urlscan.io logo urlscan.io
SecurityTrails logo

baytona.tebex.io Open in urlscan Pro
104.18.13.162  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://baytona.tebex.io/
Effective URL: https://baytona.tebex.io/
Submission: On July 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 47 HTTP transactions. The main IP is 104.18.13.162, located in and belongs to CLOUDFLARENET, US. The main domain is baytona.tebex.io.
TLS certificate: Issued by E6 on June 9th 2024. Valid for: 3 months.
This is the only time baytona.tebex.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 104.18.13.162 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a04:4e42:400... 54113 (FASTLY)
3 143.204.205.50 16509 (AMAZON-02)
1 199.232.192.193 54113 (FASTLY)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:235... 16509 (AMAZON-02)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
3 52.152.143.207 8075 (MICROSOFT...)
1 2602:816:5001... 54113 (FASTLY)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 162.247.243.29 54113 (FASTLY)
47 18
8    104.18.13.162 (None, )

ASN13335 (CLOUDFLARENET, US)
baytona.tebex.io
cdn.tebex.io
3    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
ajax.googleapis.com
3    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    143.204.205.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-50.fra53.r.cloudfront.net
dunb17ur4ymx4.cloudfront.net
1    199.232.192.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
2    2606:4700:4400::6812:22ab (United States)

ASN13335 (CLOUDFLARENET, US)
forum.cfx.re
8    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:9000:2359:1e00:d:b1e8:9040:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.nsureapi.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
1    2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
215 KB
8 tebex.io
baytona.tebex.io
cdn.tebex.io — Cisco Umbrella Rank: 967439
945 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
o.clarity.ms — Cisco Umbrella Rank: 12757
c.clarity.ms — Cisco Umbrella Rank: 1838
29 KB
3 cloudfront.net
dunb17ur4ymx4.cloudfront.net
224 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1950
84 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
ajax.googleapis.com — Cisco Umbrella Rank: 641
36 KB
2 cfx.re
forum.cfx.re — Cisco Umbrella Rank: 134688 Failed
37 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
24 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 441
599 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
770 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 1453
16 KB
1 gstatic.com
fonts.gstatic.com
33 KB
1 nsureapi.com
sdk.nsureapi.com — Cisco Umbrella Rank: 214022
49 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
2 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7108
3 KB
47 15
Domain Requested by
8 pagead2.googlesyndication.com baytona.tebex.io
pagead2.googlesyndication.com
7 baytona.tebex.io baytona.tebex.io
3 o.clarity.ms www.clarity.ms
3 dunb17ur4ymx4.cloudfront.net baytona.tebex.io
3 use.fontawesome.com baytona.tebex.io
use.fontawesome.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms baytona.tebex.io
www.clarity.ms
2 forum.cfx.re baytona.tebex.io
2 cdn.jsdelivr.net baytona.tebex.io
2 fonts.googleapis.com baytona.tebex.io
1 bam.nr-data.net js-agent.newrelic.com
1 c.bing.com 1 redirects
1 js-agent.newrelic.com baytona.tebex.io
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.tebex.io baytona.tebex.io
1 sdk.nsureapi.com baytona.tebex.io
1 cdnjs.cloudflare.com baytona.tebex.io
1 ajax.googleapis.com baytona.tebex.io
1 i.imgur.com baytona.tebex.io
47 20

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.tebex.io
Subject Issuer Validity Valid
tebex.io
E6		 2024-06-09 -
2024-09-07		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.nsureapi.com
Amazon RSA 2048 M03		 2023-11-26 -
2024-12-24		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 5 frames:

Primary Page: https://baytona.tebex.io/
Frame ID: 8EDA4B7C8824420726C9DFC1B9A86F0B
Requests: 43 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Frame ID: 5366DBEA9B9179F42CBC399789142206
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9830135219921132&output=html&h=90&slotname=7404819681&adk=2854831385&adf=154517092&pi=t.ma~as.7404819681&w=728&abgtt=3&lmt=1721361469&format=728x90&url=https%3A%2F%2Fbaytona.tebex.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721361469601&bpp=4&bdt=324&idt=156&shv=r20240717&mjsv=m202407170101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=618211058182&frm=20&pv=2&ga_vid=834140028.1721361470&ga_sid=1721361470&ga_hid=1751613375&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95334527%2C95334830%2C95337026%2C95337868%2C31085449%2C95337093%2C31078663%2C31078668%2C31078670&oid=2&pvsid=665077903748048&tmod=689669564&uas=0&nvt=1&fc=896&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=187
Frame ID: F9168FBE451A80DD7689CA9FA99CB0DD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9830135219921132&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1721361469&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbaytona.tebex.io%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_8~30_19&aiixl=32_9~27_3~30_6&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721361469748&bpp=2&bdt=471&idt=56&shv=r20240717&mjsv=m202407170101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=728x90&nras=1&correlator=618211058182&frm=20&pv=1&ga_vid=834140028.1721361470&ga_sid=1721361470&ga_hid=1751613375&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95334527%2C95334830%2C95337026%2C95337868%2C31085449%2C95337093%2C31078663%2C31078668%2C31078670&oid=2&pvsid=665077903748048&tmod=689669564&uas=0&nvt=1&fsapi=1&fc=896&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=64
Frame ID: 4D2B0A5CFFC6275E658C895531E7454B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A53EFF92A5677BA01DA1B6C5B973EF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Baytona Solutions | Welcome

