bay789a.win Open in urlscan Pro
2606:4700:3035::ac43:af76 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bay789a.win/
Submission: On February 14 via api (February 14th 2024, 11:42:09 pm UTC) from BE — Scanned from DE

Summary HTTP 66 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3035::ac43:af76, located in United States and belongs to CLOUDFLARENET, US. The main domain is bay789a.win.
TLS certificate: Issued by GTS CA 1P5 on February 6th 2024. Valid for: 3 months.

This is the only time bay789a.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
55	2606:4700:303... 2606:4700:3035::ac43:af76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:ba3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
66	10

55 2606:4700:3035::ac43:af76 (United States)

ASN13335 (CLOUDFLARENET, US)

bay789a.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ba3 (United States)

ASN13335 (CLOUDFLARENET, US)

web1s.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

api.bay789.vin	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	bay789a.win bay789a.win	3 MB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2000	305 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	69 KB
2	web1s.com web1s.com — Cisco Umbrella Rank: 546814	5 KB
1	bay789.vin api.bay789.vin	7 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	185 B
1	gstatic.com www.gstatic.com	197 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	92 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
66	9

	Domain	Requested by
55	bay789a.win	bay789a.win
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	bay789a.win connect.facebook.net
2	web1s.com	bay789a.win
1	api.bay789.vin	bay789a.win
1	www.facebook.com	bay789a.win
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	bay789a.win
1	www.google.com	bay789a.win
66	9

This site contains links to these domains. Also see Links.

Domain
bay789.life
hot789.club

Subject Issuer	Validity	Valid
bay789a.win GTS CA 1P5	`2024-02-06` - `2024-05-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
web1s.com E1	`2023-12-21` - `2024-03-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
bay789.vin E1	`2024-01-02` - `2024-04-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bay789a.win/
Frame ID: 6B481E955414C8B1F8EE463F85D1622F
Requests: 67 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bay789 - Cổng game game Bay789 - Link tải app chính chủ , uy tín

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

66
Requests

100 %
HTTPS

100 %
IPv6

9
Domains

9
Subdomains

10
IPs

2
Countries

3390 kB
Transfer

4761 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://bay789.life/
Title: BAY789

Search URL Search Domain Scan URL

URL: https://hot789.club/
Title: Hot789

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bay789a.win/ 24 KB
6 KB 380ms
337ms Document
text/html 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bay789a.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 398a4461cee2763d1bac62fa97d953594d4d065a57f0c32ccc16b1cbca30c199

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85592a4dfde59bd4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 14 Feb 2024 23:42:02 GMT
last-modified: Wed, 14 Feb 2024 07:44:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XP1HXdMBkYwMpUXBHKUli5i9AxtZlOQ0xucPjOyXVSzHAL7%2BcqI14vBnaq%2FxVLgx1%2B7IFBtcHXkP83ozvXlBMAhleKg6US4S8F%2F%2FaxTtGvtv%2FuQDoSe01ZxPvVEJAK6mCAZHKxoS1aB33w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
bay789a.win/vendor/bootstrap/css/ 150 KB
24 KB 580ms
579ms Stylesheet
text/css 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bay789a.win/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Feb 2023 02:46:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2565e-5f44f8009614d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8ihYkiBtpbsncbhVZUFVID5QI%2FdrM8LpuC1Pxp%2Fxv15HLJbfLvYNAZ%2FAfI8C2TZDPsxub2fnrqeWO9jP68qRyhDZM46thwXsDpvOhiNHr54s6bGO7jMNh2bPVaxxry6o94j5CK%2BA9%2BaeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85592a501f9f9bd4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.min.css
bay789a.win/vendor/fontawesome-free/css/ 55 KB
12 KB 374ms
373ms Stylesheet
text/css 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e359ca2cfecefabc098bd34b95d19106e586c6c5b34d537ebc66da5159e2bcc5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Feb 2023 02:46:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"da63-5f44f800342ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ywum8kTkGTEDPfaOpxaV%2F4lZzM0E2JcH6Xr%2FVQ8YNQ4gx%2BmAG1RXtzVncdNanrxswsfXWv21aRNePn8QChayayH3lb%2BZE8PWAxk7zcu%2F2F0CKJOEoXs%2FvzJQLAxNsP%2FdlVIcR39OcTHyTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85592a501fa09bd4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
bay789a.win/build/ 37 KB
8 KB 361ms
361ms Stylesheet
text/css 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bay789a.win/build/style.min.css?v=0.01
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 318d50ff136541bfbef15b504d7156561b5030aeda857d7d9dfc06e365c22c5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 11 Feb 2024 15:57:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"930e-6111d38aef61a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwW3YKrPCKkcCI9gCrQncD3kX%2BBUYF5%2B286sZUhvPAw%2B7VfuVxKTLhr2IT2acn2Y4twG9aE46TQ7jJIo4t7MfsM1194tipHNvukSFfC%2Fo890jPjU2dg4b7LHVz8wLBgFqt8xuoOkyNN8QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85592a501fa29bd4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: bay789a.win
URL: https://bay789a.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d1366169a5911b46848e8e9a44be326ccf46950c96be143a42145a17247aee06

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 14 Feb 2024 23:42:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
92 KB 46ms
24ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VRM7WDM4CZ

Requested by

Host: bay789a.win
URL: https://bay789a.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4ef7078c7f35e261fdf0c3f2c6566716c0e8accf434b5c1350ebf6492e6e870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93891
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 23:42:02 GMT

GET
H2 200 logo-lazy.png
bay789a.win/images/ 122 B
414 B 378ms
378ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/logo-lazy.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e417252f34467d4334e13f4158555ff57b466e1eabab452746f88e374b462af5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:02 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7a-6082129b11deb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kja%2FlhQ2pi2sHENnpoC515RG2Nfolid1whMP1jV1AKlJKA8jedfEF1wtMi9eL445MMhG61J2bh9lOdKaVXiO6iyjFoevOw4Pt0P0FI8GKgDj7LXktf15x075szaefShWB43kulZoSk3Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a501fa49bd4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 122

