URL: https://bay88.co/
Submission: On September 16 via api from BE — Scanned from NL

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 26 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is bay88.co.
TLS certificate: Issued by WE1 on September 3rd 2024. Valid for: 3 months.
This is the only time bay88.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 188.114.97.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
5 18.234.10.85 14618 (AMAZON-AES)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 34.196.14.45 14618 (AMAZON-AES)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
26 10
Apex Domain
Subdomains
Transfer
7 bay88.co
bay88.co
1 MB
6 ladesk.com
bay88.ladesk.com
5.ue1.vbus.apps.ladesk.com — Cisco Umbrella Rank: 139432
15 KB
2 bay88.com
api.bay88.com Failed
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
3 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3310
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
72 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
103 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
26 8
Domain Requested by
7 bay88.co bay88.co
5 bay88.ladesk.com bay88.co
bay88.ladesk.com
2 api.bay88.com bay88.co
2 www.facebook.com bay88.co
2 region1.google-analytics.com www.googletagmanager.com
2 connect.facebook.net bay88.co
connect.facebook.net
1 5.ue1.vbus.apps.ladesk.com bay88.ladesk.com
1 www.googletagmanager.com bay88.co
1 fonts.googleapis.com bay88.co
26 9

This site contains no links.

Subject Issuer Validity Valid
bay88.co
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.google-analytics.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-06-25 -
2024-09-23
3 months crt.sh
*.ladesk.com
R10
2024-08-05 -
2024-11-03
3 months crt.sh
5.ue1.vbus.apps.ladesk.com
R11
2024-08-24 -
2024-11-22
3 months crt.sh
bay88.com
WE1
2024-07-27 -
2024-10-25
3 months crt.sh

This page contains 3 frames:

Primary Page: https://bay88.co/
Frame ID: AE9188244516FE36E6B954750C32BDF9
Requests: 22 HTTP requests in this frame

Frame: https://bay88.ladesk.com/scripts/generateWidget.php?v=5.49.1.34&t=1726224187&cwid=5ue7cd0k&cwrt=O&pt=Bay88&ref=https%3A%2F%2Fbay88.co%2F
Frame ID: 19FCFAE95B58E24A9534FB14A35FDE42
Requests: 1 HTTP requests in this frame

Frame: https://5.ue1.vbus.apps.ladesk.com/5_49_1_34/scripts/lib/bus.html?v=5.49.1.34
Frame ID: F548E81BB7B00E7175E50F92853827CA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Bay88

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

26
Requests

88 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

1408 kB
Transfer

6183 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bay88.co/
3 KB
2 KB
Document
General
Full URL
https://bay88.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e9e1c40fc930befd53bb28fcf0769ee88c517c75c22ba8bfe83bc9896946936

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8c3e78bdccab3a72-FRA
content-encoding
br
content-type
text/html
date
Mon, 16 Sep 2024 05:31:41 GMT
last-modified
Mon, 16 Sep 2024 04:51:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfylbXm5pCL3jbp2%2Fp%2Bx2mCM5x28TFHeIg7SM5%2FWNWbLjHh0aGPoCNJlrBa8vQD8lPEMcahZyafijafnRIkE4Y7mh0y%2FWTli7TFo72SJtUeDkSH3RI7970mnXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css2
fonts.googleapis.com/
19 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700;800&family=Londrina+Solid&family=Montserrat:wght@400;500;600;700;800&display=swap
Requested by
Host: bay88.co
URL: https://bay88.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84568e22d76844edbf62425248a079434fad84552a5725687f094844ae0af4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Sep 2024 05:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Sep 2024 05:31:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Sep 2024 05:31:41 GMT
js
www.googletagmanager.com/gtag/
309 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TGXQL8454J
Requested by
Host: bay88.co
URL: https://bay88.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b33d4233b949e91a6fa6891b985f9e2afeef0c182c26b05f8302512ba677f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:31:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104860
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Sep 2024 05:31:41 GMT
index-2a1ecdf2.js
bay88.co/assets/
5 MB
1 MB
Script
General
Full URL
https://bay88.co/assets/index-2a1ecdf2.js
Requested by
Host: bay88.co
URL: https://bay88.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a479d45c0f59923c62110d7ef951fc54569998f97c05a6746b3169eef05ba390