Page URL History Show full URLs

  1. http://baytona.tebex.io/ HTTP 307
    https://baytona.tebex.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /particles(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

47
Requests

85 %
HTTPS

67 %
IPv6

15
Domains

20
Subdomains

18
IPs

4
Countries

1696 kB
Transfer

2669 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://baytona.tebex.io/ HTTP 307
    https://baytona.tebex.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://forum.cfx.re/user_avatar/forum.cfx.re/neon_light_rp/256/2920084_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/neon_light_rp/288/2920084_2.png
Request Chain 8
  • https://forum.cfx.re/user_avatar/forum.cfx.re/nexuscityrp/256/4307903_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/nexuscityrp/288/4307903_2.png
Request Chain 9
  • https://forum.cfx.re/user_avatar/forum.cfx.re/ndshadowz/256/3845458_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/ndshadowz/288/3845458_2.png
Request Chain 10
  • https://forum.cfx.re/user_avatar/forum.cfx.re/xrecklessx/256/4193203_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/xrecklessx/288/4193203_2.png
Request Chain 37
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D3793E9B378D44659CF1468267B47DE1&RedC=c.clarity.ms&MXFR=39021AF7DDF362252A950E36D9F36C11 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D3793E9B378D44659CF1468267B47DE1&MUID=267E811104076AA20A6695D005076BCA

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
baytona.tebex.io/
Redirect Chain
  • http://baytona.tebex.io/
  • https://baytona.tebex.io/
78 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2ac1524b54ef57481295f355669d4dd48b96ac9c8b0b71e02e2d142f4de747d5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0, s-maxage=90
cf-cache-status
DYNAMIC
cf-ray
8a57ca1c9a3f1e56-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 19 Jul 2024 03:57:49 GMT
server
cloudflare
tb-cache-country
DE
tb-cache-group
webstore
vary
Accept-Encoding
x-infra
new
x-powered-by
PHP/7.4.33
x-vat-mode
exclusive

Redirect headers

Location
https://baytona.tebex.io/
Non-Authoritative-Reason
HttpsUpgrades
style.min.css
baytona.tebex.io/templates/209/css/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://baytona.tebex.io/templates/209/css/style.min.css
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d26e6ac74fc25ea3359b6ff41aae341638a1872fa9e2fcea58285fc9749277

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
tb-cache-country
DE
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Jul 2024 08:38:22 GMT
tb-cache-group
webstore
server
cloudflare
etag
W/"668cf6fe-27588"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=0, s-maxage=90
x-infra
new
cf-ray
8a57ca1f0c1a1e56-FRA
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@100;500;700&display=swap
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d49d791a921e75d62815c14a6a4ef971df769cd05a96d85f4d25c6c6429b91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Jul 2024 03:57:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Jul 2024 03:11:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Jul 2024 03:57:49 GMT
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer
https://baytona.tebex.io/
Origin
https://baytona.tebex.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:44:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LjRWNbPqC3XE3hojm3%2Fxy8eMTOZKResnIOyPgUwqMpkbMwdTBUaRAzdD5OgtVDG1zspABKil8wZKDvQXKlyYdzjKllNP5J4bWzgNF8KYa3E%2BOZdH5A7muNNLnPAtfCZDpzbgXafpvB7FPuTYpCkEW99Q"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8a57ca1f2973914a-FRA
alt-svc
h3=":443"; ma=86400
particles.min.js
cdn.jsdelivr.net/particles.js/2.0.0/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 19 Jul 2024 03:57:49 GMT
age
4138324
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6363
x-served-by
cache-fra-eddf8230116-FRA
etag
W/"5b44-gBf4sYaQd9tyhXPxykaEoAr2lGI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
9b135ae722de13fef7b82edfc496f5a8c67ad5a9.png
dunb17ur4ymx4.cloudfront.net/webstore/logos/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dunb17ur4ymx4.cloudfront.net/webstore/logos/9b135ae722de13fef7b82edfc496f5a8c67ad5a9.png
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-50.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffb75628760a0716c346d606f4d9a47cc7a7eb0c883bd127fdff72e4163df049