GET
H2 200 ico_cursor-lazy.png
bay789a.win/images/ 97 B
454 B 340ms
339ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/ico_cursor-lazy.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff3b67f12a6015e185e27ad6e1482460671027204f3a66d3161fe59826495bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:02 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61-6082129a89271"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gR%2BmgYi3L2nzgvq%2BMS%2BoOKEciMoIWvwm8TLRkQKLwE3zl0oiOTl%2FlnyW%2B2NBSgX9YJTfo7UKiGDR%2BEtKjm75zZnY%2F59bQItcnXeWver1t3StDfqg0cPuJESqKl4N7id7Mg7HJAmUkdW3aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a501fa59bd4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 97

GET
H3 200 btn-lazy.png
bay789a.win/images/ 111 B
607 B 341ms
341ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/btn-lazy.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a631803f69fb9e85c0f402fac198111a226a1ae979a23317772414a18dffbcf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:02 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6f-603386e21d6e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKtFcpbWxNI%2Bf2bQfMyw3ojHV0nVhrsD6B0Ynr6bcZeXf5QIfi7yyVF1jzpHeuzu0gCWHjJM%2FlP7qFJA0gCut9RDVGeIgmfSSJTFOJiWb%2FhMNnAhHRSXwyMyCJUi0BUS7kadniKJMfS8hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a52397a91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 111

GET
H3 200 btn-dl-lazy.png
bay789a.win/images/ 116 B
575 B 338ms
338ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/btn-dl-lazy.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfc09df391637a4b5ef7a097e843756be49d84cb56940f1f7ab9789043e32fb3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:02 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "74-603386e2e7556"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChsJ2Rm9kTDpFcmwK22MP5pB2f2KqgGf27DtEsDGLNrPqb1tSpNTxzZFfm%2B%2Brkd52Yln969GNOsPbRLvIrVmj7FRhkIilKupT4Qnftpu0Q9WizJlXp1HJW0zdN2SwreUKe6%2FQXhnhWhGmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5279a591d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 116

GET
H3 200 ic-tele2.png
bay789a.win/images/ 22 KB
22 KB 540ms
539ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/ic-tele2.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "563f-6082129a6bdb3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5q1atc06cGh0vVdmehq6gJZ7vfEsl%2Bz00qufKniFKLSOcjd5Y5dmB2CVv7nQXeQ7NTtswJ%2BaKcE18JP%2B1VW1SSM5LoVu1uVrM6AI9E4kpKEakNzwgSs6O5QPb5F3pNtSfUjP6YTCb2Tp%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a53ba9091d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22079

GET
H3 200 ic-fb.png
bay789a.win/images/ 22 KB
22 KB 532ms
530ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/ic-fb.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "57bb-6082129a5cb83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2uIUv2JSJz1kr%2Fjf8VD6T6GPMtfY4rrnPCdybCfXz%2FCV%2FZcd24kgM53spxVe33j604%2FHsr9gbCBWQl%2BHX7FGknmoVnNrqeS%2F1P9m7orgUcbKm9m18aEz6%2FbE8S%2FDtwV4YLqDl3vYPXkkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a53ba9191d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22459

GET
H2 200 site-d-v3.js Show response
web1s.com/ 9 KB
3 KB 62ms
18ms Script
application/javascript 2606:4700:20::681a:ba3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web1s.com/site-d-v3.js?id=7YiQMzv2YZ

Requested by

Host: bay789a.win
URL: https://bay789a.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ba3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856fa9abc6125f5c6f0719c455be4153ea7e833da54405d54c3e4cde6458f8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 214411
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Dec 2023 08:44:03 GMT
server: cloudflare
etag: W/"658e86d3-229f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QCWJb19oqmsLKarynr7wb6JjbboMoD8IvHVo1uUImjtuyJ7YXuR%2FXqsMmepdAJn1g1%2FmwvNKST2ukXhkD%2Bg2JjbrmwulvA2809IVlDSmVeXpisqICjwOMk8UsxI%2BmtWB%2FzO8VOIGg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 85592a5408014d8a-FRA
expires: Tue, 11 Feb 2025 12:08:31 GMT

GET
H3 200 title-thank-lazy.png
bay789a.win/images/ 101 B
566 B 396ms
394ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/title-thank-lazy.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34070a4dcb37f5af80ee075a46198ce98021c2d701bdb85df9865dc91ffa628c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65-6082129b5b5af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZ8n4QMhnbU3DB3avybThex8PjKHUWGlyS3rdunXlVXFpbeNOUmLIqP6AHqSQoDvZmMs%2FsjicFORsN%2B4sB3oMC0YaSD5PuXs9THgEMgH%2BxE35jH%2BN8LwXIiKe6VP2%2FYv015S%2FEVvW2yirg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a53ba9291d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 101

GET
H3 200 lable-thank-lazy.png
bay789a.win/images/ 99 B
560 B 331ms
330ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/lable-thank-lazy.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 487baef74423b686b7e758257b8559065e560ea8d62fde1ee58553f5afb05f01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63-6082129aca94e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjZkcMeC%2FKYs%2B7AmYDrgMUa4menXuNfP7sbpfJEAmkUqsZaPDgOoZT8ezwKSWGobFLqKWisDMDan5i%2B6mpzK6P5qzE1VLQM4UX%2BfTursZdPovQtxY9Hvicmbxl9wwZsWhrT0QtEJ4KQ3OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a53ba9391d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 99

GET
H3 200 dacotaikhoan-lazy.png
bay789a.win/images/ 103 B
564 B 364ms
363ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/dacotaikhoan-lazy.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea48692d33c6e8a28bddd92f3f2bf271dfe4ba3b2bd9e1121ba4cc3723654074

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "67-6082129a300ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mK7jNr681hZy69DZ%2BxCefWJRLYiiJNn80lyNrZHuOs2uTdCBvrsPMQ5JxrTUsdSqW9rBBW0oqLJSJT%2B1CPwZLDJ0qjafmbBbQlMVmAWqp7HO3wkWJ1UOhQECKVOF2BCii%2FvIhqRbHk7eIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a53ba9491d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 103

GET
H3 200 adv-lazy.png
bay789a.win/images/ 116 B
581 B 353ms
352ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/adv-lazy.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa289f775f06f2466ab2cc95715d3757a6acaf67c4b049f46a4256d5c77e6368