Request headers

Referer
https://bay88.co/
Origin
https://bay88.co
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:31:43 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 16 Sep 2024 04:51:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66e7b96a-54420a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PVT1LKUP2Ics6MMWtK%2ByNUY74oVsKO6DDvSD837oZ9lLaYomzlLF2fE7UB0nA34ybgB24A9qwp44trBKnEeETia3pG4BNmDJGO8F8Uu8Nlr6JoCYKwgtTOfHqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8c3e78c0fec43a72-FRA
alt-svc
h3=":443"; ma=86400
index-aa92846b.css
bay88.co/assets/
42 KB
9 KB
Stylesheet
General
Full URL
https://bay88.co/assets/index-aa92846b.css
Requested by
Host: bay88.co
URL: https://bay88.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa92846b4fee669fde4ce1a8112cfe1b888ade6256453d5915faed853f573517

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:31:42 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 16 Sep 2024 04:51:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66e7b96a-a956"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s0qE9mWHFdaB%2BAxvL4x31Rw880RGPM9%2FD4aEUh%2FB9Iij%2FmphP2C31p4D8y77cSyk2qmwIo22%2F864MghpJuujsidHHESozsa7Zm9%2BXT3lYBnr1xVIE16UfRkQuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-store, no-cache, must-revalidate
cf-ray
8c3e78c0fec53a72-FRA
alt-svc
h3=":443"; ma=86400
registerSW.js
bay88.co/
134 B
549 B
Script
General
Full URL
https://bay88.co/registerSW.js
Requested by
Host: bay88.co
URL: https://bay88.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9742073ef7fc795e7673d98f272992843298426a0ffd8cb3507784df5143608b

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:31:42 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 16 Sep 2024 04:51:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66e7b96a-86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2F%2BSL5qW5vuTRWXPBLpt9r1XT5N2sYtsi7wOB9oYY2m2XKdhlbZsELOeDKWK%2BhQXPMJuHTsjQPN5jJYVrkcqHIowuRPVVdIM4INSJ0mZqZlf5E%2FVFk29HQcaBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8c3e78c0fec63a72-FRA
alt-svc
h3=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/
225 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bay88.co
URL: https://bay88.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Sep 2024 05:31:42 GMT
document-policy
force-load-at-top
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58953
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4425, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
0TqGLEH/iMlLhIno2gVIFDOiEH1KdOLZkzp3aVnE71Cdw2m4qb6xZdbj3FMn3NobfWA9NMfuJ6lfDnLXUEauAg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TGXQL8454J&gtm=45je4990v9189459244za200&_p=1726464701668&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529665&cid=1785642646.1726464702&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726464701&sct=1&seg=0&dl=https%3A%2F%2Fbay88.co%2F&dt=Bay88&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=790
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGXQL8454J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 05:31:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bay88.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track.js
bay88.ladesk.com/scripts/
49 KB
13 KB
Script
General
Full URL
https://bay88.ladesk.com/scripts/track.js
Requested by
Host: bay88.co
URL: https://bay88.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
5582a2ef4a7d0ef0b80f62334de55c7f753d449ce5d9235d9786d332b6dd5108
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

la-ver
5.49.1.34
date
Mon, 16 Sep 2024 05:31:42 GMT
content-encoding
gzip
via
1.1 varnish (prod-ue1)
x-content-type-options
nosniff
last-modified
Wed, 11 Sep 2024 06:59:40 GMT
server
Apache/2.4.57 (Unix)
age
0
etag
W/"c556-621d288aaaf00"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
107453479
cache-control
max-age=300, public
accept-ranges
bytes
1102294361016325
connect.facebook.net/signals/config/
74 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1102294361016325?v=2.9.167&r=stable&domain=bay88.co&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
3def1eb9b147a52b099affed72bcdce4dedf3f7c9a5c43ddeaccb678c44d8927
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 16 Sep 2024 05:31:43 GMT
document-policy
force-load-at-top
x-fb-server-load
42
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=74, mss=1232, tbw=67127, tp=63, tpl=0, uplat=368, ullat=0
pragma
public
x-fb-debug
JxtVZ7+J3diWL5o56EZz5Mv5dob+BoDysv59nfMZU1iDlZdpggF2suBjaogp0AsM+zO8w14im8S16Huu8D4RRA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
button.php
bay88.ladesk.com/scripts/
3 KB
1 KB
Script
General
Full URL
https://bay88.ladesk.com/scripts/button.php?ChS=UTF-8&C=Widget&i=5ue7cd0k&p=__S__bay88.co%2F
Requested by
Host: bay88.ladesk.com
URL: https://bay88.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
f1e560fed290d254f9c3d521483ecaad90e37bf48f9f0e726fcc2187ea0d42a0
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