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 21:14:52 GMT
Via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
Last-Modified
Sun, 08 Oct 2023 10:30:24 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA53-C1
Age
24178
ETag
"e1681fc2d2803fb5c1a418ea5e28007e"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72490
X-Amz-Cf-Id
wpZcGHvuHvgtnTxieI-d0AaikfYs7Tgmes3Z_BeL_fg6Ll9Qp4Qa6g==
HRNZvmQ.png
i.imgur.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/HRNZvmQ.png
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
14f2a0d15b1612262ccf20b93e15dcea6b4f5f118ad95ec82933555e7f17946d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
1877638
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront, HIT, HIT
content-length
2459
x-served-by
cache-iad-kiad7000076-IAD, cache-fra-eddf8230056-FRA
last-modified
Thu, 15 Apr 2021 19:57:49 GMT
server
cat factory 1.0
x-timer
S1721361469.309379,VS0,VE1
etag
"da29370ff37c2dc0dc52745e0128323c"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
SaBeuUc8pkAhy2ADkS8W2Jm1maaBasANhseI4UOY_qQgSja0v9-1Lw==
x-cache-hits
237, 0
4bb21536c43632f2aa675dddbf29b94975716bfa.png
dunb17ur4ymx4.cloudfront.net/packages/images/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dunb17ur4ymx4.cloudfront.net/packages/images/4bb21536c43632f2aa675dddbf29b94975716bfa.png
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-50.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5356f9520d22262ef3824727f995a0ad4aa8dbb7a6a04ce72d804973e078700a

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 21:14:52 GMT
Via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
Last-Modified
Sun, 04 Dec 2022 08:24:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA53-C1
Age
24177
ETag
"fb027859792d9959662bd17c75ad337c"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
151761
X-Amz-Cf-Id
AYwWI0euBj8zr61z94cBLph_l9GqZHDYKp5K-4bQiXF9iuJSBKRrDA==
2920084_2.png
forum.cfx.re/user_avatar/forum.cfx.re/neon_light_rp/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/neon_light_rp/256/2920084_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/neon_light_rp/288/2920084_2.png
0
0
4307903_2.png
forum.cfx.re/user_avatar/forum.cfx.re/nexuscityrp/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/nexuscityrp/256/4307903_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/nexuscityrp/288/4307903_2.png
37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/nexuscityrp/288/4307903_2.png
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Server
2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab648f8793e9f06818b91fca022605e2d3b0de4f4e00a2c25a5888b4d406ae03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
164983
content-transfer-encoding
binary
x-discourse-route
user_avatars/show
content-length
37406
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 04 May 2024 05:34:36 GMT
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8a57ca20bec59f3a-FRA
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
expires
Sat, 19 Jul 2025 09:47:01 GMT

Redirect headers

date
Fri, 19 Jul 2024 03:57:49 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-discourse-route
user_avatars/show
content-length
141
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
content-type
text/html; charset=utf-8
location
https://forum.cfx.re/user_avatar/forum.cfx.re/nexuscityrp/288/4307903_2.png
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=14400
vary
Accept-Encoding
cf-ray
8a57ca1ffe579f3a-FRA
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
expires
Fri, 19 Jul 2024 07:57:49 GMT
3845458_2.png
forum.cfx.re/user_avatar/forum.cfx.re/ndshadowz/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/ndshadowz/256/3845458_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/ndshadowz/288/3845458_2.png
0
0
4193203_2.png
forum.cfx.re/user_avatar/forum.cfx.re/xrecklessx/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/xrecklessx/256/4193203_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/xrecklessx/288/4193203_2.png
0
0
3418965_2.png
forum.cfx.re/user_avatar/forum.cfx.re/therealdript/256/ 		0
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04bd989fb9122eae4e8c299e963d5913abf4775f29f7fe61fc3925ff1aaa1b5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53501
x-xss-protection
0
server
cafe
etag
2408709230846943005
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 19 Jul 2024 03:57:49 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 12:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 12:07:23 GMT
jquery.cookie.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.js
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
666759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1119
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-c31"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiWhY1s5T2ALAPxIIvVBiG4kgAXCJWXxU1OT1rkWfL6SO6EqbpUoV4ruaf3Reh%2BYc4XGshuXfG5Kb5tFmio9iN1XtN4MkeURkPoeUVT%2Bk1Dk7WrDQuitSGZ3Pufh8s%2Fbqu5Tz4jPDLTMiZrHn8v%2FcfAv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a57ca206b7b3689-FRA
expires
Wed, 09 Jul 2025 03:57:49 GMT
sweetalert2@8
cdn.jsdelivr.net/npm/ 		63 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@8
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
671cb08137fc76509b9504e46348d81b90800f81d50c85fcce84c39681a31ca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 Jul 2024 03:57:49 GMT
x-content-type-options
nosniff
content-encoding
br
age
19732
x-jsd-version
8.19.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17612
x-served-by
cache-fra-eddf8230116-FRA
x-jsd-version-type
version
etag
W/"fbbb-tsXb+/tQp5jbHUOIAUK8xDKl2Tw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
baytona.tebex.io/templates/209/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baytona.tebex.io/templates/209/js/bootstrap.min.js
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
tb-cache-country
DE
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Jul 2024 08:38:22 GMT
tb-cache-group
webstore
server
cloudflare
etag
W/"668cf6fe-71b6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=90
x-infra
new
cf-ray
8a57ca205d111e56-FRA
skin.min.js
baytona.tebex.io/templates/209/js/ 		265 B
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://baytona.tebex.io/templates/209/js/skin.min.js
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22112af7beec1924e9ffd905a2ab385aa6894b4217d7c9f54fa435af09594ce