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "74-60821297d0a0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FuojVD27LoX%2B1b5aM2wBEIkHRLcllVdOVU36xf5ozd77KV9I4fnluxvegrCcNdTkEZzF6CYay9LPSH%2BMwksE%2BkNCB6YmVXDksxiUTlHFcAshS2n8%2B%2BMsNVvFuiOCwz5lzWf8HvIJyRUyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a53ba9591d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 116

GET
H3 200 loading.gif
bay789a.win/images/ 2 KB
2 KB 386ms
385ms Image
image/gif 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/loading.gif
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663-6082129af8b94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rv10EuwloB9%2BUZZLythB%2Bs49o82liVC9XbpARGOJ65UjEDzemfmg4d4iBBp41Zbwr05vOCG6yT%2F67Zrk0Qbavzr8ugd8vDd3J4IhPfbLovEYgRONBXEu79gfzxmWj2Sm%2BcYlK2tiG67kWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a53ba9691d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1635

GET
H3 200 banner-lazy.png
bay789a.win/images/ 131 B
587 B 365ms
364ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/banner-lazy.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efea4213d809acd738959d8f2a0ef9b79904f346c4ea2939588f4720d36995a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 20:32:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "83-603386e1c0a8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjlO7EUAV9A0X1ARfss66uxYjtO6q1w4MexHXvLKO78GcG4xtbPNgxKspWQb1CBpgeDqKX9d7l3imubAarcXdbcpr%2BULKLT9oSe7saWj2t2eBmNkGOsSZsbMsDcfVdJmRnvHf1%2FUppnViQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a53ba9791d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 131

GET
H3 200 taigame.png
bay789a.win/images/ 20 KB
21 KB 549ms
548ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/taigame.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "50eb-6082129b461d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A72iZaxjDj%2FwkNklDRXoWerek6iUKaMG92sRidPHiglD7g45RHLG3P8haxVJoqTKTj0Rt%2BAc9PfFhIlUSdYX%2FtZD8VSOhyt%2Fpy9DY8OeyCRfWE3%2BhOQrFSMpjb3GNw5R3J9%2B16deKSb1rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a53ba9891d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20715

GET
H3 200 icon-close-modal.png
bay789a.win/images/ 778 B
1 KB 343ms
343ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/icon-close-modal.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 207690f1446160c8b7bc552b2b2ec87e5e93db3dcb280d2d72cb23cda8237f4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "30a-6082129ab595f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJYHhSTyc2%2BysPkHp2weEFy4TvTJnfsSrV9SNbn9lTKvIhXLxDj%2BLR5RpypKaPJpueYS0TB4k7bvDeeiiD45D%2FT9U8bsOR10nxmXZXbj23EFMlhYzzz1PYptXKlq9VXboHosYDXVky3IHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a53ba9a91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 778

GET
H3 200 app.min.js Show response
bay789a.win/build/ 462 KB
106 KB 907ms
906ms Script
application/javascript 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bay789a.win/build/app.min.js?code=2.0.8
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3deace57e96be5167849d1a6cd9af8d7f8308e7a572896166f13b84cdc611da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 01 Jun 2023 16:21:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7363c-5fd13d34a5823"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z928JSQTQD3u7NbDjNaM4ef%2FXczX1Rm3EVjp8HiWDptFeR5NGez1tgkWugIXSnwKojks%2FBPKps89mFBZnMsA%2BA%2FbBdB6bINDH15WGOAlxxtlXdXWnsxWYNj05Yrpj0QRkYkkZzu%2F8Li2Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85592a53ba8f91d8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bay789a.win
URL: https://bay789a.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Feb 2024 23:42:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: Nstp9cACBuTkg9DgYSIKmQ+lfCrLEoF+MU89JsCcyts3JHPZ7bNUw4s7k8pqtCA+8T26j/Z4lsLwmxk9o5sIHw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 bg.jpg
bay789a.win/images/ 273 KB
274 KB 701ms
701ms Image
image/jpeg 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/bg.jpg
Requested by: Host: bay789a.win
URL: https://bay789a.win/build/style.min.css?v=0.01
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d4c2d9267790ec5d7dec9abff6cadd80a62c703939e750c238eaee42b24d061

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bay789a.win/build/style.min.css?v=0.01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "44505-6082129927e2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2B6u8W3V1y8vKdJouZ%2Byh8eEByCKp1ML%2FY%2FnBtwLQYNxftYHE71bre8KbMeymU%2FVkNDZi%2FbilSidPQs6%2FI%2BRKB5qUD1a%2FEYBRZFPPM%2BrQN6oG4snOCLVQJFYvoPN2yxXmYYBUS6SXMJ9WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a53ba9b91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 279813

GET
H3 200 Montserrat-Regular.ttf
bay789a.win/fonts/ 240 KB
102 KB 1016ms
1015ms Font
application/font-sfnt 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bay789a.win/fonts/Montserrat-Regular.ttf
Requested by: Host: bay789a.win
URL: https://bay789a.win/build/style.min.css?v=0.01
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525

Request headers

Referer: https://bay789a.win/build/style.min.css?v=0.01
Origin: https://bay789a.win
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Feb 2023 02:46:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3bfcc-5f44f7fd4824f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCHpIuSqsy%2Ff%2ByajLbKdXN7fL3Py9NZYaj97yoFtWNgWKk1jVDARhoQ7n%2BF3xj13TfMruKx4kh%2B1uBp9%2FHhIEf62h%2B29Et0Jx64szpEUnwFf57h6BvT4UlpP625PTOn8jAPJ55lrUx792Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
cache-control: max-age=14400
cf-ray: 85592a53ba9c91d8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ 492 KB
197 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f73b574d1f2ea3ca1551ec864077fa60535b48e64a20f39930d5bab098181f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://bay789a.win
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201084
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 03:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 08:49:41 GMT

GET
H2 200 1867070730413868 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1867070730413868?v=2.9.147&r=stable&domain=bay789a.win&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf02dd6d277e590ee1fbaa4d4130855266ffe451553d2e7f1d8744dc918bedbc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Feb 2024 23:42:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: ulEKjsSD1qJcKfTMoX6P4oXZT2NUro/1hiM9jiH6qbeRLawbJBu7Ea11NFriQyyxBlhnW91L26NIeItT+WAaCw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 icon-x64.png
web1s.com/ 2 KB
3 KB 20ms
20ms Image
image/png 2606:4700:20::681a:ba3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web1s.com/icon-x64.png