la-ver
5.49.1.34
date
Mon, 16 Sep 2024 05:31:43 GMT
content-encoding
gzip
pragma
x-content-type-options
nosniff, nosniff
last-modified
Mon, 16 Sep 2024 05:31:43 GMT
server
Apache/2.4.57 (Unix)
age
0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-varnish
102100311
via
1.1 varnish (prod-ue1)
cache-control
max-age=15, public
accept-ranges
bytes
expires
Mon, 16 Sep 2024 05:31:58 GMT
button.php
bay88.ladesk.com/scripts/
308 B
253 B
Script
General
Full URL
https://bay88.ladesk.com/scripts/button.php?ChS=UTF-8&C=Widget&i=rpnsi0a1&p=__S__bay88.co%2F
Requested by
Host: bay88.ladesk.com
URL: https://bay88.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
7425c180891d7bc87d37ea7a46797e5829af69bd7179cf30886d42ec19e33672
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

la-ver
5.49.1.34
date
Mon, 16 Sep 2024 05:31:43 GMT
content-encoding
gzip
pragma
x-content-type-options
nosniff, nosniff
last-modified
Mon, 16 Sep 2024 05:31:43 GMT
server
Apache/2.4.57 (Unix)
age
0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-varnish
107643767
via
1.1 varnish (prod-ue1)
cache-control
max-age=15, public
accept-ranges
bytes
expires
Mon, 16 Sep 2024 05:31:58 GMT
generateWidget.php
bay88.ladesk.com/scripts/ Frame 19FC
0
0
Document
General
Full URL
https://bay88.ladesk.com/scripts/generateWidget.php?v=5.49.1.34&t=1726224187&cwid=5ue7cd0k&cwrt=O&pt=Bay88&ref=https%3A%2F%2Fbay88.co%2F
Requested by
Host: bay88.ladesk.com
URL: https://bay88.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bay88.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=31536000, public
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 16 Sep 2024 05:31:43 GMT
expires
Wed, 01 Jan 2025 00:00:00 GMT
la-ver
5.49.1.34
last-modified
Tue, 01 Jan 2008 00:00:00 GMT
server
Apache/2.4.57 (Unix)
vary
Accept-Encoding
via
1.1 varnish (prod-ue1)
x-content-type-options
nosniff
x-varnish
107255624
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1102294361016325&ev=PageView&dl=https%3A%2F%2Fbay88.co%2F&rl=&if=false&ts=1726464703260&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726464703259.259450651601255067&cs_est=true&ler=empty&cdl=API_unavailable&it=1726464702753&coo=false&rqm=GET
Requested by
Host: bay88.co
URL: https://bay88.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 16 Sep 2024 05:31:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1102294361016325&ev=PageView&dl=https%3A%2F%2Fbay88.co%2F&rl=&if=false&ts=1726464703260&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726464703259.259450651601255067&cs_est=true&ler=empty&cdl=API_unavailable&it=1726464702753&coo=false&rqm=FGET
Requested by
Host: bay88.co
URL: https://bay88.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 16 Sep 2024 05:31:43 GMT
document-policy
force-load-at-top
x-fb-server-load
50
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415109437532398450", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=3102, tp=-1, tpl=-1, uplat=199, ullat=0
pragma
no-cache
x-fb-debug
WcpluTW9BbWiqzXXr32yIftEi3uQNX9lu5/s23jON+F72oMjLbutf+OM/r1hr+4c3BEik0oq8krWF4tVI0dtpw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415109437532398450"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
track_visit.php
bay88.ladesk.com/scripts/
511 B
295 B
Script
General
Full URL
https://bay88.ladesk.com/scripts/track_visit.php?t=Y&C=Track&B=eyn56gmqn2auublegevjvfzz5lg55&S=zcfilg7lnyvqea3i94yzfy29e36u0&pt=Bay88&url=__S__bay88.co%2F&ref=&sr=1600x1200&ud=%7B%7D&vn=Y&ci=&jstk=Y
Requested by
Host: bay88.ladesk.com
URL: https://bay88.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
d670940dd12639e10adf5083dc0f5eee6f1122571098d1877129536594056d93
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

