urlscan.io logo urlscan.io
SecurityTrails logo

bay789a.win Open in urlscan Pro
2606:4700:3032::6815:1168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wdumr.qpohytlks.cc/
Effective URL: https://bay789a.win/
Submission: On March 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 13 domains to perform 58 HTTP transactions. The main IP is 2606:4700:3032::6815:1168, located in United States and belongs to CLOUDFLARENET, US. The main domain is bay789a.win.
TLS certificate: Issued by GTS CA 1P5 on February 6th 2024. Valid for: 3 months.
This is the only time bay789a.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3032::6815:418f (United States)

ASN13335 (CLOUDFLARENET, US)
wdumr.qpohytlks.cc
1    52.21.33.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: us-ip-1.short.io
f-na.me
1    2606:4700:3031::6815:4aef (United States)

ASN13335 (CLOUDFLARENET, US)
bay789.bio
1    2606:4700:3032::6815:3d52 (United States)

ASN13335 (CLOUDFLARENET, US)
bay789.fun
46    2606:4700:3032::6815:1168 (United States)

ASN13335 (CLOUDFLARENET, US)
bay789a.win
1    2607:f8b0:4006:806::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700:20::681a:aa3 (United States)

ASN13335 (CLOUDFLARENET, US)
web1s.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700:3030::6815:1ed7 (United States)

ASN13335 (CLOUDFLARENET, US)
api.bay789.vin
Apex Domain
Subdomains		 Transfer
46 bay789a.win
bay789a.win
2 MB
3 web1s.com
web1s.com — Cisco Umbrella Rank: 384925
7 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
297 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
69 KB
2 qpohytlks.cc
wdumr.qpohytlks.cc
1 KB
1 bay789.vin
api.bay789.vin
8 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
185 B
1 gstatic.com
www.gstatic.com
195 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
93 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 bay789.fun
bay789.fun
446 B
1 bay789.bio
bay789.bio
442 B
1 f-na.me
f-na.me
59 B
58 13
Domain Requested by
46 bay789a.win bay789a.win
3 web1s.com bay789a.win
2 www.google-analytics.com www.googletagmanager.com
2 connect.facebook.net bay789a.win
connect.facebook.net
2 wdumr.qpohytlks.cc 2 redirects
1 api.bay789.vin bay789a.win
1 www.facebook.com bay789a.win
1 www.gstatic.com www.google.com
1 www.googletagmanager.com bay789a.win
1 www.google.com bay789a.win
1 bay789.fun 1 redirects
1 bay789.bio 1 redirects
1 f-na.me 1 redirects
58 13

This site contains links to these domains. Also see Links.

Domain
bay789.ink
hot789.club
Subject Issuer Validity Valid
bay789a.win
GTS CA 1P5		 2024-02-06 -
2024-05-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
web1s.com
E1		 2024-02-18 -
2024-05-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
bay789.vin
E1		 2024-03-02 -
2024-05-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bay789a.win/
Frame ID: 23AB0953FB9C8DF9AADC89BE450B791C
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bay789 - Cổng game game Bay789 - Link tải app chính chủ , uy tín

Page URL History Show full URLs

  1. http://wdumr.qpohytlks.cc/ HTTP 301
    https://wdumr.qpohytlks.cc/ HTTP 301
    https://f-na.me/X8nAdy HTTP 302
    https://bay789.bio/ HTTP 301
    https://bay789.fun/ HTTP 301
    https://bay789a.win/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