Requested by

Host: bay789a.win
URL: https://bay789a.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ba3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

332438758fba3596e0984e46fe72ba7837b731530a477d78344e2bbf258ace71

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:02 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3098101
content-length: 2279
x-xss-protection: 1; mode=block
last-modified: Fri, 25 Aug 2023 03:50:12 GMT
server: cloudflare
etag: "64e824f4-8e7"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeBxRAM6Gq8%2BZKFYiNQJ93zFYZzRs2TKJs6OL2t%2BGiEdpSHEEoZgeOca1hsdKvXZ%2FI38sLXG%2B1EVe5tXenZpFAzuSv62lR%2FZdMVBziCU16HGZstZIgtV6%2F7gIykVie26R%2ByQW2PFaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85592a5428194d8a-FRA
expires: Thu, 09 Jan 2025 03:07:01 GMT

GET
H3 200 bg-notifications.png
bay789a.win/images/ 2 KB
3 KB 354ms
354ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/bg-notifications.png
Requested by: Host: bay789a.win
URL: https://bay789a.win/build/style.min.css?v=0.01
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1df49bced34914555fda7f71515665bc08d5b2e0fd77f4f54bf23e9999d0a264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bay789a.win/build/style.min.css?v=0.01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "952-60821298dd2de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daDnt8nt8Az96sMA0%2BY9DkdFBVdAIt4MLdmaso%2FK%2BA%2Bf0PueYiBlHzVYJgmYsHuNbC9gKK5vmju0SDYhJbnWnR6tSKFUQtUm%2BNh8Q5y7Ag8Lh8l6tI4qgLTRryC8g5Til5djTWNiXkEzyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a542add91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2386

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 35ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VRM7WDM4CZ&gtm=45je42c0v9102164222za200&_p=1707954122835&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1236216225.1707954123&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707954122&sct=1&seg=0&dl=https%3A%2F%2Fbay789a.win%2F&dt=Bay789%20-%20C%E1%BB%95ng%20game%20game%20Bay789%20-%20Link%20t%E1%BA%A3i%20app%20ch%C3%ADnh%20ch%E1%BB%A7%20%2C%20uy%20t%C3%ADn&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1076
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRM7WDM4CZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 23:42:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bay789a.win
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 26ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1867070730413868&ev=PageView&dl=https%3A%2F%2Fbay789a.win%2F&rl=&if=false&ts=1707954122972&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1707954122972.2024664743&ler=empty&cdl=API_unavailable&it=1707954122895&coo=false&exp=e1&rqm=GET

Requested by

Host: bay789a.win
URL: https://bay789a.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Feb 2024 23:42:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id Show response
api.bay789.vin/ 7 KB
7 KB 622ms
535ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bay789.vin/id?command=getCaptcha&sessionId=
Requested by: Host: bay789a.win
URL: https://bay789a.win/build/app.min.js?code=2.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65cf4e1768e2a9641f439ae83f06b4e0acc8ad7adac96ff322aaa5312f71fe89

Request headers

Accept: */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQShYq6sEYTvJM8NJeuv7ywJ30T5JSMoldHtBjWQQ%2FCj9BzyxzB%2FwEEGF7ciyTOYJCEV%2BX0Wm8PLOZNWgUQIjvWFiprl9I4qQtN%2FCDsdDrkuyDnSqK9M7%2F5J4x3Re4BkpjmU7N8LpTWonHxrbg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 85592a5a29c36df9-MUC
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.png
bay789a.win/images/ 129 KB
129 KB 705ms
704ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/logo.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082b42d66ad184fbef6843e86f9a8c0734289798ecb6cbfbc84213390fcba7ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "20234-6082129b2cb9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQmKKs43K6sueQC2wCKYG77XmOWHF%2BysLjo83siH%2FH1u8giBoAt9oJQO2vwUTClI4aRmQJfR5fT8UEftO2bPsPVYIiPthOQubrw%2FdvjlYY%2B1tXa3ubeQSk7b1kvxVNN29PC5vza1cFKuWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59af8691d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 131636

GET
H3 200 btn-dangky.png
bay789a.win/images/ 7 KB
8 KB 397ms
395ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/btn-dangky.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45af05120053dbf111aad377fe0406bbdb06430ce46839b9fed78dfff92e0905

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1d86-603386e3032a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FK%2F1a8PBsgAEdzX6hTsiD4khZYsG15DaX449dwKg2XUQmmNy7z3qKWOidA3jRTzK7SIRhQ68Y0QAywM%2BXqyCSIVynrTuGxJGaRPWE17hmSIuu7FpRa4lgEc6ayi4Sg%2Bh6FMJWf0oduNCSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59af8b91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7558

GET
H3 200 ico_cursor.png
bay789a.win/images/ 2 KB
3 KB 370ms
368ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/ico_cursor.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e86f459389a67645deabdf55ea8848448ddf09e465c485a410aaccf54c8c0f91

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "846-6082129a97cd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1d1WceOlDwAgQzhVrlfaNFd4SE14ElfVL5nZc2sPZbP71%2BlNepqVbv%2F18F5UexM1a0BicctqGdgceo7RZYE%2FvOATXjIYbUapd7OCr1rYGwmxbJjqC68nRCl%2B0BGdNErGDs%2FfSplbzmz7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59af8f91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2118

GET
H3 200 btn_quick_play.png
bay789a.win/images/ 13 KB
13 KB 333ms
331ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/btn_quick_play.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9382517db0c231c1885ae27ee85fbf5752b74fb0cdd6f1b14486616546a2ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "32cd-603386e2d9e7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQSV1U7mV%2F6JpTBb4Zj8pobJJ3NMg%2F30%2FwEERaqrPAV1mDqD0Pskn4bmOMQYFBqJV9uwa74FSbPKjUdi7NBVrNNzYopVdMqS6CaZF3JW212Dg%2B6eesMjQZoDqXQcPEcsnswZJO4gAxhQ%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59af9191d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13005

