7d55b56f2499caee15ff9529f
0bb72f567d1c8f4797ca49a346ab2187603ce74ec85fb44e733464a4cc5c0545
0bc2c3b580f2b1f6a44c53e0e02131c6abeb831f53e53221c1d10a6f2977ce08
0e541ba8e572c4264c47d552d878622591e8f859463ce3886e80487e8eb3f70a
0e81cfe19fd85d20a27ae58b45da3e8b3bfc2b67a8197906271fc475787c2698
0f479bcfbb43f49aa2343fc5b0ec35e114d0955febdfc7c50f2a20dbd018e72c
0f6e8d9157e852bd9b0390b25494d56f6d5e2ab480eba71e1aeb0064009fd2b3
10d0ea03d339faf69a3ffea42c8315f0ea44887af8feb0e2239deff9557959ea
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1b43000b7882d451291a35101e12e256552ded456c4f5eef3f3a0672eae2318b
1f5805a319f19c0969f361ab17ac9978afbf4e1efa69a9976fbc59034687f620
1fb7c70f4852ba763a4d573fb5c3c28beab13e75a0e72e28cf78622fa920dda5
2135f4ae3174439a4bd684f956f4b698fcf97fbbbadeeaa2edf60af4eedb65d7
2222b2b62852f134cd99f4142aedefba015dce3195435f641aad0563d1c8a3dd
22318b27ce957658905325dfadcb27beebd24cd561309de82a9eca6c5a791b77
22e21808e8132f8bf681d0a75379a0f9f60218b26ec1ff9594ac61d3b9b1e3a4
23b74050cc139e4fbc1e5f37550006a8698acb35af0d28899b8afaadd33d40b6
270d1ac5e3d64a7c2618a9d2c6b8b992c8f79f9bfb41fe7a06cce7f22f6e614b
29bfd1a8e50429332ffefdd5083305b87f115571829f31f617613077fc6356d2
2afca389fab7fb59ce8f7e39c2796f4e48e3e292f24558710fc9359fe8da86b5
2cb908f689342e00913367ccdff96639dc02b65421d0dfc8af30b5cf0a6fea47
2d6974f9dd38cfc8768e04f7f2268ba859968f7239126a062e677b0405fedc83
2e4db7cebb517a9dffb833d5ec75b5e91b9eff4eeae380476df7f85e21459081
2ef65a8e36e4157047322c38c16a0c384465cdcefb9b885f5991a0708fb4ff25
332235989f1c6d09417e16ad3f51a0cd398fb03fbc00d4441347618f5e412f12
38948bf5b6744e2528d5bc2a7876e71fcda91cd574c275c26fe3e25cb2a8dad4
3ab59994e7fad6650796e799102a64bcd660dd1b421887c74989729fcea14efc
3bd6338da132e5c18826bd471b144fc40cf6ca242eca3bb3ac5f570590db25ad
3c03549b9c84954a16cfd3efa94ccb19300669d4adbb06c0644b34fe6697fdff
3fbf903426d5a1a458a6a30a0d0c60f54fb14eda10bb28a721fad653584aaca9
43c7fd9093e259ee7ae3bf3705a022c8bf24162111500045c82f9c090e95081f
44a61c9c2661b1f8515132de5b4c7d7b167c770127160e16345139d1e51cd421
453ca013615baa4212000cc41322a6596b3051cd322065f4f30d20c7600b8b4d
47f0215b808a06e7bf9f04a3e4cd7b283e19c8419c0a20ffbc61077628edfd03
4dfd15e6b9573a5c52857272af0e7bb9bdee4da970af4e80e259e3c2e673e93a
4edd6b32d7a83ce63a1caf33dc539fa2c910ca020319fe3e15b9aa0dded83692
4f8c7f1676f203a06807855d14562fa6758d55da86c45f5939a59b692eff6950
551f1d5f1fa7b0c417e3d5bf6aea97fe700af6c5ac0c10c85cb988ab0493682d
583a66a4cf536dca3cce003983e99f8a56861d74a4fe2c682c816e5bdeee3aaf
5f0133a08cabe213047bc7f3137b1793d569043abebfb152bed1937a831e1325
63ad72ef2e07720b5bb805627cf051b65195fabae0bd633184adedeef64120a7
648c19b643eb932f736c030adc1cb7cd6cf19a95b211667924d7380755448429
6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298
6cabf8da2909f622aabcac4428da9161c8b6f436685ef8cdb1fcb4f3c259b3b6
6df3805da066f2dbaeaa547b4ca83fa5c7c10ca8b6ba4357b0897bf3cc3b9a1f
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
72068434e6cc5f8b96cf1d1c03d1d71c48bf4205de1d8a271b75d07d89df4a67
7322366f405e4dea693b51b5213048e3780cd1cdc21f72b934e7c0d4daacfd03
795be942a3922d04e7ba8fe318a749f0d4e444574b42521b66beb27ad93f13b6
8aafde23d35564169c85582487548de3283ffdbbe90feac9fdb45f96694af0f3
8d9bf10bf21e922dcfa7a4fea7e5e3048de02a23ca125212e399657b25555ee7
8d9c563fecad555bd089f916eade1b721a5a78a3cedb0c4033336619b7548938