58
Requests

100 %
HTTPS

92 %
IPv6

13
Domains

13
Subdomains

10
IPs

1
Countries

2252 kB
Transfer

3634 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wdumr.qpohytlks.cc/ HTTP 301
    https://wdumr.qpohytlks.cc/ HTTP 301
    https://f-na.me/X8nAdy HTTP 302
    https://bay789.bio/ HTTP 301
    https://bay789.fun/ HTTP 301
    https://bay789a.win/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bay789a.win/
Redirect Chain
  • http://wdumr.qpohytlks.cc/
  • https://wdumr.qpohytlks.cc/
  • https://f-na.me/X8nAdy
  • https://bay789.bio/
  • https://bay789.fun/
  • https://bay789a.win/
24 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7589d52b2fde751ca5be7043d8e0e81fb8e55c1acae981b3c6e24b854ccc1b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
860bc9837a8e7d1e-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 07 Mar 2024 15:58:28 GMT
last-modified
Tue, 05 Mar 2024 12:12:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRxY%2F21038XWffuVO8W9fqTOylc8FTW527yYxf2%2F9dYGkj%2FhJ%2FNH6fRGxskrBMbsBrkKgkt5H%2F0aJZm6KtMJwrOlUZpshdtmlPG5aLFDnKxIwWE0v2%2F%2BY0p220vEJn6%2FSRPBAUCw54hcpA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
860bc98289e5c35b-EWR
date
Thu, 07 Mar 2024 15:58:28 GMT
expires
Thu, 07 Mar 2024 16:58:28 GMT
location
https://bay789a.win
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xck5B6YUUd4d1T5X2IiEIQm%2Bm30%2B9bivzxsDbt4%2FE%2B2eV4JcVAWJM71Mw3EwJXqGCDxu8DLa7bAaNYlu0LKLHHIWhKFeUP39o48iZP0Zb6FHVcnc7Le%2B%2BFZGXGx%2FOxygSeKIxuT8M%2BiF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.min.css
bay789a.win/vendor/bootstrap/css/ 		150 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Feb 2023 02:46:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2565e-5f44f8009614d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRYbBHFUVTbhETqGi%2FxcVyipSWRBwIJWJvJ7vFcnpcgEqPA3q4ynoyS3lzUyrjKa3rm%2FYx443ljGCLtxyZ%2Fv91RNMtcbfvcBCfr2bi0ACqFO7%2BrG8Vgm%2BRIjiz4REbsNuCLwyk%2BdLDOHGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
860bc986df487d1e-EWR
alt-svc
h3=":443"; ma=86400
all.min.css
bay789a.win/vendor/fontawesome-free/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e359ca2cfecefabc098bd34b95d19106e586c6c5b34d537ebc66da5159e2bcc5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Feb 2023 02:46:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"da63-5f44f800342ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykFuSeqkmhARuquXY6rRXtSGEojy7Sy4hxTEsGrbvsZorB1iyylTt2KbHV05qT5f1m8aLjyorJLgRdg9s8XReersM9%2FEUo9x%2BwK5WQr2I75R7S2daVhEc1XGiOYUFd7ZGIfvXcksd%2F%2Bmew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
860bc986df497d1e-EWR
alt-svc
h3=":443"; ma=86400
style.min.css
bay789a.win/build/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/build/style.min.css?v=0.01
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
318d50ff136541bfbef15b504d7156561b5030aeda857d7d9dfc06e365c22c5e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 11 Feb 2024 15:57:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"930e-6111d38aef61a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8x7JHITcNu%2BybNadxFy5AtAuYe7UDwAgOw5GMH8gUMocYMlwX57ZDCljeWN8C11QkGPMq0ikbUILrLkt4%2FdCkWJkttEEUB4YZv%2B9t2Tm6AxUvvQDkElUDSzFSn8XeYj8qFU8jeIXx%2BrIuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
860bc986df4b7d1e-EWR
alt-svc
h3=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
359f1bb96cec382277bd9723294f7378ecaf24dd6d356f731bafbc49ff6dcdb6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 07 Mar 2024 15:58:29 GMT
js
www.googletagmanager.com/gtag/ 		276 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VRM7WDM4CZ
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db5b3f6dcc935e8ea4bd7a17c1800a05fed69bb60328855d8708208eb693a572
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94636
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Mar 2024 15:58:29 GMT
logo-lazy.png
bay789a.win/images/ 		122 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/logo-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e417252f34467d4334e13f4158555ff57b466e1eabab452746f88e374b462af5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:29 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7a-6082129b11deb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hN1NiGoLPR0QtZQqkp3kpGk6Thlb2SZPWfI0yWHX85xlwdp0AO4yqsMrfDAJABjqd416rt2ztBuw4MUxpWdxn13DCuleJfc5zzCIPQeIWZ4hNSYleXRP6ZnXP8fyjSrLpqXAOf3M7LMXwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc986df4c7d1e-EWR
alt-svc
h3=":443"; ma=86400
content-length
122
ico_cursor-lazy.png
bay789a.win/images/ 		97 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ico_cursor-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3b67f12a6015e185e27ad6e1482460671027204f3a66d3161fe59826495bb4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:29 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61-6082129a89271"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U364S0iYMIGsTAM%2FFsXH2%2FoI6ltc3PvEQmMgJgzvarkj4%2BhWyZuw8vdeWiBiSiLB%2FzU8noNW%2BfLcPIrumNF6F%2FqMbxeydSjfE%2FYfjBP6RJf%2B5bSWKAuT54atHc3oBZoXMCory5D%2FLP3veQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc986df4e7d1e-EWR
alt-svc
h3=":443"; ma=86400
content-length
97
btn-lazy.png
bay789a.win/images/ 		111 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a631803f69fb9e85c0f402fac198111a226a1ae979a23317772414a18dffbcf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:29 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6f-603386e21d6e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQkBwpOhppaH%2FBSFBUnsG5UH3HIYTSQgMPrZf3vOTwtVEM6%2B%2Bqvj9SRmEAvXA7kQOngZ5J2irrAgx4pmI9HkyMR%2BLdpfxx7BvaRt8%2Bp8R363pr5D62sfVYEpocH44VhH8dEy5PFD0%2BlCXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98a39b47274-EWR
alt-svc
h3=":443"; ma=86400
content-length
111
btn-dl-lazy.png
bay789a.win/images/ 		116 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-dl-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc09df391637a4b5ef7a097e843756be49d84cb56940f1f7ab9789043e32fb3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:29 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"74-603386e2e7556"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gA771JEs3CaFC1E3OLq7PpbwJBQQlk1qN4yx76V0QnHIEAdFBiDlX%2FqAlCJWAnq2%2BamlAfhnI8HwJw3DsuaRMVnZAlDQbTUG9qw3ZHEjHSHxJe9H8HtNhB8XjdvSCRaQrNExXHfX7zQnkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98a39b77274-EWR
alt-svc
h3=":443"; ma=86400
content-length
116
ic-tele2.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-tele2.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"563f-6082129a6bdb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeOGUCD14oXm9JEqpdUbTjTpFfRBHPUAsHgp4o9SXCF6XtSGDC0rNk2%2BWdBJ%2FOZLUjnwaaC0p1aYYoP7x9M%2BVJ0ai8cHTTpUkNl8pBvrEm0Lmj54gW%2FYbEy2B5WfDVZMu1zp3qc%2BrPh2Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98bec4e7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
22079
ic-fb.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-fb.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"57bb-6082129a5cb83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKivyrXF2PJjObVDOAmdMzkPNtfh7IhtmHBIlfwSVuEJQnWmr6qsBBfUMPX%2FnixNE%2Fs1iYxl5pvGiMq4MyP2YFiZGwD0DC8z3hGaOyR0xOxN4twYQQLwGsngmpIZKHGXzAYmKQ1Wxnep8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98bec517274-EWR
alt-svc
h3=":443"; ma=86400
content-length
22459
site-d-v3.js
web1s.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web1s.com/site-d-v3.js?id=7YiQMzv2YZ
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856fa9abc6125f5c6f0719c455be4153ea7e833da54405d54c3e4cde6458f8fb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Fri, 29 Dec 2023 08:44:03 GMT
server
cloudflare
etag
W/"658e86d3-229f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2A%2B%2FAW7rlYTHraBc4kWDTQYXNM%2B9YmnSVWI3Q71uIXgUiW%2FyMopi3u%2FTI4Hn%2BXZZnIrkCa%2BrT2s%2BQ%2BptiQLycIxsp0wivviCSedK3mKtwKWQBpDHDuwbYvvC0HFFVGU7XeL%2BN6tLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
860bc98c6d06436e-EWR
expires
Fri, 07 Mar 2025 15:58:30 GMT
title-thank-lazy.png
bay789a.win/images/ 		101 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/title-thank-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34070a4dcb37f5af80ee075a46198ce98021c2d701bdb85df9865dc91ffa628c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65-6082129b5b5af"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8AMNgBMuJT2Oz%2Bs7m0yQSd%2FrzjIhqWBGTCcs%2BAZbmypi1%2Fa7oQeJl%2Fbo4AQhkW92K%2BtpwXE8E38H25FIVYluRKSibyQZSJ3tnYq7MxTdRXTDXaqUtWlf1E4Qb2hAo1veRMR9Nob%2FKiJNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98bec527274-EWR
alt-svc
h3=":443"; ma=86400
content-length
101
lable-thank-lazy.png
bay789a.win/images/ 		99 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/lable-thank-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
487baef74423b686b7e758257b8559065e560ea8d62fde1ee58553f5afb05f01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63-6082129aca94e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwhV6VxRSumcMN1hm29%2F9zGvehtPD6GjYAmS2n%2BFdh4WfXaMqEeEQqYdK%2Bi8V9eXdN8zEMboFqSbbhvSaeFGZxk8PoGJrsWD22VEZproJ3NVhuZ%2F5w5%2FrbVx0Xhd6O0fqKDe%2BdHqWcFWQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98bec537274-EWR
alt-svc
h3=":443"; ma=86400
content-length
99
dacotaikhoan-lazy.png
bay789a.win/images/ 		103 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/dacotaikhoan-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea48692d33c6e8a28bddd92f3f2bf271dfe4ba3b2bd9e1121ba4cc3723654074