GET
H3 200 ic-tele2.png
bay789a.win/images/ 22 KB
22 KB 538ms
536ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/ic-tele2.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "563f-6082129a6bdb3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRebjtAztdlQEdelDG%2FkguUqJLA5kZx7uY19XepLeEWwcyDOyBUfZy6qK%2B04Pl2ZSOMwXSTYhIRHqTI9ajONmHTp50qoMYDV4MzfthEHz3DGH4x%2BxIQZKvK%2FHZKsMvGglL2CvcHBagngxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59af9491d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22079

GET
H3 200 ic-fb.png
bay789a.win/images/ 22 KB
22 KB 487ms
486ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/ic-fb.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "57bb-6082129a5cb83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmzLtnRokL9wbChh5adDvOf%2FEsEuvpVHtM5Og7lsuCg%2FPy9pbRUsGnij2aUz3Zvd8RiTXkoKAeQd7WRzwqrpWMNN3GBDitxEU%2Fc49%2FADGj9aS7JVhjBk5Tflbz24wKL9L7cZU3F1EAOLHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59af9691d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22459

GET
H3 200 title-thank.png
bay789a.win/images/ 4 KB
4 KB 362ms
361ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/title-thank.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d3b34302ef4c78b6b5dda32237f9974f535231627f36e3cbc5f49f81091797c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ece-6082129b7153e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSp6LozxqbRtqeADt8059Fz5Dei93TXsICK7gVZAgmhFR4dVIheoT%2FKIT4KxtMaFFz7KFZ%2B%2B3xX4i%2FfJhtp%2BfRlpEncn6CBG%2BV4pZPQ37o%2BX%2Fg%2FR5hJE8kFBj0QNxeyMoLeu4AzOEe2hvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59af9891d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3790

GET
H3 200 lable-thank.png
bay789a.win/images/ 3 KB
4 KB 363ms
362ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/lable-thank.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed80f76d7037c310d337042c71c3d74824b732656dde704377f712a9fdd2cedf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d30-6082129ae2c05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMZ2KCWow5inZ2D058isqYNUfSrnPzRKZkPXVhkloZmvVdfIPiFmhFUoHsTJYK69mrCFodsSkq9AJKI0%2Bk%2FlUPG76wmkOej%2FwicZoOeAIlq9vxNfA45wRvEQf%2BTpoxeEhYHS9yK4Tc476A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59af9a91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3376

GET
H3 200 dacotaikhoan.png
bay789a.win/images/ 1 KB
1 KB 395ms
394ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/dacotaikhoan.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e09d29a76bddc43a334e00ff41e7d1b083e3dd5ff82d9d8d3fb4166250a4943

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "419-6082129a3eb0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzp12%2Bb%2F%2BYfULA1Ugcu%2BTue5I4lKmWwOsdMqwuTukJXAMLPJKUHUxuo0URjjZthCzZd85Zje6iGssm0GxmrHOFVXc5%2B8G67P1VoccH7E7mfP4PD46Ksh9rhow%2BzgbKmpNtR9Q7kdhbbMsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59af9c91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1049

GET
H3 200 adv.png
bay789a.win/images/ 24 KB
25 KB 533ms
532ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/adv.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75cc1d00a6a9bfc6e77a8954eda2dbfa884ff36a1648ea6e15acd7fa579f37e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "615e-608212988394a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pl7KsTj6pgfoFVSe7d5xYvVKui7sjQTadGxAatHTQdHucZ9k34dBrUo1QKMA6cj37LL2ZZNY%2BQyqaaFFudWjaDu0lVr2CAFLkuorsf4UtjJanTyTwsUcXug73RBKAGrwTYxu2nsOKhf3ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59af9e91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24926

GET
H3 200 btn-android.png
bay789a.win/images/ 46 KB
46 KB 649ms
648ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/btn-android.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de92cf3a7a02e084c9616644ca77ec4ab0da4a9407eb2a262deff43b9258d279

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b641-603386e2787eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jymCixVoLdJK2SuCSgeAAPzA%2FGXSZ%2B0RUAzrxMCcexg6%2BvsGz6I0uYd2vMGnxQolE6SyT%2FRoRecwRPo2fh3BCciMJbn5ojgxdj78cGR1eolM0z82ijgLokzH%2Bbhkf6hRz%2BoYGXuw7Pc4nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59afa091d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 46657

GET
H3 200 btn-chPlay.png
bay789a.win/images/ 46 KB
47 KB 709ms
707ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/btn-chPlay.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f5636bfd9fa8a2928b34d0fbbcec86f067df0398529a2474525e4894ebab15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 20:32:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b9d9-603386e1f7d59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2e72EbEShOX5Ur10pxEwYpx6r4Hr0bFm%2FzVRmNT0990XZc06kVgANPuur5FwcS0TYi%2FLiF8VShToonHkZ5%2BS1vvwckfnJ5o2IKP46hDkzAiQjq3XgGrmj2eP6weOLsyZECLDMiCrDqejA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59afa291d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 47577

GET
H3 200 btn-ios-appstore.png
bay789a.win/images/ 59 KB
59 KB 696ms
695ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/btn-ios-appstore.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c19f0353dc8c20a6efa26545b5445724c2228a2c784826f39d18cae91b2112

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 20:32:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "eab5-603386e1f7d59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCTU1mWKjJo%2F0BSGsW7%2FdxvVbyjB9YKWFTfCqnq9sWs0K%2BNP8dXhvD21PccRIzI5gPpDwKUw7A2jYYjw9GPGXiV2cv9TyncEYapuX6hPYBoSyzenkyTWgRkA%2B8mAXUnib%2B71Jnb4q%2Fvs1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59afa491d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 60085

GET
H3 200 btn-signApp.png
bay789a.win/images/ 59 KB
59 KB 641ms
640ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/btn-signApp.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c559698c4462e40e896c80d2792e945414e1e4055bfaf8dfc2a9639de51a0bdb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "eaec-603386e2d9a97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvV9ny1Ok2SEPR%2F%2FFg9g4bNYyY%2BhYabfgqMOm8%2F5%2B8r7RHW64bByGeblF0ifL%2FGvoeAbroEx3uOCrzyRbaJcdBMFtQzv3cDPe8qeTDOtAJ47zdQjRorsXkahRz2woAfCp1nV0PXz%2FNV6fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59afa691d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 60140