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
tb-cache-country
DE
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Jul 2024 08:38:22 GMT
tb-cache-group
webstore
server
cloudflare
etag
W/"668cf6fe-109"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=90
x-infra
new
cf-ray
8a57ca205d141e56-FRA
site.js
baytona.tebex.io/templates/209/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://baytona.tebex.io/templates/209/js/site.js
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd86720ec28b58de0da0aae6724a8c16252df0b6211636315ce6d0e1de221d0

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
tb-cache-country
DE
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Jul 2024 08:38:22 GMT
tb-cache-group
webstore
server
cloudflare
etag
W/"668cf6fe-1f09"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=90
x-infra
new
cf-ray
8a57ca205d191e56-FRA
discord.js
baytona.tebex.io/assets/js/ 		1 KB
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://baytona.tebex.io/assets/js/discord.js
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8e73815e51d518d6d88f1f9dbe71baebf371c5bd8cddeb420ab53599322bb0c

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
tb-cache-country
DE
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Jul 2024 08:38:22 GMT
tb-cache-group
webstore
server
cloudflare
etag
W/"668cf6fe-5dc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=90
x-infra
new
cf-ray
8a57ca205d1a1e56-FRA
tebex-dark.png
baytona.tebex.io/assets/img/ 		457 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baytona.tebex.io/assets/img/tebex-dark.png
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a24cf5b032f473cbeb9c2d6d514448c492f8e5a104d253d1343b5ef80dbbe14

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
cf-cache-status
REVALIDATED
tb-cache-group
webstore
cf-polished
origSize=872
x-infra
new
content-length
457
tb-cache-country
DE
last-modified
Tue, 09 Jul 2024 08:38:22 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"668cf6fe-368"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=0, s-maxage=90
accept-ranges
bytes
cf-ray
8a57ca205d1c1e56-FRA
sdk.js
sdk.nsureapi.com/ 		150 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.nsureapi.com/sdk.js
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:1e00:d:b1e8:9040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3c45d0017d7b5235bf2060afd26d65d5e1d8a87891c7c16578a05777d95aa82

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 11:19:25 GMT
content-encoding
gzip
via
1.1 fe1df26b55e8c12763613686df86f7f2.cloudfront.net (CloudFront)
x-nsure-canary
false
last-modified
Thu, 20 Jun 2024 11:48:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
age
76092
etag
W/"c2ac9fe34b315c3746fc55aedbf4e2f7"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
PQ0F7ccKaO1RdO7NQdTVBbLFZhY-98c1wkv0AP7E8T08fQ7MvEPj1g==
css
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,700italic,400,700,600
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/templates/209/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39b2acc818832d5839445e69d857add6e15c8993209a857147c2376fb93f886a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Jul 2024 03:57:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Jul 2024 03:24:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Jul 2024 03:57:49 GMT
fxlepb8eap
www.clarity.ms/tag/ 		638 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/fxlepb8eap
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f4751a5ecc35a659fc4967d8c00b1ea757bea8da880e7e5add93af84da3dab4

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
-1
date
Fri, 19 Jul 2024 03:57:49 GMT
x-azure-ref
20240719T035749Z-16b8f8f97cf7qrzme6h615h65800000000eg000000003cmq
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
638
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
956191-5a54e23c22a2f9cadda21d3803a2809325c14266.png
cdn.tebex.io/webstore/956191/images/ 		886 KB
887 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tebex.io/webstore/956191/images/956191-5a54e23c22a2f9cadda21d3803a2809325c14266.png
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38acf2d5a93e552c431ff373d1e546d9317c6055206626d22c05db83ad4e7bdc