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"67-6082129a300ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8w4BwcxJGVKNnev9zFlxBDHXJJupjB6r5JSHCYxyojA3PwyVfD3m0oW91ZgH67V%2BAaHU1C64s7mCQ6c8a9UDpCwec%2Fn0vb%2BEG0YMOU0tnW9whll8LJ5JOp56xMI9KLJ50pFZ4BDWeIpsyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98bec547274-EWR
alt-svc
h3=":443"; ma=86400
content-length
103
adv-lazy.png
bay789a.win/images/ 		116 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/adv-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa289f775f06f2466ab2cc95715d3757a6acaf67c4b049f46a4256d5c77e6368

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 20 Oct 2023 07:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"74-60821297d0a0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qj2XdCLk3XVi440zy2ULPB22FR%2BL6TtJt2MjzExkRnjwl8jOwH4e0sM7nYDGzuAhI3k0D4iqr%2F24C47CL0L%2Fan2%2BJoUatwRTv0eswXJgRxp3bcDSkhg5Lok2vI9q0r%2Bp1hH%2BfzFrMOjNRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98bec567274-EWR
alt-svc
h3=":443"; ma=86400
content-length
116
loading.gif
bay789a.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/loading.gif
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"663-6082129af8b94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kj9D3oU6EkjvGxAGe6s2Mo3FztPsjUZbYl1bRlzAqBPsKchH06M%2FmTbU2xUA5f2Y3NUNJYsp1EtI8T4uKh7RVyMAVCfMbsCTvQ9LPLOmP75lK74xyX8u8APHHKhmykvqMpvr%2FyByaHRxVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98bec587274-EWR
alt-svc
h3=":443"; ma=86400
content-length
1635
banner-lazy.png
bay789a.win/images/ 		131 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efea4213d809acd738959d8f2a0ef9b79904f346c4ea2939588f4720d36995a8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"83-603386e1c0a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBoJXXmvxTtEg6KI2lmjynqxxApTZiZm%2BIVRVbuE3efdncc2fwG6v9KRK2rky9MciB6ZfwR6dNC2V917NndM38j7UwG7dtq2d5oTxx4K4UDKxHBNSt%2FcNDEWpm1EMr6AVBlUFZ2NWJd%2Fbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98bec5b7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
131
taigame.png
bay789a.win/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/taigame.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"50eb-6082129b461d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrr1nhoJXIn5UQLB%2FJpZhnwc3qX6nc3D1bK7pEarjBur6WUhxbyUaPm1u2WRZGW9Hbp%2FQ3XF4vbPL7XdOkqwrXL6YrKBKTVKruK%2BGLWoZ6KkSdvYaXyyqySAPCGiEm5ZBasfcdX2qMUGXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98bec5c7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
20715
icon-close-modal.png
bay789a.win/images/ 		778 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/icon-close-modal.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207690f1446160c8b7bc552b2b2ec87e5e93db3dcb280d2d72cb23cda8237f4b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"30a-6082129ab595f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWXbgb0zRmLM0%2BEi2Tc226uUE3nSsbOoVxSaAJD2HnETN2Msp2CWpWv46SBhJQeQMlUzIThwAi22B%2F0lrB%2Fo893vh5sL1Um33xXB9cGHPsSEpQ7Oq26WK9u6bfKiTC33Ok0SDA8BVltWeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98bec5e7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
778
app.min.js
bay789a.win/build/ 		462 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/build/app.min.js?code=2.0.9
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3deace57e96be5167849d1a6cd9af8d7f8308e7a572896166f13b84cdc611da