GET
H3 200 banner1.png
bay789a.win/images/ 291 KB
291 KB 678ms
678ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/banner1.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbd7e08d911b0d4bae88b6c8ba47c538617781c3aded9e3d68da8715b8fc0589

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "48b02-603386e268234"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4CvXAMpu%2BQQpu58X3du%2BBlphepHpN3xqlZdtfDxS9mAno02Fuppj9netuowsvFdinxo7uRWh%2FtsK%2FUPVVl%2BD63X1Ifgiu0Wzw5pEudp2SwOCsEqPS3VVrfa1iArGT%2BwIpOKhFJmWRfUMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59afa891d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 297730

GET
H3 200 banner2.png
bay789a.win/images/ 248 KB
249 KB 761ms
760ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/banner2.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e25f22f7cb282f43f48560881bc5c24f6fbb04cb0bb5f7070e8165d09e8e458e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3e18c-603386e259bbd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTGkKnxQc9DzxmEIAOI6WLIyx5RVHh%2Fu%2Fa1BUJfMo6LSZl4w7hrbIzfoD7VkuXwEVK%2F2vKO1RILanA5TmM7J%2FnjY3fN8etLQdoXXUswCFSA2TPvlm7lfgk1wf%2BlMCCzImTbbrnxGp%2FK7tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59afa991d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 254348

GET
H3 200 banner3.png
bay789a.win/images/ 206 KB
207 KB 717ms
716ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/banner3.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a52a15b1a645a1c8e7df326b002ff09b51232a39551e4e1f4fce853325dbf33c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3394b-603386e25e20d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8JNUaKDVqgWMoD8jA2IUVXZFH7UmVr231%2FFzkYuxJBebPrFwBGPY%2BgXrLQLbD2zdihSIKxzxXmOYTi3R3gn325Fcrlp%2BOclveOmvYnEtJGdlKgRlGyv1gXWWFM7R%2FsObTtBSvADzwyV7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59afab91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 211275

GET
H3 200 taigame.png
bay789a.win/images/ 20 KB
21 KB 575ms
575ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/taigame.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "50eb-6082129b461d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUC30sa5G1DgDaRE213jpcOihTIZ%2BJeKg6ePvat%2Fjtj2bj4yXP1THuaET6kOpKZskJIW1abZvLvRSs%2B%2FMDpm0XMflLlRePNkHell4pSmY8kMANnX1gGiqh5sShq6btbkay2qRxlJ%2BsWOBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a59afae91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20715

GET
H3 200 fa-regular-400.woff
bay789a.win/vendor/fontawesome-free/webfonts/ 13 KB
14 KB 178ms
177ms Font
application/font-woff 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bay789a.win/vendor/fontawesome-free/webfonts/fa-regular-400.woff
Requested by: Host: bay789a.win
URL: https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

Referer: https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Origin: https://bay789a.win
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Feb 2023 02:46:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"350c-5f44f800e3f61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UP6Y0hVXy36nNXivDNje2PhKot1mPrb6Ai4PaKIDBGJdsFuFTuv5dYjznbQhCTg8jP0ykFe2iEQmf6HtXsdEjUslZudDEzK0cZ57WppaDPEu213AAFgfQBXEeU1bdRyfc3%2FjISclOmzoYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 85592a59afb091d8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 dacotaikhoan.png
bay789a.win/images/ 1 KB
1 KB 13ms
13ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/dacotaikhoan.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e09d29a76bddc43a334e00ff41e7d1b083e3dd5ff82d9d8d3fb4166250a4943

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Oct 2023 07:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "419-6082129a3eb0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hL9CRE8g33%2BNN9Yw4M4fZydW3juwL0CyMV5sjbQZuFhTA2lxQchlGMqkbzzpFz4%2Bc%2FnKutZxIX%2FIY06j0XOG1jEkY2Ltgnk3yKGWU8ZvhlFJegb0pQ1%2BVcr%2B5pnyTb3A1YmFNHdVr9QStw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5c296791d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1049

GET
H3 200 btn-dangky.png
bay789a.win/images/ 7 KB
8 KB 15ms
15ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/btn-dangky.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45af05120053dbf111aad377fe0406bbdb06430ce46839b9fed78dfff92e0905

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "1d86-603386e3032a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKdNoIrxjUGbuXUy%2FAVdIUYyqmxcD3mixmIGlRj4lr7s%2B4sOuJIUAgupqxbW9%2Bet9tHa4bTzKI5YM0y9AZvMpkzvzbWvLpOSUMLzlzX3H56YejYrjciX%2BomE%2FRgE2IbUy2HmDeITWx%2Bs1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5c296891d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7558

GET
H3 200 ic-fb.png
bay789a.win/images/ 22 KB
22 KB 12ms
12ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/ic-fb.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Oct 2023 07:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "57bb-6082129a5cb83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lk5BtNKB5IqbQM0YI06M6PminGA14Pn2eJjvux9zWc41oJJnfwCqk1Pv7QrP%2F2nX%2F14VGyARdPWbtj%2FPNrOto2A8EDDF8JeB1WPx1IOlFMN%2F9erGbP5q4UezK7EMhF7ZLX240rSK1aNfbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5cb9d091d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22459

GET
H3 200 adv.png
bay789a.win/images/ 24 KB
25 KB 14ms
14ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/adv.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75cc1d00a6a9bfc6e77a8954eda2dbfa884ff36a1648ea6e15acd7fa579f37e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Oct 2023 07:53:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "615e-608212988394a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AUiQHMrDs9UJrZu5YI%2ByUd7kjM5bvoR7UI2n%2FqwvPZlxlxF0q4uhDwRJXGY%2FRh12uz%2FXKSoCMjCkdNsS8eLQwvr4VmeI6EyNK5V6nRX07aUxZPBWHrwalOMa8dta3qcGXaMGPIW%2F945Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5d0a1091d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24926

GET
H3 200 ic-tele2.png
bay789a.win/images/ 22 KB
22 KB 14ms
14ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/ic-tele2.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "563f-6082129a6bdb3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdO75BWxUgNxZ2A9XXpvrplw50uoj4F8wnSJkFhfrdewznWbVQdXj%2F88yxvZ0AaOn6BLTKWjQd8m2g960a0LMaviDt74f9dSC0JLBcKup9rtY24XCp0naLc5%2BhjzZ9sCQDE7RzvUoUccsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5d0a1491d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22079