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
cf-cache-status
HIT
x-amz-request-id
7EFTK3RARQJX2M81
cf-polished
origSize=1376715
x-amz-server-side-encryption
AES256
content-length
906970
x-amz-id-2
Q2gnZZyNLdyez9TDE0ibzOCYEYfbntXWnCkNw2CBuVHRRHt2R2PlPps3Aoq7K4Oyk8vwEBO3QFM=
last-modified
Sun, 04 Dec 2022 07:33:36 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"9ab137e8825beedf46533f4baf7742dd"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=0, s-maxage=180
accept-ranges
bytes
cf-ray
8a57ca207d281e56-FRA
expires
Mon, 19 Aug 2024 03:57:49 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://baytona.tebex.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 21:09:13 GMT
x-content-type-options
nosniff
age
283716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Jul 2025 21:09:13 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://baytona.tebex.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:44:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"18d2347ab2a9f40ca2247cdb03303d84"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=85fpSRWt1YTQLR4pVbYcUkcW%2BeVkxj%2B2i%2BvDHhZ8SA9iNrWVY14WklnMUmpbvGjNluMA4hkYDtF6Oly6z7gOtWcBVXfBCodqrWia2%2FoKJ8gJaP4vlKVOup9WSF38j%2BGkbt0ryES19Ev3YJwAe0Z1dSUS"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8a57ca207a25914a-FRA
alt-svc
h3=":443"; ma=86400
content-length
59572
fa-regular-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1669bec36f12c35a00a2d23cf71b6061c85b8435f5c26445aab338f88dfe6629