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Jun 2023 16:21:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7363c-5fd13d34a5823"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9SEh6%2F3jPn%2FwO7j1M3G%2BaL1uc7VNzXZ9uyMXv8%2Bn8frhwAKRuwkbJT%2BC0urbWco4NqefzViQTGRmPiQynQKGTcXLcDx78a1MgCoX7i4Ezr%2B1MB0A2Hqd%2BjT5Wluj2hjHMCxXQDq7LEoDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
860bc98bec437274-EWR
alt-svc
h3=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		215 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Mar 2024 15:58:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57348
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
B06IyI6mh8+cyZhXOhcqb5oZ/fe4DGn8UUsqJ7uB2soQGhPT4QUnUD0xNxWVIavmg4GJKYZIDjGC0cWfIn0eJw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ico_cursor-lazy.png
bay789a.win/images/ 		97 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ico_cursor-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3b67f12a6015e185e27ad6e1482460671027204f3a66d3161fe59826495bb4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:29 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"61-6082129a89271"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SP7tRiMnDng1c%2FcqDqDjzLBQgqlxdhoiPRzVSj8UIPDr6KiCzltiu51jtjcvS12KeEpQcNnsXYlSd1K%2BvlGhETKOewzzWxiL%2FsNFQIoxjpPn7cV215hYf40o%2B3H0UouI4HvZyDSyHJEsBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98bec5f7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
97
bg.jpg
bay789a.win/images/ 		273 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/bg.jpg
Requested by
Host: bay789a.win
URL: https://bay789a.win/build/style.min.css?v=0.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4c2d9267790ec5d7dec9abff6cadd80a62c703939e750c238eaee42b24d061

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bay789a.win/build/style.min.css?v=0.01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"44505-6082129927e2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQ4bsZJnGhzPXoNFwdDcNFYzP%2FPYIkjAJDo1vIQR12beITrpBo4EsAZF%2FpfEfXUBkKbwTDZaa%2BCD6WfjwW72ILvTza0V8Nt7PrjHgJUFXU1PNt33jnzWRSoUuEUxo0Awu9HRc2yICO%2F7eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98bec617274-EWR
alt-svc
h3=":443"; ma=86400
content-length
279813
Montserrat-Regular.ttf
bay789a.win/fonts/ 		240 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/fonts/Montserrat-Regular.ttf
Requested by
Host: bay789a.win
URL: https://bay789a.win/build/style.min.css?v=0.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525

Request headers

Referer
https://bay789a.win/build/style.min.css?v=0.01
Origin
https://bay789a.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Feb 2023 02:46:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3bfcc-5f44f7fd4824f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDjEssvhTsLnaj3hw9nxuxzK%2FnAASwgv2khiCCKs3quHdZ8m6D3w2WbCFc1jld%2BOh9Hz%2B6rnjSBKAebrBOgCQrObfW88MZo0w%2F9DdUDTRCzhcPHobz7pDB%2F0Uh4KjbknvevcrJd1tmLE6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-sfnt
cache-control
max-age=14400
cf-ray
860bc98bec647274-EWR
alt-svc
h3=":443"; ma=86400
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ 		490 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://bay789a.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 17:25:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199059
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Mar 2025 17:25:07 GMT
1867070730413868
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1867070730413868?v=2.9.148&r=stable&domain=bay789a.win&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9dcb5ea28b5c325f5bd77c6a988d84282a14fe7db09ddb0ef8fc9fa89e1bb340
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Mar 2024 15:58:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
zihGEfHoo1kIj+FqzmgBmYaH0nykJtKzMAOYOrVHH3LL+auqTC6qzwWntzeIzk5kKJ9dYFnRRWf35uWSo6qMww==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VRM7WDM4CZ&gtm=45je4340v9102164222za200&_p=1709827109723&gcd=13l3l3l3l1&npa=0&dma=0&cid=232316779.1709827110&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709827109&sct=1&seg=0&dl=https%3A%2F%2Fbay789a.win%2F&dt=Bay789%20-%20C%E1%BB%95ng%20game%20game%20Bay789%20-%20Link%20t%E1%BA%A3i%20app%20ch%C3%ADnh%20ch%E1%BB%A7%20%2C%20uy%20t%C3%ADn&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2404
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRM7WDM4CZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Mar 2024 15:58:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bay789a.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1867070730413868&ev=PageView&dl=https%3A%2F%2Fbay789a.win%2F&rl=&if=false&ts=1709827110024&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709827110023.1163566631&ler=empty&cdl=API_unavailable&it=1709827109900&coo=false&rqm=GET
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 07 Mar 2024 15:58:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
icon-x64.png
web1s.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web1s.com/icon-x64.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
332438758fba3596e0984e46fe72ba7837b731530a477d78344e2bbf258ace71
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1665091
content-length
2279
x-xss-protection
1; mode=block
last-modified
Fri, 25 Aug 2023 03:50:12 GMT
server
cloudflare
etag
"64e824f4-8e7"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50hEmhZd6kmrWHychA8PUOUb%2FnTkgApPEHjyp5tiNi7Z32eBQy9rWmiR91vW0goOn4DXbRWq56%2F18jGcZShjlPtM2x5OH5cqqoBVAP%2FDl4HJwcpbZ9Mk89yi02QyQXNH53%2FUC9aZ2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
860bc98fa97c436e-EWR
expires
Sun, 16 Feb 2025 09:26:59 GMT
btn-dl-lazy.png
bay789a.win/images/ 		116 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-dl-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc09df391637a4b5ef7a097e843756be49d84cb56940f1f7ab9789043e32fb3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"74-603386e2e7556"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpBc1xtrZirbDoLOH%2FsyxCUpzMn36GqOqGcr6kjpwk6hwkN6JqPwoJhf9nLpH9VEAqugelZs6PXqOfYCPRrjBussd9CovY%2BUIYxpheAzyaxAuzkKaZZjnZi2NGgEvFGFUz%2FY0pZZfL7PXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98faa5b7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
116
ic-tele2.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-tele2.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"563f-6082129a6bdb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiX8lzZTRuq58MF8Y2PJVEiNDb8W8c1XZi%2B0OAtr9ebuW3PDIKtKeuJBnCMAf3ZtE%2BXcshnvNGTzyC49IY5XiCxCMekL84yZLIJFKJerd27pMlorjUIpBJThE9SF3zRVF8XypX%2BqCkIJ2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98faa5d7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
22079
ic-fb.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-fb.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"57bb-6082129a5cb83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbL7doQjzLzBpwfrSdi5EV7VK8qFAXEZos09eObA3rucDB7bVmQDT8Yfcij7Qq0ApFrA3fkUAGZ%2FM6jCahJ5p67u3kYLo%2B1LSY8Jl9%2FZ%2FOw8nT0Y1pQKr5rN9zEseCIxK9sqtMSg1qCvLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc98faa5f7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
22459
site-d-v3.js
web1s.com/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web1s.com/site-d-v3.js?id=7YiQMzv2YZ
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856fa9abc6125f5c6f0719c455be4153ea7e833da54405d54c3e4cde6458f8fb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Fri, 29 Dec 2023 08:44:03 GMT
server
cloudflare
etag
W/"658e86d3-229f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eVHM5eZGOokXBA%2Fx4viGM1A%2BtR4JsXUvBbSDFr8X%2BHxfSH4gYCJ1v9C5dn%2BwFKI9w8LXN5SY3KChzTwuLlERmTTNs20WTlFhNTCIGWOIx16Rs54AgwbgB3zfDIh1cIeodSUp45BbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
860bc98fa982436e-EWR
expires
Fri, 07 Mar 2025 15:58:30 GMT
banner-lazy.png
bay789a.win/images/ 		131 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efea4213d809acd738959d8f2a0ef9b79904f346c4ea2939588f4720d36995a8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"83-603386e1c0a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ren%2B7%2FKeu0A5jIIEtkVj0a8BpmF9n%2FcgQt2ylwv7U%2BdCUvqrw4gvbwRpj5h0pC%2FUJMGIQ0PkupEFbepOVnFb8nEgGS4F9pXMdHM7pc9prCOiq8QCe%2BE6IxK9SgrVuYZX%2FulAxxCEe3nd1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9903b437274-EWR
alt-svc
h3=":443"; ma=86400
content-length
131
bg-notifications.png
bay789a.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/bg-notifications.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/build/style.min.css?v=0.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df49bced34914555fda7f71515665bc08d5b2e0fd77f4f54bf23e9999d0a264