GET
H3 200 taigame.png
bay789a.win/images/ 20 KB
21 KB 12ms
12ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/taigame.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "50eb-6082129b461d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFRXMUHlsVqgAUzR4CGOwZsGRBm5Gf7wFdYw96eUxyXvbFMchc13OK%2Bd7Dcw%2FVphWURA%2FzWNUcJe2RzowDgUTETYkvH0xkTUVOQ5AyUSuaRPVQjva%2FQ8OJhnPrb8SHPxYwml0tZPcUvVCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5d4a4791d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20715

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 731216af0390b93abb34bb0d530c2cf8dfccd40438d31ef585450a9f2456306e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 btn-signApp.png
bay789a.win/images/ 59 KB
59 KB 14ms
14ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/btn-signApp.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c559698c4462e40e896c80d2792e945414e1e4055bfaf8dfc2a9639de51a0bdb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "eaec-603386e2d9a97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNDtosdO53UBYMpOrIYSqW5NDVnSWWeNJwp3mXBLv%2F0w3vu5nBRblHyIGoonNB%2B4cbKKUQIJTzB0qj5i4S%2BRmG0C%2B331WQi58Fv%2FJll91Z%2B2zYdK6VOIU78yMjBCQSH%2BfeNS7DupAILleA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5daa8b91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 60140

GET
H3 200 btn-android.png
bay789a.win/images/ 46 KB
46 KB 20ms
20ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/btn-android.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de92cf3a7a02e084c9616644ca77ec4ab0da4a9407eb2a262deff43b9258d279

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "b641-603386e2787eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5NPk%2Ftyru6v6hJMvObFCOYHP%2FgaHJe998Wp%2FXPMtsFjjmSVTVbxn0J4v0EDhslGClprWXKkC8rGgFNYpY7x3YQ8VIWP97pfKlM43gS6KICMLnEvVDBBTukMwGjxhYWgEZMpVwne3MJ7Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5dba9691d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 46657

GET
H3 200 btn-ios-appstore.png
bay789a.win/images/ 59 KB
59 KB 13ms
13ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/btn-ios-appstore.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c19f0353dc8c20a6efa26545b5445724c2228a2c784826f39d18cae91b2112

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 20:32:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "eab5-603386e1f7d59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8ea1ZdTo1AtOqUvKfCpcv%2BjtAw7mjLo9kHNcypHVPRPOGVh4wAsMn3nx20RdjuATanZRnWGx1quU5nehbLewKQPbDpi0q%2Be%2Flx84dn5hk5Qp0MGh9E9pJKDnFblqw%2BIPusrT5bqgOe6pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5e0ad391d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 60085

GET
H3 200 btn-chPlay.png
bay789a.win/images/ 46 KB
47 KB 13ms
13ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/btn-chPlay.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f5636bfd9fa8a2928b34d0fbbcec86f067df0398529a2474525e4894ebab15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 20:32:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "b9d9-603386e1f7d59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2F%2Bd6PnWjySNyjWj3E%2FAN558V4x4wcIlu9ufNsC2SmJyTv5ZwkvNvPIpNiIfCo7McYW%2BnUz30oKWQ88yyQ8JUSqslmTWeMBGpLV6VOF5eguXqGUj2kpHZdYYD4jAVQvAv2f%2FNcoyu6p6tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5e1ae291d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 47577

GET
H3 200 logo.png
bay789a.win/images/ 129 KB
129 KB 14ms
14ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/logo.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082b42d66ad184fbef6843e86f9a8c0734289798ecb6cbfbc84213390fcba7ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Oct 2023 07:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "20234-6082129b2cb9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kcIQjb%2FwQGOzLDGj8WLvxkfzuqJ805GXRIGDhbRtHKpNqUZS5Cb90XKLg%2FzNb2goxSvOwsAmPTKZms8%2FTLKYPfQZHP7p7H8uthsUDkqZiN9ydWLAT25amGS70Kjt3lxYYen8DnXoEZlkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5f1b9791d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 131636

GET
H3 200 banner3.png
bay789a.win/images/ 206 KB
207 KB 14ms
13ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/banner3.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a52a15b1a645a1c8e7df326b002ff09b51232a39551e4e1f4fce853325dbf33c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "3394b-603386e25e20d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcRmIENlSMLhlk%2FE%2Bg%2B89OOkh0mEaXFY0NFaCjMvr0t290GhmWiHW%2F9TWrr7r5E4%2B5kj4WAIttTjRJDu6B5FwEvwHJnXqnmj9kIgpRyj66YBHHB%2B%2B2wVix%2FAe0knlYvJeXqctC5OQfxC8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5f4baf91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 211275

GET
H3 200 banner1.png
bay789a.win/images/ 291 KB
291 KB 14ms
14ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/banner1.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbd7e08d911b0d4bae88b6c8ba47c538617781c3aded9e3d68da8715b8fc0589

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "48b02-603386e268234"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1mDwE1O%2FDmymTD02pdPckbDFVHK6DV7DIeXtGU9U%2F6mKVJRJJrXnK2KfsCOvq%2Ftbgi1Fauo2Rx2LCQScPGatKRdIG3FYP2sbfp8sZZ1H3btO3NYWM3O4NKV88lsDYYNrbIVLvrVNE0Jew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a5ffc2a91d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 297730

GET
H3 200 banner2.png
bay789a.win/images/ 248 KB
249 KB 12ms
12ms Image
image/png 2606:4700:3035::ac43:af76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bay789a.win/images/banner2.png?v=2.0.7
Requested by: Host: bay789a.win
URL: https://bay789a.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:af76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e25f22f7cb282f43f48560881bc5c24f6fbb04cb0bb5f7070e8165d09e8e458e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:42:04 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 20:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "3e18c-603386e259bbd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZJ4xchgnq6vK4WQiGhqxvfWTv%2BPEWwNHccFh0e0jv2bje7kq14VvDA1vZzibdUl5ZouV1k0arXeJv%2B5AdtQ%2Fu2%2FB6eTfqnBp0BeEORhqs0g9KSvyjHJ0J9wyMixB3B47MTLXKp4oUzyRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85592a60bce991d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 254348