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://baytona.tebex.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:44:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a3715c6fe264a51f1d9260b447ff46bc"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ooFapJtmNxRvN%2Fj2LxH%2FEGVcphC1IGGE%2FIvjHLxyn9MvT8LvC3NcLS%2FTHriQzOID3GPjJHkP1oZ91Uvk7p9az0c3gtKq8YUs4sk%2FUwKK%2Bunm18X6J0mQh%2Benid0JfTx8EGP%2B%2FpntmOttX1HiZCmde3s"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8a57ca207a26914a-FRA
alt-svc
h3=":443"; ma=86400
content-length
14952
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407170101/ 		424 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9830135219921132&plah=baytona.tebex.io&aplac=true&bust=31085449
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0cc712a83092ff194370a5854ae4bb7cd1b73ca47ae7d91fe13f1b41e957e411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146601
x-xss-protection
0
server
cafe
etag
18315865516991273648
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 19 Jul 2024 03:57:49 GMT
clarity.js
www.clarity.ms/s/0.7.34/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fxlepb8eap
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:49 GMT
content-encoding
br
last-modified
Thu, 23 May 2024 23:20:12 GMT
etag
W/"0x8DC7B7EE5574D78"
vary
Accept-Encoding
x-azure-ref
20240719T035749Z-16b8f8f97cf7qrzme6h615h65800000000eg000000003cmx
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c79d15cf-201e-0051-5f4e-d9b357000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240717/r20110914/ Frame 5366 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9830135219921132&plah=baytona.tebex.io&aplac=true&bust=31085449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
31305
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jul 2024 19:16:04 GMT
etag
2738592464165616
expires
Thu, 01 Aug 2024 19:16:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame F916 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9830135219921132&output=html&h=90&slotname=7404819681&adk=2854831385&adf=154517092&pi=t.ma~as.7404819681&w=728&abgtt=3&lmt=1721361469&format=728x90&url=https%3A%2F%2Fbaytona.tebex.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721361469601&bpp=4&bdt=324&idt=156&shv=r20240717&mjsv=m202407170101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=618211058182&frm=20&pv=2&ga_vid=834140028.1721361470&ga_sid=1721361470&ga_hid=1751613375&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95334527%2C95334830%2C95337026%2C95337868%2C31085449%2C95337093%2C31078663%2C31078668%2C31078670&oid=2&pvsid=665077903748048&tmod=689669564&uas=0&nvt=1&fc=896&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=187
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9830135219921132&plah=baytona.tebex.io&aplac=true&bust=31085449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
298
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jul 2024 03:57:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=preloader&cls=loaded&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 03:57:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=preloader&cls=loaded&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 03:57:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 4D2B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9830135219921132&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1721361469&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbaytona.tebex.io%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_8~30_19&aiixl=32_9~27_3~30_6&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721361469748&bpp=2&bdt=471&idt=56&shv=r20240717&mjsv=m202407170101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=728x90&nras=1&correlator=618211058182&frm=20&pv=1&ga_vid=834140028.1721361470&ga_sid=1721361470&ga_hid=1751613375&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95334527%2C95334830%2C95337026%2C95337868%2C31085449%2C95337093%2C31078663%2C31078668%2C31078670&oid=2&pvsid=665077903748048&tmod=689669564&uas=0&nvt=1&fsapi=1&fc=896&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=64
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9830135219921132&plah=baytona.tebex.io&aplac=true&bust=31085449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jul 2024 03:57:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
o.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://baytona.tebex.io
Date
Fri, 19 Jul 2024 03:57:50 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
nr-rum-1.262.0.min.js
js-agent.newrelic.com/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.262.0.min.js
Requested by
Host: baytona.tebex.io
URL: https://baytona.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a557b02ea64886c022f719706e39e65ad6ba8accd1ab25498e9dd18e6da880d7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://baytona.tebex.io/
Origin
https://baytona.tebex.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
r7yL2WJdLoR2RnA7cy4KmyFp0CcyXjOe
content-encoding
br
via
1.1 varnish
date
Fri, 19 Jul 2024 03:57:50 GMT
strict-transport-security
max-age=300
x-amz-request-id
K38T9X4P5MZ6RQVK
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15610
x-amz-id-2
xnq9weYvhXiIDfEcO+SGLtM+rWWVvFcpGthf1x+cpbCBAVHSJXYxQ1t8lmBHzq6DK77+dxCAfFE=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 10 Jul 2024 15:59:13 GMT
server
AmazonS3
etag
"8725f7bd03f3c4df3f40d580cf1e5f6c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
181123
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D3793E9B378D44659CF1468267B47DE1&RedC=c.clarity.ms&MXFR=39021AF7DDF362252A950E36D9F36C11
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D3793E9B378D44659CF1468267B47DE1&MUID=267E811104076AA20A6695D005076BCA
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D3793E9B378D44659CF1468267B47DE1&MUID=267E811104076AA20A6695D005076BCA
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 03:57:50 GMT
last-modified
Tue, 25 Jun 2024 19:30:12 GMT
server
Microsoft-IIS/10.0
etag
"7473f1936c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 19 Jul 2024 03:57:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3664A983B6C1496497291716BC0FB077 Ref B: FRAEDGE1811 Ref C: 2024-07-19T03:57:50Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D3793E9B378D44659CF1468267B47DE1&MUID=267E811104076AA20A6695D005076BCA
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240717&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9830135219921132&plah=baytona.tebex.io&aplac=true&bust=31085449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15ca813e96773c9d92853876c0a2790104ab6ae0dea60eecfb213b986fbfde28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12930
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9830135219921132&plah=baytona.tebex.io&aplac=true&bust=31085449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 03:57:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Jul 2024 03:57:50 GMT
644eb60a73b503083e3529a1629ea02d2d43c997.png
dunb17ur4ymx4.cloudfront.net/webstore/favicons/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dunb17ur4ymx4.cloudfront.net/webstore/favicons/644eb60a73b503083e3529a1629ea02d2d43c997.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-50.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9ab14692865d1b9446b926ae6297dec6e2d745d8cad414cfa428cc1c924b6ae

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 21:14:54 GMT
Via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
Last-Modified
Wed, 21 Dec 2022 19:36:46 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA53-C1
Age
24177
ETag
"242e44cafa3d7ecda09e8a646c04f490"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3490
X-Amz-Cf-Id
-_FhVaSdRF7z373qajM674S5tziCkzpU3Gcpdv_dgleIhYBM7DeFzg==
ade4f02621
bam.nr-data.net/1/ 		150 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/ade4f02621?a=507442138&v=1.262.0&to=bwBbZBNQDUADAENeDVZKbEIIHgpdBgZPGRJQFQ%3D%3D&rst=1357&ck=0&s=24e61035e20eeacb&ref=https://baytona.tebex.io/&ptid=212de29af17ff6ec&ap=212&be=395&fe=838&dc=498&at=Q0dYEltKHk4%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1721361468858,%22n%22:0,%22f%22:2,%22dn%22:16,%22dne%22:16,%22c%22:16,%22s%22:22,%22ce%22:36,%22rq%22:36,%22rp%22:396,%22rpe%22:400,%22di%22:884,%22ds%22:884,%22de%22:893,%22dc%22:1231,%22l%22:1231,%22le%22:1233%7D,%22navigation%22:%7B%7D%7D&fp=694&fcp=694
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.262.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bfd3d5422e3750f0ff82151e576da7e1c8f8f99b7c641d9143bbd40aedec352