la-ver
5.49.1.34
date
Mon, 16 Sep 2024 05:31:43 GMT
content-encoding
gzip
pragma
x-content-type-options
nosniff, nosniff
last-modified
Mon, 16 Sep 2024 05:31:43 GMT
server
Apache/2.4.57 (Unix)
age
0
vary
Accept-Encoding
content-type
application/javascript
x-varnish
106989888
via
1.1 varnish (prod-ue1)
cache-control
max-age=15, public
accept-ranges
bytes
expires
Mon, 16 Sep 2024 05:31:58 GMT
bus.html
5.ue1.vbus.apps.ladesk.com/5_49_1_34/scripts/lib/ Frame F548
0
0
Document
General
Full URL
https://5.ue1.vbus.apps.ladesk.com/5_49_1_34/scripts/lib/bus.html?v=5.49.1.34
Requested by
Host: bay88.ladesk.com
URL: https://bay88.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.196.14.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-14-45.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://bay88.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
70
content-encoding
gzip
content-length
140
content-type
text/html; charset=utf-8
date
Mon, 16 Sep 2024 05:31:43 GMT
etag
W/"13b-621d288aaaf00"
last-modified
Wed, 11 Sep 2024 06:59:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish (prod-ue1)
x-content-type-options
nosniff
x-varnish
105565871 107324644
logo-2637feb2.png
bay88.co/assets/
43 KB
44 KB
Image
General
Full URL
https://bay88.co/assets/logo-2637feb2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2637feb2bae093972d26973277468bb5587583e9ae5b3d066f2b1586f2eaa510

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:31:45 GMT
cf-cache-status
BYPASS
last-modified
Mon, 16 Sep 2024 04:51:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66e7b96a-ad5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=50fGHwIpyJjrF9IFQUZAbDOdLpey3kBwCSoKcJJLcqvgWfT0NpjCN0IXBl1IuG6QG%2FJrPkYfj5aOzmcTBjYNMBcgKgK%2Fk0EfInO05FKgN6MWopBYVr%2FHrWbdiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
cf-ray
8c3e78d38db93a72-FRA
alt-svc
h3=":443"; ma=86400
content-length
44380
meta.json
bay88.co/
19 B
466 B
Fetch
General
Full URL
https://bay88.co/meta.json
Requested by
Host: bay88.co
URL: https://bay88.co/assets/index-2a1ecdf2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f783d8febd2c943056cf231e494c062622a21364fb920443f95d9929cd6261b

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:31:44 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 16 Sep 2024 04:51:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66e7b968-13"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fb7eKvkvP%2Fe8vC%2BHNyaSpu%2FBRMIYYfPBRY%2BCIgR1Tb9e3bI4jOV5I3D%2BFe3fIVboO0PpzBCsH5PQVyi%2FsjAhokpRfOcb56CDoGqLlj9kej9nFunGpGEameZ2SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
cf-ray
8c3e78d39dcb3a72-FRA
alt-svc
h3=":443"; ma=86400
content-length
19
favicon.ico
bay88.co/
21 KB
21 KB
Other
General
Full URL
https://bay88.co/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39963b528318c2558f8ba48f4021696b83362d85d85629324260ccf29e605aee

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 05:31:45 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 16 Sep 2024 04:51:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66e7b968-5457"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGpgAp2tX8Wyji0PDrO5uZ7zFHppa1xIwl2WhafwHnGiUiNg32%2BjPQoBoAhC9pf2BRgcOexVH0NZdemolPQV81OsC6%2BidgFVcwHHq1z6MVsIwWd55gItzw%2FpmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
no-store, no-cache, must-revalidate
cf-ray
8c3e78d39dd03a72-FRA
alt-svc
h3=":443"; ma=86400
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TGXQL8454J&gtm=45je4990v9189459244za200&_p=1726464701668&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529665&cid=1785642646.1726464702&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1726464701&sct=1&seg=0&dl=https%3A%2F%2Fbay88.co%2F&dt=Bay88&en=scroll&epn.percent_scrolled=90&_et=5&tfd=5797
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGXQL8454J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://bay88.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 05:31:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bay88.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
session
api.bay88.com/v2/
0
0

session
api.bay88.com/v2/ Frame
0
0
Preflight
General
Full URL
https://api.bay88.com/v2/session
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4578 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hmac-sign,x-origin
Access-Control-Request-Method
POST
Origin
https://bay88.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-hmac-sign,x-origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://bay88.co
cf-cache-status
DYNAMIC
cf-ray
8c3e78e25f092bae-FRA
content-length
0
date
Mon, 16 Sep 2024 05:31:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uwm4IY7LgEndpEb5hDW6bf5mrHQ18wrPqdtbLPnWVr3QzOa2feKIpShSui%2FEoKuXVNQkorgrwi6Ib57rCoT9nAfw0n5Ggnbxs5ErxxOnAMHY%2Fx4rPBBcQjkv%2FuuJjjlm8N%2BeEtZ3vmkyE8E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
logo-2637feb2.png
bay88.co/assets/
0
0