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bay789a.win/build/style.min.css?v=0.01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:30 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"952-60821298dd2de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9MVvjdUIPTV1CDXxrr4TkAHgEYz4PivZgga6BxgijbHnOVPB%2B4qzQmLJlK%2FMbbiITkPM5wVYVBmTfc6hlH744uyZ6GVEX%2Bw%2BdO12YpU51w%2BZUi7TMZoLVCk3C4Z5jOFBMXsDiQm3xLsug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9903b477274-EWR
alt-svc
h3=":443"; ma=86400
content-length
2386
id
api.bay789.vin/ 		7 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bay789.vin/id?command=getCaptcha&sessionId=
Requested by
Host: bay789a.win
URL: https://bay789a.win/build/app.min.js?code=2.0.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1ed7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8abf08dbb6c4cdbe413b6d6195140e8cd0ea4ced61a2ee8c82be8f4677e1cabc

Request headers

Accept
*/*
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifF4m419vl8lEuZ5IwGI2AH2P7Rp4XT6qQhVYTRZtK2IEr46GXm9WrlvGiPj3w%2FNEULlVbIZYbIkwWlJPueNpHqTJnAM0B5J2WUUqG%2FR5ZOHpZcbH7U8zYAByXYxeoNQ3%2FGLP1N7F3lXlEgxGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
860bc994eb9b42cc-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
alt-svc
h3=":443"; ma=86400
logo.png
bay789a.win/images/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/logo.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
082b42d66ad184fbef6843e86f9a8c0734289798ecb6cbfbc84213390fcba7ac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:32 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"20234-6082129b2cb9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XiOo7al8t5ltg%2Fer7fQvWfB6Pki%2FTOFeohGdA0EpMHAFErQ8JVNg1QAN31s6IZBY4uvRHYQX7VY9noeupaEZ3Gy6DZzRbjX9YA9KqG7pRUHu7%2BFDVpM9hsFBi7A2YnhrdH000sRAlLhHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9945a387274-EWR
alt-svc
h3=":443"; ma=86400
content-length
131636
btn-dangky.png
bay789a.win/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-dangky.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45af05120053dbf111aad377fe0406bbdb06430ce46839b9fed78dfff92e0905

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1d86-603386e3032a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONUr4xRjXH7drttG%2BqiIuQHmDE9jZVya0sUv9A6m6Z2Vvosgn70kjuRpDkq0loixYR%2F%2Fouz7v0MvoTitp3S7oUHYS1YUhH1415RNEQr1B%2Bq9htW45h4bhKpMYFSRgkQEp9GvKbeP2HTPtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a4a7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
7558
ico_cursor.png
bay789a.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ico_cursor.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e86f459389a67645deabdf55ea8848448ddf09e465c485a410aaccf54c8c0f91