8e352c8a9e65670d43fa8709cbde5535226746cc4d4777e07b251e117ca4aa95
8ff2cda2f7b0935e6e3c228c4a0fbc6a74bb439a92121d82062d1740d7295fff
97bc43546d414106f5439868a7075f309ff404287e55ea1f2290c645581cf988
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bb886e5b6b0ba13ecbac1ec4c3f1c8afa27c8107ceee3510a2b182bc2df14bf
9f0836b1e738020abddc1f22ec455025fbf41d30a36cbf202ce5b00236bcb662
a03b648c0abbda21a82b6f3975b6068ca0fbc275c6710a877c528b8f0e7a12d9
a19a9c897442f30152f94cdd6644e7e002eb60cd94394a72258f1b8b6a1e5e77
a348e45bec7b93bf1fe769cdce2ae94329b267f02345e8830349b9908faac8e2
aacbd20c5da886262e39b1659e95d78371c2b3f58840b4cb7ec3a14db22de68d
abe1ceff8ea65aee287b7c15bb7fe024f2aae794b09a61d51b4005186dcc7bc5
ac3ab06433e114c3e21ae87b9ba5b79cb3ee2829e4354397352fd04d01251e22
aeb668ddda93f7a7667df30eebc630711af466676b1535d007d9ff933aa801de
b1dc132c7539ee9d1e0eb76fe5026795b13c128ec3dbfb97c700b7e650c30b5c
b8b3115f5892701b599f307729bb2d800e65355bd4b4b0e3c29eda4fc04b169f
b90669c1be42cc62603644cee8d34c703b0bc7b5d060a2e57d2907b0405f4d48
b95bc545e12f4f4b215ee02a296ddf648df609b3ea8da99d11f38ad5939a7f1b
c388a827cb8bc0a321b8c622b9caf3928269f2c5d7cb4c754f4964baee8b2691
c636ba07da1373f4c0e7ef915f807b125b1921f03cac429a4805c1cb22750659
c7ab2d73cf7d538face08bcdde95b928ce609a970237c8811ca3c76059c8bb2f
c98ca359ef2c2d45a6b47726c7c03a9f72a348e57edf6090f520ba4d31e91a85
d223a2959e7ca9ded5234e39fd6e8743512786d824c0f0185b9be8d67bb2032a
d5c8aaa2a84db673958e97ab253f607af3c9b23c37338f9aefe2733f4aa2565c
d820c9c894af54762b5f64a33911888597a0b67046b04cd7d881fefb883d41c7
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e35355fd108a997fcc1cd4ea3e24bb38e798fda6948b9e3ad4f3b77d59fad980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d163c00d07939430cfa2c716035f2d9756ffbe81cce5c940ed8b499436556
e40e31479ac64ae2af7cca5e3a2f227ac102c47337297f875bd975ca97e84bcf
e710e5e2d6b69e8655b1c054d2c84498e81f21866fccca2e746270291e1d6c35
e87f9fa6f3d304979959ab26b3d015be528dd1c3baf9fafe3927ac94efa1c9bc
edea8ec39cd2b1bce7319f3f711ed06616d049dc51b479d0004f6d3370f09754
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5ff6e02ccab6c38c0b2525d19053bf8edb1e90929fa94e29739b89c9efc39d
f01f4f8c069856beaa5068d593c7838a6b4661420d56865be914e971c77952d0
f08bd5fd73b03bd498bdea7b974f26bc80a03b26b6efb63e3d856fe324a1e288
f0ef87321d7e8d7a7aa81d4cbe822e828cd85ffc2b2b681a094e2dea682c6019
f24d9f1ac53de32a152f853ad482ce7c96a75a44462d1d24845b1bb91fda2bdb
f2f0072157accd631588395b30422e4b859c68a756169e39a79d1dfa7d9681c5
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f5d1b272bbdc098003bf72cda6a75a0da84953c55000594e38807356e63b5627
f8ea3d80dc02793b61a5038753931dfae14c8767d9cf768eb1002d0d87821a85
fb85f38b3f26a0c5d99c4d09a313a57139b130548f7dbdf010f357c7c41989d2
fbbc7144eaeade4a4cb766b24472f22341750b065d98a51dfd4746d8f928cee1
fe00efc616c6bc6c045e6aef76ea8eb8a415ff13325acbd89c5d4c3831af7211

bag.win Open in urlscan Pro 104.18.26.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

94 %HTTPS

0 %IPv6

15 Domains

19 Subdomains

18 IPs

4 Countries

5746 kBTransfer

17365 kBSize

16 Cookies

6 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bag.win Open in urlscan Pro
104.18.26.237 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

94 %
HTTPS

0 %
IPv6

15
Domains

19
Subdomains

18
IPs

4
Countries

5746 kB
Transfer

17365 kB
Size

16
Cookies

106 HTTP transactions
13 data transactions