Request headers

Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 Jul 2024 03:57:50 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://baytona.tebex.io
access-control-expose-headers
Date
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
timing-allow-origin
https://baytona.tebex.io
Content-Length
150
x-served-by
cache-fra-eddf8230152-FRA
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baytona.tebex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1265
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jul 2024 03:36:45 GMT
expires
Sat, 19 Jul 2025 03:36:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
o.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://baytona.tebex.io
Date
Fri, 19 Jul 2024 03:57:50 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
collect
o.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://baytona.tebex.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://baytona.tebex.io
Date
Fri, 19 Jul 2024 03:57:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forum.cfx.re
URL
https://forum.cfx.re/user_avatar/forum.cfx.re/neon_light_rp/288/2920084_2.png
Domain
forum.cfx.re
URL
https://forum.cfx.re/user_avatar/forum.cfx.re/ndshadowz/288/3845458_2.png
Domain
forum.cfx.re
URL
https://forum.cfx.re/user_avatar/forum.cfx.re/xrecklessx/288/4193203_2.png
Domain
forum.cfx.re
URL
https://forum.cfx.re/user_avatar/forum.cfx.re/therealdript/256/3418965_2.png
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240717&jk=665077903748048&bg=!IiGlIW7NAAakBOpbhAQ7ADQBe5WfOKxKL8GIvY-uSDfedb1jpRJLbFsQJDDuekJ85gCSdSLx6KJEmFp5PRcChes9vQ6lAgAAAF9SAAAABGgBB34ANrOsPUg3XASXTs9SBhClG4ANx21js1MBmRp9xLGUN7VUbKO5goNj7eaTm3b8H28CHjeULmbtMwoAm32UJCXQTfbrMB-pDEhkzMbs4HQfC2Rrp-78UnLHPPcK148MsDUsvL6yRZmPfBaKFxT3Jy-x3H0fpzo7r3sTA2fn8kbckZB-RGlwJHeVbi7crpWc2A1OrrezpMqvkBmP5fuSby3DSgnEtIMYL6vwveK5z0C3LpGIhGdlCZUZKURtPqy4gCmL42jdkdC5UTed8wG_Rlk-xzVb75qQmQKuNsXHq-EOnZfDrCPcaUA_4tqBEM0G4ohRCyIEzsvCO-ZJP2irIfw6PP4K8DK_87iCPS9V1ACSVbaZSEix_9fWMT51Awo9IZ8maeClxP0Q-KK7_1i_qezdyv_xFWln9m-XWGbZoTFqdU0MMN0EmqbiVHPbHSxRNJMsx-4sVblmsVjjCfz6yYv8kfZt8NFrkPOcgabLYMcMamej26Kt9FlswEZn6L0IuAdLfz309DbjOK8gXYJP3256zT3T3adqtMCy5w5BfTd4TorL_oxVgSCvGo2P5vhBUhTWChMgRngULIDe32Nh7ePiuuXtrjYZW3Sfc7kDJJLUGS5hiSj8xzJiNOuxTbIMK7EOgEoSCZZv2M2awd70fEUcfALCg70afMONEms3Uz_Z17nC6JcDTMCva8UOlkCxqV8jZZxfJpyGY3gfidE7YIbU2SG0R1ynFAd1KQVVzqcflIsbg91EzbqwZErWbtydHi4tBnUZC0xyNbdSQ7-orArBYZMzfiBWSlU6MZsmbkR63M_oV08S02yZBc2ZBeVhFSmJkPtdHvP4Ez67YVrB-LRAflmo5K2PdSnfI6EcvdrnM2866Dsld5pNC1MFdx6VJXq9-KF6oIrHDHpgXYqKVTpsuohW2SNm-mYYh597eWwnWy8zcrwz6yv3H1e-tF1aNxOxRRDAiBIb3VefeJsiMAwyI0J34sVIjmJBCiI4XzqO-OYkve795tTtRSsH21OuRSnukstsfkVyRhBc160SQAmn0Hd9V0K4qXhTBl9HKT0I0o80XKOwQGIWf7uRhXPw6G1XdNU6Lk4EXyzhvsUx3PuxwAHLfI_WSq9oYRPtjxbn5ZOKx_spk21h89hx_QO3UN1oBiRASQqsTkg3-UFYBfiFjJhY3fnl-ZorLwowyK4z9vIaAj2G2V0