maintain
api.bay88.com/v1/config/
0
0

maintain
api.bay88.com/v1/config/ Frame
0
0
Preflight
General
Full URL
https://api.bay88.com/v1/config/maintain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4578 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-origin
Access-Control-Request-Method
GET
Origin
https://bay88.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://bay88.co
cf-cache-status
DYNAMIC
cf-ray
8c3e78eb6dff2bae-FRA
content-length
0
date
Mon, 16 Sep 2024 05:31:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivd0UoXu%2B293VljafZGCZBz8mo0kjIgH3AN2qvNCrgZBIz8mRo3Vp39CaQ8yb%2FxyQluuHsx%2F8pPHPgmBRcxPjGdkl7VCqXnai5P3O%2FcS5Du%2FHAbh5%2BeNt8gfVRJvD%2BqYYX9BjmytyPXjXj0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.bay88.com
URL
https://api.bay88.com/v2/session
Domain
bay88.co
URL
https://bay88.co/assets/logo-2637feb2.png
Domain
api.bay88.com
URL
https://api.bay88.com/v1/config/maintain

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| gtag object| dataLayer function| fbq function| _fbq object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| hashCode object| LiveAgentTrackerXD function| LiveAgent function| LiveAgentTracker function| init_button_5ue7cd0k object| widgets number| widgetsLength function| init_button_rpnsi0a1 string| __reactRouterVersion number| 2f1acc6c3a606b082e5eef5e54414ffb object| __localeData__

6 Cookies

Domain/Path Name / Value
.bay88.co/ Name: _ga
Value: GA1.1.1785642646.1726464702
.bay88.co/ Name: _ga_TGXQL8454J
Value: GS1.1.1726464701.1.0.1726464701.0.0.0
bay88.co/ Name: LaVisitorNew
Value: Y
.bay88.co/ Name: LaVisitorId_YmF5ODgubGFkZXNrLmNvbS8
Value: eyn56gmqn2auublegevjvfzz5lg55
bay88.co/ Name: LaSID
Value: zcfilg7lnyvqea3i94yzfy29e36u0
.bay88.co/ Name: _fbp
Value: fb.1.1726464703259.259450651601255067

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5.ue1.vbus.apps.ladesk.com
api.bay88.com
bay88.co
bay88.ladesk.com
connect.facebook.net
fonts.googleapis.com
region1.google-analytics.com
www.facebook.com
www.googletagmanager.com
api.bay88.com
bay88.co
157.240.0.6
18.234.10.85
188.114.97.3
2001:4860:4802:34::36
2606:4700:20::ac43:4578
2a00:1450:4001:811::2008
2a00:1450:4001:81d::200a
2a03:2880:f177:185:face:b00c:0:25de
34.196.14.45
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
2637feb2bae093972d26973277468bb5587583e9ae5b3d066f2b1586f2eaa510
39963b528318c2558f8ba48f4021696b83362d85d85629324260ccf29e605aee
3def1eb9b147a52b099affed72bcdce4dedf3f7c9a5c43ddeaccb678c44d8927
5582a2ef4a7d0ef0b80f62334de55c7f753d449ce5d9235d9786d332b6dd5108
7425c180891d7bc87d37ea7a46797e5829af69bd7179cf30886d42ec19e33672
7b33d4233b949e91a6fa6891b985f9e2afeef0c182c26b05f8302512ba677f89
7f783d8febd2c943056cf231e494c062622a21364fb920443f95d9929cd6261b
8e9e1c40fc930befd53bb28fcf0769ee88c517c75c22ba8bfe83bc9896946936
9742073ef7fc795e7673d98f272992843298426a0ffd8cb3507784df5143608b
a479d45c0f59923c62110d7ef951fc54569998f97c05a6746b3169eef05ba390
a84568e22d76844edbf62425248a079434fad84552a5725687f094844ae0af4b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa92846b4fee669fde4ce1a8112cfe1b888ade6256453d5915faed853f573517
d670940dd12639e10adf5083dc0f5eee6f1122571098d1877129536594056d93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1e560fed290d254f9c3d521483ecaad90e37bf48f9f0e726fcc2187ea0d42a0