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"846-6082129a97cd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQ%2BSaKF7kfGY9ucP5vtBXO1ZPQ%2BYs4NBvHkkN6%2FmqqKFokOSkZBG3cCk1RvZVdBdRxqQ5dDLe0l043Qyyz%2BxTdh8HOXWykeQONVFO4olT90RPsPufUOCZZKfu6EpYG%2FMm3Gr3CPTzFnaWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a507274-EWR
alt-svc
h3=":443"; ma=86400
content-length
2118
btn_quick_play.png
bay789a.win/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn_quick_play.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9382517db0c231c1885ae27ee85fbf5752b74fb0cdd6f1b14486616546a2ab2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"32cd-603386e2d9e7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDRQqb0rjkIUzBeLGXN2Z0394gSK5y3mF6MoVZCvlhIgbNapTeU%2F6Dt6SMDgknhRppYyy2SCuJqWrkt32f%2FLK8dY%2FELBhAoetjRLM0q4woKHZBTcWr%2FBHO%2FgV3E945Yg7AxBgnNjQwM34A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a537274-EWR
alt-svc
h3=":443"; ma=86400
content-length
13005
ic-tele2.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-tele2.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"563f-6082129a6bdb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P56OfEp7OLZNcGrj%2FRkiXvGqUEBqwm53ZTp8SSuztprYppoNfC7Rok5dNOn7pF2hXRzOKe%2FpJE2C6qRzHBnFIYIcdMl7sT2pwdSy91IRlrWrgucl29r8sQZZvRDzLENiXSeDoN2TeXV01Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a557274-EWR
alt-svc
h3=":443"; ma=86400
content-length
22079
ic-fb.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-fb.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"57bb-6082129a5cb83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuaUw%2F3FIM3pBiIfgt%2BkXwq18CosP39Us5qLUMgZ1LBxYN9GgVya%2FOHTMgbHz9%2BwWtDxF7aCBMSPlXSYUScziCGCgNnJ6ChH33xf3TBVKeTeQKgzyqie%2BLcV1voGxE5JZ55uNY37BGo5Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a587274-EWR
alt-svc
h3=":443"; ma=86400
content-length
22459
title-thank.png
bay789a.win/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/title-thank.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3b34302ef4c78b6b5dda32237f9974f535231627f36e3cbc5f49f81091797c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ece-6082129b7153e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZ1N9L38pFLTYB%2B0TDYMkabOK%2FsYoxRS2bs%2FqM1Hb4hLUaxbYGuVwhTmlPFd879LozxgeuVfivwsS95lBMLelf7nVS2jn4JG7QnE8U%2FgYfkSwhxgj9PwqfVA0dRB2xWe2nKhFvzQ4b7MvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a597274-EWR
alt-svc
h3=":443"; ma=86400
content-length
3790
lable-thank.png
bay789a.win/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/lable-thank.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed80f76d7037c310d337042c71c3d74824b732656dde704377f712a9fdd2cedf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d30-6082129ae2c05"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LODrKYDwRzZpg00s8T5G%2FwSMmjAAm5y%2F8OIknigWKsUiXmJ52HawogDqUBw4PyYHIJw%2FcumPLKRb%2BsHWfV3JxlBslvBAo6K7sYKTDfC9%2F9aWnTHyMIC9ljJWmVD3%2FxhEQkOOAXNlWIZXUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a5a7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
3376
dacotaikhoan.png
bay789a.win/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/dacotaikhoan.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e09d29a76bddc43a334e00ff41e7d1b083e3dd5ff82d9d8d3fb4166250a4943

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"419-6082129a3eb0d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFVsXFK3w6YVFkVfvlhA4qI86%2BN2hE%2BEar5T6k%2BbEhs42O8cqMRSaxTE%2FF6G7956IRhtMD8GLTBzPzSaGecGtky9Ixpt7IL8H%2B2cPvRn0osqlngINAic6Xj%2B8fbrdqF7nYIm3ozxkgaA%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a5c7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
1049
adv.png
bay789a.win/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/adv.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75cc1d00a6a9bfc6e77a8954eda2dbfa884ff36a1648ea6e15acd7fa579f37e7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 20 Oct 2023 07:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"615e-608212988394a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bl74AVh%2BUrCnIEUtgRlEX4iBYW3F5aEcMFGJdVa%2Bld7yL9nPDqmOtati0Ql4%2FTw1nv9Do4%2Bj51VB%2Bc8wKpLgSpzGXBONUis1HjJJU8cnPZx3osaLrhVrkQavPxftw0f8s%2Bw4HrPc554HKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a5e7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
24926
btn-android.png
bay789a.win/images/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-android.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de92cf3a7a02e084c9616644ca77ec4ab0da4a9407eb2a262deff43b9258d279

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:32 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b641-603386e2787eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wv6uAQMqHkLZ23phlmrp3qn%2BtoMR%2B7KW%2F0i333%2Fame02nwHYr8ReltRKvnX75plH1n5gwwUcMPNXPRFSNOED2uzZuuiVp8SmCQO5fLospwHnyMaFrOB%2FFYKjfZaKsrMoxceFkoDaMq8G4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a5f7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
46657
btn-chPlay.png
bay789a.win/images/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-chPlay.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9f5636bfd9fa8a2928b34d0fbbcec86f067df0398529a2474525e4894ebab15

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:32 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b9d9-603386e1f7d59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6s2rIUHxZ3gps%2FFEdBqlX4RgcP8Y3PCd%2BTBGkCXDjuFcbd5PQ2cHXlNXquqQ1L%2FnvK61GJ0%2FrSZaqfOdBQyp3I%2F6G4VIOFOQn4bqkBUQYuTMBwjbcBuOL0z4f42H9Eus4tUG%2BExn0pw2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a607274-EWR
alt-svc
h3=":443"; ma=86400
content-length
47577
btn-ios-appstore.png
bay789a.win/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-ios-appstore.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c19f0353dc8c20a6efa26545b5445724c2228a2c784826f39d18cae91b2112