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| NREUM object| webpackChunk:NRBA-1.262.0.PROD object| newrelic function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS string| serverip number| port string| default_theme boolean| particles_enabled function| clarity object| adsbygoogle function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| jQuery111003592367598410331 function| clearWaitingOverlay function| processForm function| unserialize function| getCookie function| copyToClipboard object| notification function| changetheme function| positionTebexFooterMrkLZZPD function| debounce function| nSureAsyncInit object| nSureCoreSdk object| nSureSDK object| stored object| field number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| GoogleGcLKhOms

10 Cookies

Domain/Path Name / Value
.tebex.io/ Name: __cf_bm
Value: hXGOT4z6FKZfpfkChxMuiZRHx9JlEtyinD5qU1J1pxg-1721361469-1.0.1.1-GXQClMxr.VNKBS5RTHHdTUc64tNz3EW5aA2ZdtIK8YqBA3D_0wsOR5fFy83X96TsDtgZVyTqXuAytq7dNsS0aw
www.clarity.ms/ Name: CLID
Value: 062f5eb4235b404e8a95db4cd4b42446.20240719.20250719
.tebex.io/ Name: __eoi
Value: ID=8745c2ffceccce26:T=1721361469:RT=1721361469:S=AA-AfjZCkOv_P5uCt_C3z_5EBeR-
.bing.com/ Name: MUID
Value: 267E811104076AA20A6695D005076BCA
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 267E811104076AA20A6695D005076BCA
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 267E811104076AA20A6695D005076BCA
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bam.nr-data.net
baytona.tebex.io
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.tebex.io
cdnjs.cloudflare.com
dunb17ur4ymx4.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forum.cfx.re
i.imgur.com
js-agent.newrelic.com
o.clarity.ms
pagead2.googlesyndication.com
sdk.nsureapi.com
tpc.googlesyndication.com
use.fontawesome.com
www.clarity.ms
forum.cfx.re
pagead2.googlesyndication.com
104.18.13.162
13.74.129.1
143.204.205.50
162.247.243.29
199.232.192.193
2600:9000:2359:1e00:d:b1e8:9040:93a1
2602:816:5001::39
2606:4700:3036::6815:1b98
2606:4700:4400::6812:22ab
2606:4700::6811:190e
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:806::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a04:4e42:400::485
52.152.143.207
04bd989fb9122eae4e8c299e963d5913abf4775f29f7fe61fc3925ff1aaa1b5e
0cc712a83092ff194370a5854ae4bb7cd1b73ca47ae7d91fe13f1b41e957e411
14f2a0d15b1612262ccf20b93e15dcea6b4f5f118ad95ec82933555e7f17946d
15ca813e96773c9d92853876c0a2790104ab6ae0dea60eecfb213b986fbfde28
1669bec36f12c35a00a2d23cf71b6061c85b8435f5c26445aab338f88dfe6629
2ac1524b54ef57481295f355669d4dd48b96ac9c8b0b71e02e2d142f4de747d5
38acf2d5a93e552c431ff373d1e546d9317c6055206626d22c05db83ad4e7bdc
39b2acc818832d5839445e69d857add6e15c8993209a857147c2376fb93f886a
3bfd3d5422e3750f0ff82151e576da7e1c8f8f99b7c641d9143bbd40aedec352
4a24cf5b032f473cbeb9c2d6d514448c492f8e5a104d253d1343b5ef80dbbe14
5356f9520d22262ef3824727f995a0ad4aa8dbb7a6a04ce72d804973e078700a
5d49d791a921e75d62815c14a6a4ef971df769cd05a96d85f4d25c6c6429b91c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
671cb08137fc76509b9504e46348d81b90800f81d50c85fcce84c39681a31ca9
7f4751a5ecc35a659fc4967d8c00b1ea757bea8da880e7e5add93af84da3dab4
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a557b02ea64886c022f719706e39e65ad6ba8accd1ab25498e9dd18e6da880d7
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
ab648f8793e9f06818b91fca022605e2d3b0de4f4e00a2c25a5888b4d406ae03
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c0d26e6ac74fc25ea3359b6ff41aae341638a1872fa9e2fcea58285fc9749277
c22112af7beec1924e9ffd905a2ab385aa6894b4217d7c9f54fa435af09594ce
c8e73815e51d518d6d88f1f9dbe71baebf371c5bd8cddeb420ab53599322bb0c
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c45d0017d7b5235bf2060afd26d65d5e1d8a87891c7c16578a05777d95aa82
e9ab14692865d1b9446b926ae6297dec6e2d745d8cad414cfa428cc1c924b6ae
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6
fdd86720ec28b58de0da0aae6724a8c16252df0b6211636315ce6d0e1de221d0
ffb75628760a0716c346d606f4d9a47cc7a7eb0c883bd127fdff72e4163df049
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988