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VRM7WDM4CZ&gtm=45je42c0v9102164222za200&_p=1707954122835&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1236216225.1707954123&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1707954122&sct=1&seg=0&dl=https%3A%2F%2Fbay789a.win%2F&dt=Bay789%20-%20C%E1%BB%95ng%20game%20game%20Bay789%20-%20Link%20t%E1%BA%A3i%20app%20ch%C3%ADnh%20ch%E1%BB%A7%20%2C%20uy%20t%C3%ADn&en=scroll&epn.percent_scrolled=90&_et=8&tfd=6084
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRM7WDM4CZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 23:42:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bay789a.win
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bay789a.win/	1970-01-21 04:01:54	Name: _ga Value: GA1.1.1236216225.1707954123
.bay789a.win/	1970-01-21 04:01:54	Name: _ga_VRM7WDM4CZ Value: GS1.1.1707954122.1.0.1707954122.0.0.0
.bay789a.win/	1970-01-20 20:35:30	Name: _fbp Value: fb.1.1707954122972.2024664743

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/1867070730413868?v=2.9.147&r=stable&domain=bay789a.win&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bay789.vin
bay789a.win
connect.facebook.net
region1.google-analytics.com
web1s.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2001:4860:4802:34::36
2606:4700:20::681a:ba3
2606:4700:3035::ac43:af76
2a00:1450:4001:800::2004
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2003
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
082b42d66ad184fbef6843e86f9a8c0734289798ecb6cbfbc84213390fcba7ac
0d3b34302ef4c78b6b5dda32237f9974f535231627f36e3cbc5f49f81091797c
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a
1df49bced34914555fda7f71515665bc08d5b2e0fd77f4f54bf23e9999d0a264
207690f1446160c8b7bc552b2b2ec87e5e93db3dcb280d2d72cb23cda8237f4b
318d50ff136541bfbef15b504d7156561b5030aeda857d7d9dfc06e365c22c5e
332438758fba3596e0984e46fe72ba7837b731530a477d78344e2bbf258ace71
34070a4dcb37f5af80ee075a46198ce98021c2d701bdb85df9865dc91ffa628c
398a4461cee2763d1bac62fa97d953594d4d065a57f0c32ccc16b1cbca30c199
45af05120053dbf111aad377fe0406bbdb06430ce46839b9fed78dfff92e0905
487baef74423b686b7e758257b8559065e560ea8d62fde1ee58553f5afb05f01
4a631803f69fb9e85c0f402fac198111a226a1ae979a23317772414a18dffbcf
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b
5e09d29a76bddc43a334e00ff41e7d1b083e3dd5ff82d9d8d3fb4166250a4943
65cf4e1768e2a9641f439ae83f06b4e0acc8ad7adac96ff322aaa5312f71fe89
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6d4c2d9267790ec5d7dec9abff6cadd80a62c703939e750c238eaee42b24d061
731216af0390b93abb34bb0d530c2cf8dfccd40438d31ef585450a9f2456306e
75cc1d00a6a9bfc6e77a8954eda2dbfa884ff36a1648ea6e15acd7fa579f37e7
856fa9abc6125f5c6f0719c455be4153ea7e833da54405d54c3e4cde6458f8fb
91c19f0353dc8c20a6efa26545b5445724c2228a2c784826f39d18cae91b2112
991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347
a3deace57e96be5167849d1a6cd9af8d7f8308e7a572896166f13b84cdc611da
a52a15b1a645a1c8e7df326b002ff09b51232a39551e4e1f4fce853325dbf33c
aa289f775f06f2466ab2cc95715d3757a6acaf67c4b049f46a4256d5c77e6368
b4ef7078c7f35e261fdf0c3f2c6566716c0e8accf434b5c1350ebf6492e6e870
c559698c4462e40e896c80d2792e945414e1e4055bfaf8dfc2a9639de51a0bdb
c9382517db0c231c1885ae27ee85fbf5752b74fb0cdd6f1b14486616546a2ab2
c9f5636bfd9fa8a2928b34d0fbbcec86f067df0398529a2474525e4894ebab15
cf02dd6d277e590ee1fbaa4d4130855266ffe451553d2e7f1d8744dc918bedbc
d1366169a5911b46848e8e9a44be326ccf46950c96be143a42145a17247aee06
de92cf3a7a02e084c9616644ca77ec4ab0da4a9407eb2a262deff43b9258d279
dfc09df391637a4b5ef7a097e843756be49d84cb56940f1f7ab9789043e32fb3
e25f22f7cb282f43f48560881bc5c24f6fbb04cb0bb5f7070e8165d09e8e458e
e359ca2cfecefabc098bd34b95d19106e586c6c5b34d537ebc66da5159e2bcc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e417252f34467d4334e13f4158555ff57b466e1eabab452746f88e374b462af5
e86f459389a67645deabdf55ea8848448ddf09e465c485a410aaccf54c8c0f91
ea48692d33c6e8a28bddd92f3f2bf271dfe4ba3b2bd9e1121ba4cc3723654074
ed80f76d7037c310d337042c71c3d74824b732656dde704377f712a9fdd2cedf
efea4213d809acd738959d8f2a0ef9b79904f346c4ea2939588f4720d36995a8
f73b574d1f2ea3ca1551ec864077fa60535b48e64a20f39930d5bab098181f6c
fbd7e08d911b0d4bae88b6c8ba47c538617781c3aded9e3d68da8715b8fc0589
ff3b67f12a6015e185e27ad6e1482460671027204f3a66d3161fe59826495bb4

bay789a.win Open in urlscan Pro 2606:4700:3035::ac43:af76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

100 %IPv6

9 Domains

9 Subdomains

10 IPs

2 Countries

3390 kBTransfer

4761 kBSize

3 Cookies

2 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bay789a.win Open in urlscan Pro
2606:4700:3035::ac43:af76 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

100 %
IPv6

9
Domains

9
Subdomains

10
IPs

2
Countries

3390 kB
Transfer

4761 kB
Size

3
Cookies

66 HTTP transactions
1 data transactions