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:32 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"eab5-603386e1f7d59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXskcxIq5OMFAJNa9qvLvozGZCVhtek7bfHziDdz3eOscXWdcXR%2BKnXUJno1Anzywvjv09U4EZtAoqEGW36TqoRgv2fHje%2FsfXBq0ZZbTs6IjZwJIPcEYVxzazW4r6A9TeDsTwVp4iymHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a627274-EWR
alt-svc
h3=":443"; ma=86400
content-length
60085
btn-signApp.png
bay789a.win/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-signApp.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c559698c4462e40e896c80d2792e945414e1e4055bfaf8dfc2a9639de51a0bdb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"eaec-603386e2d9a97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnMyEtu34A%2BlmskBDih43PML%2FqNEn8ns05u2yJIrbznI3fc%2BVCU3JFXdnQRolIz9j6zd6%2BgQfE6yZB2Gur%2BwyAfhW17lrnu0kD8eyTUEqkp3X4c8zRGKitR56KGlYY1w%2F%2Fy9n22xh4MUjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a657274-EWR
alt-svc
h3=":443"; ma=86400
content-length
60140
banner1.png
bay789a.win/images/ 		291 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner1.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd7e08d911b0d4bae88b6c8ba47c538617781c3aded9e3d68da8715b8fc0589

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:32 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"48b02-603386e268234"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2Fg2bNB09xkTqxDAyVXcYzUkK52iI1fapbRC0B5k1J2xeoSOZ8MQCovnJo6iA9FQy1Bsytq1SOvkb1PLQu9Qc1nn59npf1xiLUDk0jD5O2ren4d%2Bvec2RCgneL7CpIWP27M8mkDmTk4Svg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a677274-EWR
alt-svc
h3=":443"; ma=86400
content-length
297730
banner2.png
bay789a.win/images/ 		248 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner2.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25f22f7cb282f43f48560881bc5c24f6fbb04cb0bb5f7070e8165d09e8e458e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:32 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3e18c-603386e259bbd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSYzR4B6PojNuT04Qgl02INhciJFQEoWTSjWRHdaLGk80VM6s6CZ%2BSjCDXcQ33aLKXBt3UAdY7Yrl5gfQD5o3K3xdb0nOuVsXBeKOr5tVost%2BR5%2BzKXLv1vvFxhVH2duSbbqQDi6wpCn1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a6a7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
254348
banner3.png
bay789a.win/images/ 		206 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner3.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52a15b1a645a1c8e7df326b002ff09b51232a39551e4e1f4fce853325dbf33c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3394b-603386e25e20d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lprr2pAYsuobgVMhgYoP0X7xzNIaVOMqJ6j9JQzqyYH7FECBvLo9XCsKmJ9yQb6qxRjdPdvxlsHFZEX%2BdZrlWpmIUuC3%2BqmDBYwU2fvb%2BYICo%2BhKWpEE0SxwrA7UQrpVVosBhPQvaYrh6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a6c7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
211275
taigame.png
bay789a.win/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/taigame.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"50eb-6082129b461d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSi3UnACRO7poNrbm8wLm2ct5ve7azNw07F47Nwa3eYc6g94AtmP1Bcl%2FXRxsoHx5x7OFesAc5evaiYIgpwdQtn8yF1edLsURv00e0XhOWd88lsuaeTkpHB2FHft0Q%2BSFgtOPNm2h4FfHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
860bc9946a6e7274-EWR
alt-svc
h3=":443"; ma=86400
content-length
20715
fa-regular-400.woff
bay789a.win/vendor/fontawesome-free/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/vendor/fontawesome-free/webfonts/fa-regular-400.woff
Requested by
Host: bay789a.win
URL: https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

Referer
https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Origin
https://bay789a.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 15:58:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Feb 2023 02:46:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"350c-5f44f800e3f61"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIx6o0qAmolyocmIw2z57xhFW4ZVwwcePRjrkUjDaCV4mmhCWrmy%2FQYAOuzVNAXNQC0ZvEgsN7knyLszBMexeRNKQj%2BauDWmsv6oboewPAL0D2KTMCLEAeh7rhVuNkmsdzzqN1vzRNllnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
860bc9946a707274-EWR
alt-svc
h3=":443"; ma=86400
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fb3c5d12a8ec2370ac178483e58040001b02db7d4c493cd9bc50439cafd3a46

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/g/ 		0
46 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VRM7WDM4CZ&gtm=45je4340v9102164222za200&_p=1709827109723&gcd=13l3l3l3l1&npa=0&dma=0&cid=232316779.1709827110&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1709827109&sct=1&seg=0&dl=https%3A%2F%2Fbay789a.win%2F&dt=Bay789%20-%20C%E1%BB%95ng%20game%20game%20Bay789%20-%20Link%20t%E1%BA%A3i%20app%20ch%C3%ADnh%20ch%E1%BB%A7%20%2C%20uy%20t%C3%ADn&en=scroll&epn.percent_scrolled=90&_et=10&tfd=7418
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRM7WDM4CZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Mar 2024 15:58:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bay789a.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| fbq function| _fbq object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha boolean| isCHPlay boolean| isAppStore boolean| isApk boolean| isIpa number| isAction function| onPlayWeb function| onSupportFB function| onSupportTELE function| onDownloadAndroid function| onDownloadIos function| onDownloadSignIos function| onDownloadCHPlay string| refCode function| playWeb string| v object| iv object| key object| conf string| wg function| onRegFrmSubmit function| onLoginFrmSubmit string| aff_id string| app_id string| userAgent object| sessionId boolean| isMobile object| notifications boolean| isIPadPro boolean| autofill function| receiveMessage function| updateActions function| clearBGAutoFill function| lazyLoading function| onLogin function| onLoginFB function| onLoginFbSucceed function| onRegister function| onNotifications boolean| getRankNano number| rankTimer function| getRank function| onStoreRef function| $ function| jQuery object| bootstrap function| Fingerprint2 object| CryptoJS function| UAParser object| bay789 function| getFormData function| getCaptcha

3 Cookies

Domain/Path Name / Value
.bay789a.win/ Name: _ga
Value: GA1.1.232316779.1709827110
.bay789a.win/ Name: _ga_VRM7WDM4CZ
Value: GS1.1.1709827109.1.0.1709827109.0.0.0
.bay789a.win/ Name: _fbp
Value: fb.1.1709827110023.1163566631

1 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/1867070730413868?v=2.9.148&r=stable&domain=bay789a.win&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bay789.vin
bay789.bio
bay789.fun
bay789a.win
connect.facebook.net
f-na.me
wdumr.qpohytlks.cc
web1s.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2606:4700:20::681a:aa3
2606:4700:3030::6815:1ed7
2606:4700:3031::6815:4aef
2606:4700:3032::6815:1168
2606:4700:3032::6815:3d52
2606:4700:3032::6815:418f
2607:f8b0:4006:806::2004
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::200e
2607:f8b0:4006:820::2003
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
52.21.33.16
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
082b42d66ad184fbef6843e86f9a8c0734289798ecb6cbfbc84213390fcba7ac
0d3b34302ef4c78b6b5dda32237f9974f535231627f36e3cbc5f49f81091797c
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a
1df49bced34914555fda7f71515665bc08d5b2e0fd77f4f54bf23e9999d0a264
207690f1446160c8b7bc552b2b2ec87e5e93db3dcb280d2d72cb23cda8237f4b
318d50ff136541bfbef15b504d7156561b5030aeda857d7d9dfc06e365c22c5e
332438758fba3596e0984e46fe72ba7837b731530a477d78344e2bbf258ace71
34070a4dcb37f5af80ee075a46198ce98021c2d701bdb85df9865dc91ffa628c
359f1bb96cec382277bd9723294f7378ecaf24dd6d356f731bafbc49ff6dcdb6
45af05120053dbf111aad377fe0406bbdb06430ce46839b9fed78dfff92e0905
487baef74423b686b7e758257b8559065e560ea8d62fde1ee58553f5afb05f01
4a631803f69fb9e85c0f402fac198111a226a1ae979a23317772414a18dffbcf
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2
4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b
5e09d29a76bddc43a334e00ff41e7d1b083e3dd5ff82d9d8d3fb4166250a4943
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6d4c2d9267790ec5d7dec9abff6cadd80a62c703939e750c238eaee42b24d061
75cc1d00a6a9bfc6e77a8954eda2dbfa884ff36a1648ea6e15acd7fa579f37e7
7fb3c5d12a8ec2370ac178483e58040001b02db7d4c493cd9bc50439cafd3a46
856fa9abc6125f5c6f0719c455be4153ea7e833da54405d54c3e4cde6458f8fb
8abf08dbb6c4cdbe413b6d6195140e8cd0ea4ced61a2ee8c82be8f4677e1cabc
91c19f0353dc8c20a6efa26545b5445724c2228a2c784826f39d18cae91b2112
991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347
9dcb5ea28b5c325f5bd77c6a988d84282a14fe7db09ddb0ef8fc9fa89e1bb340
a3deace57e96be5167849d1a6cd9af8d7f8308e7a572896166f13b84cdc611da
a52a15b1a645a1c8e7df326b002ff09b51232a39551e4e1f4fce853325dbf33c
aa289f775f06f2466ab2cc95715d3757a6acaf67c4b049f46a4256d5c77e6368
b7589d52b2fde751ca5be7043d8e0e81fb8e55c1acae981b3c6e24b854ccc1b5
c559698c4462e40e896c80d2792e945414e1e4055bfaf8dfc2a9639de51a0bdb
c9382517db0c231c1885ae27ee85fbf5752b74fb0cdd6f1b14486616546a2ab2
c9f5636bfd9fa8a2928b34d0fbbcec86f067df0398529a2474525e4894ebab15
db5b3f6dcc935e8ea4bd7a17c1800a05fed69bb60328855d8708208eb693a572
de92cf3a7a02e084c9616644ca77ec4ab0da4a9407eb2a262deff43b9258d279
dfc09df391637a4b5ef7a097e843756be49d84cb56940f1f7ab9789043e32fb3
e25f22f7cb282f43f48560881bc5c24f6fbb04cb0bb5f7070e8165d09e8e458e
e359ca2cfecefabc098bd34b95d19106e586c6c5b34d537ebc66da5159e2bcc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e417252f34467d4334e13f4158555ff57b466e1eabab452746f88e374b462af5
e86f459389a67645deabdf55ea8848448ddf09e465c485a410aaccf54c8c0f91
ea48692d33c6e8a28bddd92f3f2bf271dfe4ba3b2bd9e1121ba4cc3723654074
ed80f76d7037c310d337042c71c3d74824b732656dde704377f712a9fdd2cedf
efea4213d809acd738959d8f2a0ef9b79904f346c4ea2939588f4720d36995a8
fbd7e08d911b0d4bae88b6c8ba47c538617781c3aded9e3d68da8715b8fc0589
ff3b67f12a6015e185e27ad6e1482460671027204f3a66d3161fe59826495bb4